Security+ Acronyms II - Review Flashcards

1
Q

MaaS?

A

Monitoring as a Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

MAC?

A

Mandatory Access Control
- Address control used to limit access to resources based on the sensitivity of the information that the resource contains and the authorization of the user.
- Uses labels which are made up of a security level and zero or more security categories.
- Security levels indicate a level or hierarchical clasification of the information - confidential or restricted.
- Security categories define the category or group to which the information belongs.
- If the user does not have the proper label for a piece of information, they cannot access it.

Media Access Control
- Sublayer of the Data Link Layer (DLL) in the seven-layer OSI Network reference model.
- MAC is responsible for the transmission of data packets to and from the Network-Interface Card (NIC), and to and from another remotely shared channel.

Message Authentication Code
- Authenticates the source of a message and its integrity.
- Piece of information used to authenticate a message and make sure it came from the intended sender without any unintended modifications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

MAM?

A

Mobile Application Management

  • Used to control enterprise applications and app data on end uer’s devices.
  • Provides application-level control to IT admins.
  • Different from MDM because MDM aims to control the entire mobile device and requires a service agent to be running on the mobile device.
  • MAM instead focuses purely on Apps and their DATA.
  • Functions of MAM:
    • Control Installation, Updating, Removal of Apps
    • Remote Wipe
    • Application Usage Monitor
    • Control User/Group Access
    • Control User Authentication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

MAN?

A

Metropolitan Area Network

  • Computer Network larger than a single building.
  • Think CITY
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MBR?

A

Master Boot Record

  • Special type of boot sector at the very begining of partitioned storage
  • Holds information about how logical partitions are organized.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

MD5?

A

Message Digest 5

  • Hash function that can very easily be cracked.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

MDF?

A

Main Distribution Frame

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

MDM?

A

Mobile Device Management

  • Softare that allows administration of devices as a whole.
  • Different from MAM because MAM focuses on specific applications while MDM focuses on controlling the entire device.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

MFA?

A

Multifactor Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

MFD?

A

Multi-Function Device

  • Device that incorperates the functionality of multiple other devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

MFP?

A

Multi-Function Printer

  • A Printer that includes Fax, Scanning, Copy, etc…
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

MITM?

A

Man-in-the-Middle

  • Attack that interrupts a data transfer to eavesdrop.
  • Also known as On-Path Attack
  • Intercepts packet traffic, gets in the middle of traffic streams to listen in.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

ML?

A

Machine Learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

MMS?

A

Multimedia Message Service

  • Used to send messages that include multimedia content.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

MOA?

A

Memorandum of Agreement

  • Legally-binding agreement between two parties.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

MOU?

A

Memorandum of Understanding

  • Non-Legally Binding agreement.
  • Used to signal willingness between parties to move forward with a contract.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

MPLS?

A

Multi-Protocol Label Switching

  • Routing technique to direct data from one note to the next based on the short path labels.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

MSA?

A

Mesurement Systems Analysis

  • Mathematical method of determining the amount of variation that exists within a measurement process.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

MSCHAP?

A

Microsoft Challenge Handshake

  • Encrypted authentication used in a Wide Area Network (WAN)
  • Authentication protocol
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

MSP?

A

Managed Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

MSSP?

A

Managed Security Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

MTBF?

A

Mean Time Between Failures

  • Predicted time Between Failures of a System
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

MTTF?

A

Mean Time To Failure

  • Used to predict when a system will fail (and can’t be repaired)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

MTTR?

A

Mean Time To Recover

  • AKA - Mean Time To Restore
  • Average time it takes to recover from a system failure.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

MTU?

A

Maximum Transmission Unit

  • Largest packet or frame size that can be sent in a packet or frame-based Network such as the Internet.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

NAC?

A

Network Access Control

  • Provides visibility, access control, and compliance
  • Can define an implement strict access management controls for Networks.
  • Centralized solution to end-point Security
  • Uses IEEE 802.1x Standard
  • Usually works with TACACS or RADIUS to verify authentication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

NAS?

