Security+ Acronyms II - Review

Question 1

MaaS?

Answer 1

Monitoring as a Service

Question 2

MAC?

Answer 2

Mandatory Access Control
- Address control used to limit access to resources based on the sensitivity of the information that the resource contains and the authorization of the user.
- Uses labels which are made up of a security level and zero or more security categories.
- Security levels indicate a level or hierarchical clasification of the information - confidential or restricted.
- Security categories define the category or group to which the information belongs.
- If the user does not have the proper label for a piece of information, they cannot access it.

Media Access Control
- Sublayer of the Data Link Layer (DLL) in the seven-layer OSI Network reference model.
- MAC is responsible for the transmission of data packets to and from the Network-Interface Card (NIC), and to and from another remotely shared channel.

Message Authentication Code
- Authenticates the source of a message and its integrity.
- Piece of information used to authenticate a message and make sure it came from the intended sender without any unintended modifications.

Question 3

MAM?

Answer 3

Mobile Application Management

• Used to control enterprise applications and app data on end uer’s devices.
• Provides application-level control to IT admins.
• Different from MDM because MDM aims to control the entire mobile device and requires a service agent to be running on the mobile device.
• MAM instead focuses purely on Apps and their DATA.
• Functions of MAM:
  
  • Control Installation, Updating, Removal of Apps
  • Remote Wipe
  • Application Usage Monitor
  • Control User/Group Access
  • Control User Authentication

Question 4

MAN?

Answer 4

Metropolitan Area Network

• Computer Network larger than a single building.
• Think CITY

Question 5

MBR?

Answer 5

Master Boot Record

• Special type of boot sector at the very begining of partitioned storage
• Holds information about how logical partitions are organized.

Question 6

MD5?

Answer 6

Message Digest 5

• Hash function that can very easily be cracked.

Question 7

MDF?

Answer 7

Main Distribution Frame

Question 8

MDM?

Answer 8

Mobile Device Management

• Softare that allows administration of devices as a whole.
• Different from MAM because MAM focuses on specific applications while MDM focuses on controlling the entire device.

Question 9

MFA?

Answer 9

Multifactor Authentication

Question 10

MFD?

Answer 10

Multi-Function Device

• Device that incorperates the functionality of multiple other devices.

Question 11

MFP?

Answer 11

Multi-Function Printer

• A Printer that includes Fax, Scanning, Copy, etc…

Question 12

MITM?

Answer 12

Man-in-the-Middle

• Attack that interrupts a data transfer to eavesdrop.
• Also known as On-Path Attack
• Intercepts packet traffic, gets in the middle of traffic streams to listen in.

Question 13

ML?

Answer 13

Machine Learning

Question 14

MMS?

Answer 14

Multimedia Message Service

• Used to send messages that include multimedia content.

Question 15

MOA?

Answer 15

Memorandum of Agreement

• Legally-binding agreement between two parties.

Question 16

MOU?

Answer 16

Memorandum of Understanding

• Non-Legally Binding agreement.
• Used to signal willingness between parties to move forward with a contract.

Question 17

MPLS?

Answer 17

Multi-Protocol Label Switching

• Routing technique to direct data from one note to the next based on the short path labels.

Question 18

MSA?

Answer 18

Mesurement Systems Analysis

• Mathematical method of determining the amount of variation that exists within a measurement process.

Question 19

MSCHAP?

Answer 19

Microsoft Challenge Handshake

• Encrypted authentication used in a Wide Area Network (WAN)
• Authentication protocol

Question 20

MSP?

Answer 20

Managed Service Provider

Question 21

MSSP?

Answer 21

Managed Security Service Provider

Question 22

MTBF?

Answer 22

Mean Time Between Failures

• Predicted time Between Failures of a System

Question 23

MTTF?

Answer 23

Mean Time To Failure

• Used to predict when a system will fail (and can’t be repaired)

Question 24

MTTR?

Answer 24

Mean Time To Recover

• AKA - Mean Time To Restore
• Average time it takes to recover from a system failure.

Question 25

MTU?

Answer 25

Maximum Transmission Unit

• Largest packet or frame size that can be sent in a packet or frame-based Network such as the Internet.

Question 26

NAC?

Answer 26

Network Access Control

• Provides visibility, access control, and compliance
• Can define an implement strict access management controls for Networks.
• Centralized solution to end-point Security
• Uses IEEE 802.1x Standard
• Usually works with TACACS or RADIUS to verify authentication

Question 27

NAS?

Answer 27

Network Attached Storage

Question 28

NAT?

Answer 28

Network Address Translation

Question 29

NDA?

Answer 29

Non-Disclosure Agreement

Question 30

NFC?

Answer 30

Near Field Communication

• Mobile Payment
• Key Cards
• Smart Cards

Question 31

NFV?

Answer 31

Network Functions Virtualization

• Virtualizes entire classes of Network node functions into building blocks.

Question 32

NIC?

Answer 32

Network Interface Card

Question 33

NIDS?

Answer 33

Network-based Intrusion Detection System

• Detects malicious traffic on a Network
• Detects & Alerts, does not Prevent.

Question 34

NIPS?

Answer 34

Network-based Intrusion Protection System

• Detects, Alerts, and PREVENTS malicious traffic on a Network.

Question 35

NIST?

Answer 35

National Institute of Standards & Technology

Question 36

NNTP?

Answer 36

Network News Transfer Protocol

• TCP
• PORT 119
• Used to transport Usenet Articles.

Question 37

NTFS?

Answer 37

New Technology File System

• Used by Windows NT to store, organize, and find files on an HD efficiently.

Question 38

NTLM?

Answer 38

New Technology LAN Manager

• Used to authenticate user identity and protect the integrity and confidentiality of their activity.
• SSO tool
• Relies on a challenge-response protocol to confirm the user without requiring them to submit a password.
• Has known vulnerabilities and is typically only still used for legacy clients and servers.
• Replaced by Kerberos
• Relies on a three-way handshake between the client and server to authenticate a user, while Kerberos uses a two-part process that leverages a Ticket granting service or Key Distribution Center (KDC)

Question 39

NTP?

Answer 39

Network Time Protocol

• UDP Port 123
• Syncs Network Time

Question 40

OAUTH?

Answer 40

Open Authentication

• Token-based Authentication
• Lets organizations share info across third-party services without exposing their users - usernames/passwords.

Question 41

OCSP?

Answer 41

Online Certificate Status Protocol

• Used by Certification Authority (CAs) to check the revocation status of an X.509 Digital Certificate

Question 42

OID?

Answer 42

Object Identifier

• Standard for naming any object, concept, or thing.

Question 43

OS?

Answer 43

Operating System

Question 44

OSI?

Answer 44

Open Systems Interconnection

• Conceptual model.

Question 45

OSINT?

Answer 45

Open Source Intelligence

Question 46

OSPF?

Answer 46

Open Shortest Path First

• Distributes Routing information between other Routers automatically.

Question 47

OT?

Answer 47

Operational Technology

• Hardware/Software that detects or causes a change by directly monitoring and/or controlling industrial equipment, assets, processes, and events.

Question 48

OTA?

Answer 48

Over the Air

• Pushing updates for software, configuration settings, or even encryption keys, on remote devices.

Question 49

OTG?

Answer 49

On the Go

Question 50

OVAL?

Answer 50

Open Vulnerability Assessment Language

• Community standard to promote open and publicly available security content, and to standardize the transfer of this information.

Question 51

OWASP?

Answer 51

Open Web Application Security Project

Question 52

P12?

Answer 52

Public Key Cryptography Standards 12

• Archive file format for storing cryptography objects as a single file.
• Used to bundle a private key with its X.509 certificate, or to bundle the members of a chain of trust.
• Think of it as a container for X.509 public key certs, private keys, CRLs, and generic data.