A

Network Attached Storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

NAT?

A

Network Address Translation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

NDA?

A

Non-Disclosure Agreement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

NFC?

A

Near Field Communication

  • Mobile Payment
  • Key Cards
  • Smart Cards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

NFV?

A

Network Functions Virtualization

  • Virtualizes entire classes of Network node functions into building blocks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

NIC?

A

Network Interface Card

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

NIDS?

A

Network-based Intrusion Detection System

  • Detects malicious traffic on a Network
  • Detects & Alerts, does not Prevent.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

NIPS?

A

Network-based Intrusion Protection System

  • Detects, Alerts, and PREVENTS malicious traffic on a Network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

NIST?

A

National Institute of Standards & Technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

NNTP?

A

Network News Transfer Protocol

  • TCP
  • PORT 119
  • Used to transport Usenet Articles.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

NTFS?

A

New Technology File System

  • Used by Windows NT to store, organize, and find files on an HD efficiently.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

NTLM?

A

New Technology LAN Manager

  • Used to authenticate user identity and protect the integrity and confidentiality of their activity.
  • SSO tool
  • Relies on a challenge-response protocol to confirm the user without requiring them to submit a password.
  • Has known vulnerabilities and is typically only still used for legacy clients and servers.
  • Replaced by Kerberos
  • Relies on a three-way handshake between the client and server to authenticate a user, while Kerberos uses a two-part process that leverages a Ticket granting service or Key Distribution Center (KDC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

NTP?

A

Network Time Protocol

  • UDP Port 123
  • Syncs Network Time
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

OAUTH?

A

Open Authentication

  • Token-based Authentication
  • Lets organizations share info across third-party services without exposing their users - usernames/passwords.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

OCSP?

A

Online Certificate Status Protocol

  • Used by Certification Authority (CAs) to check the revocation status of an X.509 Digital Certificate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

OID?

A

Object Identifier

  • Standard for naming any object, concept, or thing.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

OS?

A

Operating System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

OSI?

A

Open Systems Interconnection

  • Conceptual model.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

OSINT?

A

Open Source Intelligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

OSPF?

A

Open Shortest Path First

  • Distributes Routing information between other Routers automatically.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

OT?

A

Operational Technology

  • Hardware/Software that detects or causes a change by directly monitoring and/or controlling industrial equipment, assets, processes, and events.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

OTA?

A

Over the Air

  • Pushing updates for software, configuration settings, or even encryption keys, on remote devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

OTG?

A

On the Go

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

OVAL?

A

Open Vulnerability Assessment Language

  • Community standard to promote open and publicly available security content, and to standardize the transfer of this information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

OWASP?

A

Open Web Application Security Project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

P12?

A

Public Key Cryptography Standards 12

  • Archive file format for storing cryptography objects as a single file.
  • Used to bundle a private key with its X.509 certificate, or to bundle the members of a chain of trust.
  • Think of it as a container for X.509 public key certs, private keys, CRLs, and generic data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

P2P?

A

Peer-to-Peer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

PaaS?

A

Platform as a Service

  • Think of it as Infrastructure as a Service except you’re bringing in all that Cloud Hardware/Resources for a specific purpose, to develop something.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

PAC?

A

Proxy Auto Configuration

  • Used to define how web browsers and other user agents can automatically choose the appropriate proxy server for fetching URLs.
  • Contains a JavaScript function that returns a string with one or more access method specifications.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

PAM?

A

Privileged Access Management

  • Safeguarding identities with special access or admin capabilities.

Pluggable Authentication Modules

  • Used to separate the tasks of authentication from applications
  • Apps can call PAM libraries to check permissions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

PAP?

A

Password Authentication Protocol

  • Two-way Handshake to provide the peer system with a simple method to establish its identity.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

PAT?

A

Port Address Translation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

PBKDF2?