Question 53

P2P?

Answer 53

Peer-to-Peer

Question 54

PaaS?

Answer 54

Platform as a Service

• Think of it as Infrastructure as a Service except you’re bringing in all that Cloud Hardware/Resources for a specific purpose, to develop something.

Question 55

PAC?

Answer 55

Proxy Auto Configuration

• Used to define how web browsers and other user agents can automatically choose the appropriate proxy server for fetching URLs.
• Contains a JavaScript function that returns a string with one or more access method specifications.

Question 56

PAM?

Answer 56

Privileged Access Management

• Safeguarding identities with special access or admin capabilities.

Pluggable Authentication Modules

• Used to separate the tasks of authentication from applications
• Apps can call PAM libraries to check permissions.

Question 57

PAP?

Answer 57

Password Authentication Protocol

• Two-way Handshake to provide the peer system with a simple method to establish its identity.

Question 58

PAT?

Answer 58

Port Address Translation

Question 59

PBKDF2?

Answer 59

Password-Based Key Derivation Function v2

• Key derivation functions with a sliding computation cost, which is used to reduce vulnerabilities of brute-force attacks.
• Applies a pseudorandom function (Like HMAC) to the input password along with a salt value, and repeats this process multiple times to produce a derived Key.
• Derived Key can then be used as a cryptographic key.

Question 60

PBX?

Answer 60

Private Branch Exchange

• Telephone system that swithces calls between users on local line
• Multiline telephone system

Question 61

PCAP?

Answer 61

Packet Capture

• Collects and Records packet data from a Network which can then be analyzed in a Packet Analyzer.

Question 62

PCI DSS?

Answer 62

Payment Card Industry Data Security Standard

• Security standards to use when accepting, processing, storing, and/or transmitting credit card information.

Question 63

PDU?

Answer 63

Power Distribution Unit

• Provides multiple electric power outputs.

Question 64

PEAP?

Answer 64

Protected Extensible Authentication Protocol

• Provides a method to transport securely authenticated data including legacy password-based protocols, via 802.11 WIFI.

Question 65

PED?

Answer 65

Personal Electronic Device

• Devices like phones, laptops, pagers, radios, tablets, etc…

Question 66

PEM?

Answer 66

Privacy Enhanced Mail

• File format for storing and sending cryptographic keys, certificates and other data.
• For example, when using SSH, you will often use a .pem file.
• Encodes the binary data using base64.
• Starts with —–BEGIN a label and then —–

Question 67

PFS?

Answer 67

Perfect Forward Secrecy

• Feature of specific key agreement protocols that gives assurances that session keys will not be compromised, even if long-term secrets used in the session key exchange are compromised.
• Example: HTTPS, the long-term secret is usually the private key of the server.

Question 68

PFX?

Answer 68

Personal Information Exchange

Question 69

PGP?

Answer 69

Pretty Good Privacy

• Encryption program used to provide cryptographic privacy and authentication for data communication.
• Useful for signing, encrypting, and decrypting texts, emails, files, directories, and whole disk partitions.

Question 70

PHI?

Answer 70

Personal Health Information

Question 71

PII?

Answer 71

Personal Identifiable Information

Question 72

PIV?

Answer 72

Personal Identity Verification

• MFA on a Smartcard
• Used for identity proofing.

Question 73

PKCS?

Answer 73

Public-Key Cryptography Standards

• Group of standards for Public Keys.

Question 74

PKI?

Answer 74

Public Key Infrastructure

• Roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke Digital Certificates and manage public-key encryption.

Question 75

POP?

Answer 75

Post Office Protocol

• TCP
• PORT 110
• Used to RECEIVE Email from a Mail Server
• UNENCRYPTED

POP SSL/TLS
- TCP
- PORT 995
- Used to RECEIVE email from Mail Servers using an SSL/TLS Encrypted connection.

Question 76

POTS?

Answer 76

Plain Old Telephone Service

Question 77

PPP?

Answer 77

Point-to-Point Protocol

• Communication between two Routers directly without any hosts or other Networks in between.
• Data Link Layer

Question 78

PPTP?

Answer 78

Point-toPoint Tunneling Protocol

• TCP/UDP
• PORT 1723
• Obsolete method of implementing Virtual Private Networks (VPN)

Question 79

PSK?

Answer 79

Pre-Shared Key

• Shared Secrets sent using a Secure channel before it needs to be used.

Question 80

PTZ?

Answer 80

Pan-Tilt-Zoom

• Camera that can be remotely controlled, including zoom and directional controls.

Question 81

QA?

Answer 81

Quality Assurance

Question 82

QoS?

Answer 82

Quality of Service

• Performance of Systems by the users of the Network/Systems

Question 83

PUP?

Answer 83

Potentially Unwanted Program

Question 84

RA?

Answer 84

Recovery Agent

Registration Authority

Question 85

RACE?

Answer 85

Research and Development in Advanced Communications Technologies in Europe

Question 86

RAD?

Answer 86

Rapid Application Deployment

• Agile software development approach
• Focuses on ongoing software projects and user feedback and less on following a strict plan.
• Emphasizes rapid prototyping over costly planning.

Question 87

RADIUS?

Answer 87

Remote Authentication Dial-in User Service

• Provides centralized authentication to protect Networks against unauthorized use.
• Could aalso be used for device administration, but its primary purpose is Network authentication.
• Combines authentication and authorization.
• Encrypts only the Password Field, NOT the entire packet.

Question 88

RAID?

Answer 88

Redundant Array of Inexpensive Disks

• Storage virtualization technology that combines multiple physical disk drive components into one or more logical units.
• Used to increase data redundancy, performance, or both.
• Striping - Spreads blocks of data across multiple disks. Great for increased performance but provides zero data redundancy or protection.
• Mirroring - copies the same data across disks. Provides data redundancy and protection from failure, but requires more disks which increase cost.
• Parity - Calculated value that gets used to restore data from multiple drives if one of the drives were to fail. This prevents the need to mirror using separate drives since parity is spread among disks.

RAID0 - Striping - Needs 2 Drives Minimum
RAID1 - Mirroring - Needs 2 Drives Minimum
RAID4 - Striping and Parity - Needs 3 Drives Minimum
RAID5 - Striping and Parity - Needs 3 Drives Minimum
RAID6 - Striping and Parity - Needs 4 Drives Minimum

Question 89

RAM?

Answer 89

Random Access Memroy

Question 90

RAS?

Answer 90

Remote Access Server

Question 91

RAT?

Answer 91

Remote Access Trojan

• Malware that gives the attacker admin control over the target computer.
• Typically used to then take further action.

Question 92

RBAC?

Answer 92

Role-based Access Control

• Used to assign rights and permissions based on Roles of users.
• Roles are usually assigned by Groups

Question 93

RC4?

Answer 93

Rivest Cipher version 4

• Insecure
• WEP

Question 94

RCS?

Answer 94

Rich Communication Services

Question 95

RDP?

Answer 95

Remote Desktop Protocol

• TCP/UDP
• PORT 3389
• Used to remotely view and control other Windows Systems via a Graphical User Interface (GUI)
• Microsoft proprietary

Question 96

RFC?

Answer 96

Request for Comments

Question 97

RFID?

Answer 97

Radio Frequency Identifier

• Uses electromagnetic fields to automatically identify and track tags attached to objects
• Consists of a tiny radio transponder, a radio receiver, and a transmitter
• Made up of tags and readers

Question 98

RIPEMD?

Answer 98

RACE Integrity Primitives Evaluation Message Digest

• Family of Hash functions.
• RIPEMD
• RIPEMD-128
• RIPEMD-160
• RIPEMD-256
• RIPEMD-320
• Evaluation Message Digest helps guarantee a low number of collisions.

Question 99

ROI?

Answer 99

Return on Investment

Question 100

RPC?