A

Password-Based Key Derivation Function v2

  • Key derivation functions with a sliding computation cost, which is used to reduce vulnerabilities of brute-force attacks.
  • Applies a pseudorandom function (Like HMAC) to the input password along with a salt value, and repeats this process multiple times to produce a derived Key.
  • Derived Key can then be used as a cryptographic key.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

PBX?

A

Private Branch Exchange

  • Telephone system that swithces calls between users on local line
  • Multiline telephone system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

PCAP?

A

Packet Capture

  • Collects and Records packet data from a Network which can then be analyzed in a Packet Analyzer.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

PCI DSS?

A

Payment Card Industry Data Security Standard

  • Security standards to use when accepting, processing, storing, and/or transmitting credit card information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

PDU?

A

Power Distribution Unit

  • Provides multiple electric power outputs.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

PEAP?

A

Protected Extensible Authentication Protocol

  • Provides a method to transport securely authenticated data including legacy password-based protocols, via 802.11 WIFI.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

PED?

A

Personal Electronic Device

  • Devices like phones, laptops, pagers, radios, tablets, etc…
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

PEM?

A

Privacy Enhanced Mail

  • File format for storing and sending cryptographic keys, certificates and other data.
  • For example, when using SSH, you will often use a .pem file.
  • Encodes the binary data using base64.
  • Starts with —–BEGIN a label and then —–
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

PFS?

A

Perfect Forward Secrecy

  • Feature of specific key agreement protocols that gives assurances that session keys will not be compromised, even if long-term secrets used in the session key exchange are compromised.
  • Example: HTTPS, the long-term secret is usually the private key of the server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

PFX?

A

Personal Information Exchange

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

PGP?

A

Pretty Good Privacy

  • Encryption program used to provide cryptographic privacy and authentication for data communication.
  • Useful for signing, encrypting, and decrypting texts, emails, files, directories, and whole disk partitions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

PHI?

A

Personal Health Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

PII?

A

Personal Identifiable Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

PIV?

A

Personal Identity Verification

  • MFA on a Smartcard
  • Used for identity proofing.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

PKCS?

A

Public-Key Cryptography Standards

  • Group of standards for Public Keys.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

PKI?

A

Public Key Infrastructure

  • Roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke Digital Certificates and manage public-key encryption.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

POP?

A

Post Office Protocol

  • TCP
  • PORT 110
  • Used to RECEIVE Email from a Mail Server
  • UNENCRYPTED

POP SSL/TLS
- TCP
- PORT 995
- Used to RECEIVE email from Mail Servers using an SSL/TLS Encrypted connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

POTS?

A

Plain Old Telephone Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

PPP?

A

Point-to-Point Protocol

  • Communication between two Routers directly without any hosts or other Networks in between.
  • Data Link Layer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

PPTP?

A

Point-toPoint Tunneling Protocol

  • TCP/UDP
  • PORT 1723
  • Obsolete method of implementing Virtual Private Networks (VPN)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

PSK?

A

Pre-Shared Key

  • Shared Secrets sent using a Secure channel before it needs to be used.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

PTZ?

A

Pan-Tilt-Zoom

  • Camera that can be remotely controlled, including zoom and directional controls.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

QA?

A

Quality Assurance

82
Q

QoS?

A

Quality of Service

  • Performance of Systems by the users of the Network/Systems
83
Q

PUP?

A

Potentially Unwanted Program

84
Q

RA?

A

Recovery Agent

Registration Authority

85
Q

RACE?

A

Research and Development in Advanced Communications Technologies in Europe

86
Q

RAD?

A

Rapid Application Deployment

  • Agile software development approach
  • Focuses on ongoing software projects and user feedback and less on following a strict plan.
  • Emphasizes rapid prototyping over costly planning.
87
Q

RADIUS?

A

Remote Authentication Dial-in User Service

  • Provides centralized authentication to protect Networks against unauthorized use.
  • Could aalso be used for device administration, but its primary purpose is Network authentication.
  • Combines authentication and authorization.
  • Encrypts only the Password Field, NOT the entire packet.
88
Q

RAID?