Answer 100

Remote Procedure Call

• TCP/UDP
• PORT 135
• Used to locate DCOM ports to request a service from a program on another computer on the Network.

Question 101

RPO?

Answer 101

Recovery Point Objective

• The maximum amount of data (Measured by Time) that can be lost after a recovery from a disaster or failure.
• Used to determine the frequency of backups.
• IE: If an RPO is 70 minutes, you require system backups every 70 minutes.

Question 102

RSA?

Answer 102

Rivest, Shamir, & Adleman

• Algorithm used to encrypt and decrypt messages (Public-Key Crytosystem)
• Asymmetric - the public key can be known to everyone.
• Messages encrypted using the public key can only be decrypted with the private key
• Slower than some

Question 103

RTBH?

Answer 103

Remote Triggered Black Hole

• Can be used to drop traffic before it enters a protected Network.
• A common use is to mitigate DDoS

Question 104

RTO?

Answer 104

Recovery Time Objective

• Max amount of time it can take to recover after a failure or disaster before the business is significantly impacted.

Question 105

RTOS?

Answer 105

Real-Time Operating System

• Event-driven and Preemptive
• Switches betwene tasks based on their priorities (event-driven) or on a regular clocked interrupts and on events (time-sharing)

Question 106

RTP?

Answer 106

Real-time Transport Protocol

• Used to transfer audio/video over IP Networks
• Streaming media, for example.

Question 107

S/MIME?

Answer 107

Secure/Multipurpose Internet Mail Extensions

• Provides a way to integrate public key encryption and digtal signatures into most modern email clients.
• This would encrypt all email information from client to client, regardless of the communication used between email servers.

Question 108

SaaS?

Answer 108

Software as a Service

• Microsoft 365, Google Producitivity Suite
• Paying a subscription for a suite of Software products.

Question 109

SAE?

Answer 109

Simultaneous Authentication of Equals

• Secure password-based authentication and password-authenticated key agreement method.

Question 110

SAML?

Answer 110

Security Assertions Markup Language

• XML-based markup language for security assertions
• Allows an IdP to authenticate users and then pass an auth token to another application (Service Provider)

Question 111

SAN?

Answer 111

Storage Area Network

• Dedicated, independent high-speed Network that interconnects and delivers shared pools of storage devices to multiple servers.

Subject Alternative Name

• Extension to X.509 that allows various values to be associated with a Security Certificate.

Question 112

SCADA?

Answer 112

System Control and Data Acquisition

• Control system for high-level supervision of machines and processes.

Question 113

SCAP?

Answer 113

Security Content Automation Protocol

Question 114

SCEP?

Answer 114

Simple Certificate Enrollment Protocol

• Makes the request and issuing of Digital Certificates as simple as possible.

Question 115

SDK?

Answer 115

Software Development Kit

• Collection of software development tools you can install in one package.

Question 116

SDLC?

Answer 116

Software Development Life Cycle

Question 117

SDLM?

Answer 117

Software Development Life-cycle Methodology

Question 118

SDN?

Answer 118

Software Defined Networking

• Makes Networking a bit more like cloud computing than traditional Network management by defining Network technology via software.

Question 119

SDV?

Answer 119

Software Defined Visibility

• Framework that allows customers, security and Network equipment vendors, as well as MSPs to control and program Gigamon’s Visibility Frabric via REST-based APIs.

Question 120

SED?

Answer 120

Self-Encrypting Drives

• Data gets encrypted as it gets added to disk (HDD and SSD)

Question 121

SEH?

Answer 121

Structured Exception Handler

• A way of handling both software and hardware exceptions/failures gracefully

Question 122

SFTP?

Answer 122

Secure File Transfer Protocol

Question 123

SHA?

Answer 123

Secure Hashing Algorithm

• One-way functions.

Question 124

SHTTP?

Answer 124

Secure Hypertext Transfer Protocol

• Obsolete alternative to HTTPS

Question 125

SIEM?

Answer 125

Security Information Event Management

Question 126

SIM?

Answer 126

Subscriber Identity Module

Question 127

SIP?

Answer 127

Session Initiation Protocol

• Used to initiate, maintain, and terminate real-time sessions that include voice, video, and messaging apps.

Question 128

SLA?

Answer 128

Service Level Agreement

Question 129

SLE?

Answer 129

Single Loss Expectancy

• Monetary value of an asset
• % of loss for each realized threat

Question 130

SMB?

Answer 130

Server Message Block

• TCP
• PORT 445
• Used to provide shared access to files and other resources on a Network.

Question 131

SMS?

Answer 131

Short Message Service

Question 132

SMTP?

Answer 132

Simple Mail Transfer Protocol

• TCP
• PORT 25
• Used to SEND Email over the Internet via Mail Servers

Question 133

SMTPS?

Answer 133

Simple Network Mail Transfer Protocol Secure

• TCP
• PORT/s 465/587
• Used to SEND email over the Internet with an SSL/TLS Encrypted connection.

Question 134

SNMP?

Answer 134

Simple Network Management Protocol

• UDP
• PORT 161
• Used to remotely monitor Network devices.

SNMPTRAP
- TCP/UDP
- PORT 162
- Used to send TRAP and InformRequests to the SNMP Manager on a Network.

Question 135

SOAP?

Answer 135

Simple Object Access Protocol

• Lightweight XML-based protocol that’s used for exchanging information in decentralized, distributed application environments.
• Verses REST, which mostly uses JSON

Question 136

SOAR?

Answer 136

Security Orchestration, Automation, Response

• Technologies that enable orgs to collect inputs monitored by the Security operations team.
• IE: ALerts from the SIEM and other Security Tech were incident analysis and triage can be performed by leveraging a combination of human and machine power.

Question 137

SoC?

Answer 137

System on Chip

• Raspberry Pi is an example
• Multiple components running on a single chip.

Question 138

SOC?

Answer 138

Security Operations Center

Question 139

SPF?

Answer 139

Sender Policy Framework

• Email authentication technique which is used to prevent spammers from sending messages on behalf of your domain.

Question 140

SPIM?

Answer 140

Spam Over Internet Messaging

Question 141

SQL?

Answer 141

Structured Query Language

• SQL is used to communicate with SQL databases in order to create, read, update or delte data.

Question 142

SQLi?

Answer 142

Structured Query Language Injection

• Type of web-based attack that target SQL databases to either extra data, instert data, modify database settings, or in extreme cases - take control of the host server.

Question 143

SRTP?

Answer 143

Secure Real-Time Protocol

• Provides encryption, message authentication and integrity, and replay attack protection to the RTP data.

Question 144

SSD?

Answer 144

Solid State Drive

• Physical storage device comparable to hard drives but that uses different technology

Question 145

SSH?

Answer 145

Secure Shell

• TCP/UDP
• PORT 22
• Secure Shell (SSH)
• Secure Copy (SCP)
• Secure File Transfer Protocol (SFTP)
• Used to remotely administer Network devices and systems

Question 146

SSL?

Answer 146

Secure Sockets Layer

Question 147

SSO?

Answer 147

Single-Sign On

Question 148

STIX?

Answer 148

Structured Threat Information eXchange

• XML Structured Language for sharing threat intelligence
• Like TAXII, STIX is a community-driven project.

Question 149

STP?

Answer 149

Shielded Twisted Pair

Question 150

SWG?

Answer 150

Secure Web Gateway

• Protects users from web-based threats and applies and enforces corporate acceptable use policies.
• instead of connecting directly to a website, the user accesses the SWG, which then connects the user to the desired website.
• This helps with URL filtering, web visibility, malicious content inspection, web access controls, and more.

Question 151

TACACS+?