A

Redundant Array of Inexpensive Disks

  • Storage virtualization technology that combines multiple physical disk drive components into one or more logical units.
  • Used to increase data redundancy, performance, or both.
  • Striping - Spreads blocks of data across multiple disks. Great for increased performance but provides zero data redundancy or protection.
  • Mirroring - copies the same data across disks. Provides data redundancy and protection from failure, but requires more disks which increase cost.
  • Parity - Calculated value that gets used to restore data from multiple drives if one of the drives were to fail. This prevents the need to mirror using separate drives since parity is spread among disks.

RAID0 - Striping - Needs 2 Drives Minimum
RAID1 - Mirroring - Needs 2 Drives Minimum
RAID4 - Striping and Parity - Needs 3 Drives Minimum
RAID5 - Striping and Parity - Needs 3 Drives Minimum
RAID6 - Striping and Parity - Needs 4 Drives Minimum

89
Q

RAM?

A

Random Access Memroy

90
Q

RAS?

A

Remote Access Server

91
Q

RAT?

A

Remote Access Trojan

  • Malware that gives the attacker admin control over the target computer.
  • Typically used to then take further action.
92
Q

RBAC?

A

Role-based Access Control

  • Used to assign rights and permissions based on Roles of users.
  • Roles are usually assigned by Groups
93
Q

RC4?

A

Rivest Cipher version 4

  • Insecure
  • WEP
94
Q

RCS?

A

Rich Communication Services

95
Q

RDP?

A

Remote Desktop Protocol

  • TCP/UDP
  • PORT 3389
  • Used to remotely view and control other Windows Systems via a Graphical User Interface (GUI)
  • Microsoft proprietary
96
Q

RFC?

A

Request for Comments

97
Q

RFID?

A

Radio Frequency Identifier

  • Uses electromagnetic fields to automatically identify and track tags attached to objects
  • Consists of a tiny radio transponder, a radio receiver, and a transmitter
  • Made up of tags and readers
98
Q

RIPEMD?

A

RACE Integrity Primitives Evaluation Message Digest

  • Family of Hash functions.
  • RIPEMD
  • RIPEMD-128
  • RIPEMD-160
  • RIPEMD-256
  • RIPEMD-320
  • Evaluation Message Digest helps guarantee a low number of collisions.
99
Q

ROI?

A

Return on Investment

100
Q

RPC?

A

Remote Procedure Call

  • TCP/UDP
  • PORT 135
  • Used to locate DCOM ports to request a service from a program on another computer on the Network.
101
Q

RPO?

A

Recovery Point Objective

  • The maximum amount of data (Measured by Time) that can be lost after a recovery from a disaster or failure.
  • Used to determine the frequency of backups.
  • IE: If an RPO is 70 minutes, you require system backups every 70 minutes.
102
Q

RSA?

A

Rivest, Shamir, & Adleman

  • Algorithm used to encrypt and decrypt messages (Public-Key Crytosystem)
  • Asymmetric - the public key can be known to everyone.
  • Messages encrypted using the public key can only be decrypted with the private key
  • Slower than some
103
Q

RTBH?

A

Remote Triggered Black Hole

  • Can be used to drop traffic before it enters a protected Network.
  • A common use is to mitigate DDoS
104
Q

RTO?

A

Recovery Time Objective

  • Max amount of time it can take to recover after a failure or disaster before the business is significantly impacted.
105
Q

RTOS?

A

Real-Time Operating System

  • Event-driven and Preemptive
  • Switches betwene tasks based on their priorities (event-driven) or on a regular clocked interrupts and on events (time-sharing)
106
Q

RTP?

A

Real-time Transport Protocol

  • Used to transfer audio/video over IP Networks
  • Streaming media, for example.
107
Q

S/MIME?

A

Secure/Multipurpose Internet Mail Extensions

  • Provides a way to integrate public key encryption and digtal signatures into most modern email clients.
  • This would encrypt all email information from client to client, regardless of the communication used between email servers.
108
Q

SaaS?

A

Software as a Service

  • Microsoft 365, Google Producitivity Suite
  • Paying a subscription for a suite of Software products.
109
Q

SAE?

A

Simultaneous Authentication of Equals

  • Secure password-based authentication and password-authenticated key agreement method.
110
Q

SAML?

A

Security Assertions Markup Language

  • XML-based markup language for security assertions
  • Allows an IdP to authenticate users and then pass an auth token to another application (Service Provider)
111
Q

SAN?

A

Storage Area Network

  • Dedicated, independent high-speed Network that interconnects and delivers shared pools of storage devices to multiple servers.

Subject Alternative Name

  • Extension to X.509 that allows various values to be associated with a Security Certificate.
112
Q

SCADA?

A

System Control and Data Acquisition

  • Control system for high-level supervision of machines and processes.
113
Q

SCAP?

A

Security Content Automation Protocol

114
Q

SCEP?

A

Simple Certificate Enrollment Protocol

  • Makes the request and issuing of Digital Certificates as simple as possible.
115
Q

SDK?

A

Software Development Kit

  • Collection of software development tools you can install in one package.
116
Q

SDLC?

A

Software Development Life Cycle

117
Q

SDLM?

A

Software Development Life-cycle Methodology

118
Q

SDN?

A

Software Defined Networking

  • Makes Networking a bit more like cloud computing than traditional Network management by defining Network technology via software.
119
Q

SDV?

A

Software Defined Visibility

  • Framework that allows customers, security and Network equipment vendors, as well as MSPs to control and program Gigamon’s Visibility Frabric via REST-based APIs.
120
Q

SED?

A

Self-Encrypting Drives

  • Data gets encrypted as it gets added to disk (HDD and SSD)
121
Q

SEH?

A

Structured Exception Handler

  • A way of handling both software and hardware exceptions/failures gracefully
122
Q

SFTP?

A

Secure File Transfer Protocol

123
Q

SHA?

A

Secure Hashing Algorithm

  • One-way functions.
124
Q

SHTTP?

A

Secure Hypertext Transfer Protocol

  • Obsolete alternative to HTTPS
125
Q

SIEM?

A

Security Information Event Management

126
Q

SIM?

A

Subscriber Identity Module

127
Q

SIP?

A

Session Initiation Protocol

  • Used to initiate, maintain, and terminate real-time sessions that include voice, video, and messaging apps.
128
Q

SLA?

A

Service Level Agreement

129
Q

SLE?

A

Single Loss Expectancy

  • Monetary value of an asset
  • % of loss for each realized threat
130
Q

SMB?

A

Server Message Block

  • TCP
  • PORT 445
  • Used to provide shared access to files and other resources on a Network.
131
Q

SMS?

A

Short Message Service

132
Q

SMTP?

A

Simple Mail Transfer Protocol

  • TCP
  • PORT 25
  • Used to SEND Email over the Internet via Mail Servers
133
Q

SMTPS?

A

Simple Network Mail Transfer Protocol Secure

  • TCP
  • PORT/s 465/587
  • Used to SEND email over the Internet with an SSL/TLS Encrypted connection.
134
Q

SNMP?

A

Simple Network Management Protocol

  • UDP
  • PORT 161
  • Used to remotely monitor Network devices.

SNMPTRAP
- TCP/UDP
- PORT 162
- Used to send TRAP and InformRequests to the SNMP Manager on a Network.

135
Q

SOAP?

A

Simple Object Access Protocol

  • Lightweight XML-based protocol that’s used for exchanging information in decentralized, distributed application environments.
  • Verses REST, which mostly uses JSON
136
Q

SOAR?

A

Security Orchestration, Automation, Response

  • Technologies that enable orgs to collect inputs monitored by the Security operations team.
  • IE: ALerts from the SIEM and other Security Tech were incident analysis and triage can be performed by leveraging a combination of human and machine power.
137
Q

SoC?

A

System on Chip

  • Raspberry Pi is an example
  • Multiple components running on a single chip.
138
Q

SOC?

A

Security Operations Center

139
Q

SPF?