Answer 151

Terminal Access Controller Access Control System

• TCP/UDP
• PORT 49
• Authentication protocol used for remote communication with any server in a UNIX Network or terminals.
• Uses allow/deny mechanisms with auth keys that correspond to usernames and passwords
• Primarily used for device administration, but can technically be used for some Network management
• Encrypts the entire packet
• Separates authentication and authorization

Question 152

TAXII?

Answer 152

Trusted Automation eXchange of Indicator Information

• Aims to enable robust, secure, and high-volume exchanges of Cyber threat information.

Question 153

TCP/IP?

Answer 153

Transmission Control Protocol/Internet Protocol

Question 154

TFTP?

Answer 154

Trivial File Transfer Protocol

• UDP
• PORT 69
• Used as a simplified (dirty) version of FTP (File Transfer Protocol) to put a file on a Remote Host or get a file from a Remote Host.

Question 155

TGT?

Answer 155

Ticket Granting Ticket

• Files created by the Key Distribution Center (KDC) portion of the Kerberos authentication protocol.
• Used to grant users access to Network resources.
• Once the user has the TGT, they use it to obtain a service ticket from the Ticket Granting Service (TGS) at which point the user is granted access.

Question 156

TKIP?

Answer 156

Temporal Key Integrity Protocol

• Security protocol used in IEEE 802.11 wireless networking standard

Question 157

TLS?

Answer 157

Transport Layer Security

• Successor of deprecated SSL
• Provides Secure communications.

Question 158

TOTP?

Answer 158

Time-based One Time Password

• String of dynamic digits of code who change values based on time.
• Used for MFA (Multifactor Authentication)

Question 159

TPM?

Answer 159

Trusted Platform Module

• Dedicated microcontroller/chip designed to secure hardware with integrated crypto keys.

Question 160

TSIG?

Answer 160

Transaction Signature

• Computer-Network protocol, primarily enables DNS to authenticate updates to a DNS database.

Question 161

TTP?

Answer 161

Tactics, Techniques, and Procedures

• Behaviors, methods, tools, and strategies that cyber threat actors and hackers use to plan and execute cyber attacks on business Networks.

Question 162

UAT?

Answer 162

User Acceptance Training

• Last phase of the software testing process
• Actual software users test the software to make sure it can handle necessary, real-world tasks and scenarios, according to specifications
• AKA User Acceptibility Testing or End-User Testing

Question 163

UAV?

Answer 163

Unmanned Aerial Vehicle

Question 164

UDP?

Answer 164

User Datagram Protocol

• Connectionless

Question 165

UEFI?

Answer 165

Unified Extensible Firmware Interface

• Specification that defines a software interface betwen an OS and platform firmware
• Replaces the legacy BIOS firmware interaface, but provides legacy BIOS services
• UEFI can support remote diagnostics and repair of computers, even if no OS is installed.

Question 166

UEM?

Answer 166

Unified Endpoint Management

• Allows you to manage, secure, and deploy resources and apps on any device from a single console
• Goes beyond just MDM since it can also control PCs, or IoT devices, for example.

Question 167

UPS?

Answer 167

Uninterruptable Power Supply

• Provides an emergency power to a load in the event of power failure.

Question 168

URI?

Answer 168

Uniform Resource Identifier

• Identifier for a specific resource.

Question 169

URL?

Answer 169

Universal Resource Locator

• All URLs are URIs but not all URIs are URLs
• If the protocol (http, https, ftp, etc) is present or implied, then it’s a URL.

Question 170

USB?

Answer 170

Universal Serial Bus

Question 171

USB OTG?

Answer 171

USB On The Go

• Allows USB devices to act as a host, allowing other USB devices to attack to them.
• Those devices can then switch back and fourth between the roles of host and device
• For example, a phone may read from the removal media as the host, but then act as a mass storage device.

Question 172

UTM?

Answer 172

Unified Threat Management

• When a single hardware or software provides multiple security functions.
• This is in contrast of having individual solutions for each security function.

Question 173

UTP?

Answer 173

Unshielded Twisted Pair

Question 174

VBA?

Answer 174

Visual Basic

• Event-driven programming language from Microsoft

Question 175

VDE?

Answer 175

Virtual Desktop Environment

Question 176

VDI?

Answer 176

Virtual Desktop Infrastructure

• When the desktop and application software is separated from the hardware.

Question 177

VLAN?

Answer 177

Virtual Local Area Network

• A partitioned and isolated part of a LAN created with Logic (Not physical Separation)

Question 178

VLSM?

Answer 178

Variable Length Subnet Masking

• Design where subnets can have varying sizes.

Question 179

VM?

Answer 179

Virtual Machine

Question 180

VNC?

Answer 180

Virtual Network Computing

• TCP
• PORT 5900
• Cross-platform version of Remote Desktop Protocol (RDP) for remote user GUI access.

Question 181

VoIP?

Answer 181

Voice over Internet Protocol

• Voice Communications over Internet Protocol N etworks.

Question 182

VPC?

Answer 182

Virtual Private Cloud

• On demand pool of shared resources in a public cloud environment.
• Provides isolation between organization and resources.
• Lets you essentiall carve out a piece of the public cloud to host your private resources.

Question 183

VPN?

Answer 183

Virtaul Private Network

• Encrypted conection over the Internet from a device to a Network
• Helps ensure that you can communicate with remote systems securely and prevents eavesdropping on the traffic.

Question 184

VTC?

Answer 184

Video Teleconferencing

Question 185

WAF?

Answer 185

Web Application Firewall

Question 186

WAP?

Answer 186

Wireless Access Point

• Allows other wifi devices to connect to a wired network

Wireless Application Protocol

Question 187

WEP?

Answer 187

Wired Equivalent Privacy

• Security protocol that used to be used until it was found that it was inadequate.

Question 188

WIDS?

Answer 188

Wireless Intrusion Detection System

• Can DETECT the presence of unauthorized access points and create alerts.
• They can also identify Network break-in attempts.

Question 189

WIPS?

Answer 189

Wireless Intrusion Prevention System

• Can Detect the presence of unauthorized access points and automatically TAKE ACTION such as quarantining devices or kicking them off Networks.
• DETECTS and ACTS

Question 190

WORM?

Answer 190

Write Once Read Many

• Data storage device where information, once written, can’t be modified
• Great to ensure that data doesn’t get tampered with.

Question 191

WPA?

Answer 191

WIFI Protected Access

• Designed to be MORE secure than WEP
• WPA vs WPA2
• WPA uses TKIP
• WPA2 can use TKIP or AES, AES is preferred.

Question 192

WPS?

Answer 192

WIFI Protected Setup

• Flawed security mechanism used for Routers - can be Brute Forced easily.
• Not very protected at all…

Question 193

WTLS?

Answer 193

Wireless Transport Layer Security

• Security level for WAP (Wireless Application Protocol) apps

Question 194

XaaS?

Answer 194

Anything as a Service

• Term used to describe anything that can be used or sold as a service.
• For example, you can have Database as a Service (DaaS), Authentication as a Service (AaaS), etc…

Question 195

XML?

Answer 195

Extensible Markup Language

Question 196

XOR?

Answer 196

Exclusive Or

• Logical operator that returns true (represented by a 1) if its arguments are different (IE: One argument is 0 and the other is 1)
• If the arguments are the same, then XOR returns a 0

Question 197

XSRF?

Answer 197

Cross-Site Request Forgery

• Same as CSRF

Question 198

XSS?

Answer 198

Cross-Site Scripting

Question 199

X.509?

Answer 199

• Standard defining the format of public-key certificates.

Question 200

802.1X?

Answer 200

• Network authentication protocol.
• Defines the standards for using EAP to authenticate clients through authenticators (Router, Switch, Network Devices) using an authentication server (Such as RADIUS)
• Devices/Users connecting need to provide credentials and prove their identity to get access to the Network.
• Usually authenticated by Active Directory (AD), RADIUS.