A

Sender Policy Framework

  • Email authentication technique which is used to prevent spammers from sending messages on behalf of your domain.
140
Q

SPIM?

A

Spam Over Internet Messaging

141
Q

SQL?

A

Structured Query Language

  • SQL is used to communicate with SQL databases in order to create, read, update or delte data.
142
Q

SQLi?

A

Structured Query Language Injection

  • Type of web-based attack that target SQL databases to either extra data, instert data, modify database settings, or in extreme cases - take control of the host server.
143
Q

SRTP?

A

Secure Real-Time Protocol

  • Provides encryption, message authentication and integrity, and replay attack protection to the RTP data.
144
Q

SSD?

A

Solid State Drive

  • Physical storage device comparable to hard drives but that uses different technology
145
Q

SSH?

A

Secure Shell

  • TCP/UDP
  • PORT 22
  • Secure Shell (SSH)
  • Secure Copy (SCP)
  • Secure File Transfer Protocol (SFTP)
  • Used to remotely administer Network devices and systems
146
Q

SSL?

A

Secure Sockets Layer

147
Q

SSO?

A

Single-Sign On

148
Q

STIX?

A

Structured Threat Information eXchange

  • XML Structured Language for sharing threat intelligence
  • Like TAXII, STIX is a community-driven project.
149
Q

STP?

A

Shielded Twisted Pair

150
Q

SWG?

A

Secure Web Gateway

  • Protects users from web-based threats and applies and enforces corporate acceptable use policies.
  • instead of connecting directly to a website, the user accesses the SWG, which then connects the user to the desired website.
  • This helps with URL filtering, web visibility, malicious content inspection, web access controls, and more.
151
Q

TACACS+?

A

Terminal Access Controller Access Control System

  • TCP/UDP
  • PORT 49
  • Authentication protocol used for remote communication with any server in a UNIX Network or terminals.
  • Uses allow/deny mechanisms with auth keys that correspond to usernames and passwords
  • Primarily used for device administration, but can technically be used for some Network management
  • Encrypts the entire packet
  • Separates authentication and authorization
152
Q

TAXII?

A

Trusted Automation eXchange of Indicator Information

  • Aims to enable robust, secure, and high-volume exchanges of Cyber threat information.
153
Q

TCP/IP?

A

Transmission Control Protocol/Internet Protocol

154
Q

TFTP?

A

Trivial File Transfer Protocol

  • UDP
  • PORT 69
  • Used as a simplified (dirty) version of FTP (File Transfer Protocol) to put a file on a Remote Host or get a file from a Remote Host.
155
Q

TGT?

A

Ticket Granting Ticket

  • Files created by the Key Distribution Center (KDC) portion of the Kerberos authentication protocol.
  • Used to grant users access to Network resources.
  • Once the user has the TGT, they use it to obtain a service ticket from the Ticket Granting Service (TGS) at which point the user is granted access.
156
Q

TKIP?

A

Temporal Key Integrity Protocol

  • Security protocol used in IEEE 802.11 wireless networking standard
157
Q

TLS?

A

Transport Layer Security

  • Successor of deprecated SSL
  • Provides Secure communications.
158
Q

TOTP?

A

Time-based One Time Password

  • String of dynamic digits of code who change values based on time.
  • Used for MFA (Multifactor Authentication)
159
Q

TPM?

A

Trusted Platform Module

  • Dedicated microcontroller/chip designed to secure hardware with integrated crypto keys.
160
Q

TSIG?

A

Transaction Signature

  • Computer-Network protocol, primarily enables DNS to authenticate updates to a DNS database.
161
Q

TTP?

A

Tactics, Techniques, and Procedures

  • Behaviors, methods, tools, and strategies that cyber threat actors and hackers use to plan and execute cyber attacks on business Networks.
162
Q

UAT?

A

User Acceptance Training

  • Last phase of the software testing process
  • Actual software users test the software to make sure it can handle necessary, real-world tasks and scenarios, according to specifications
  • AKA User Acceptibility Testing or End-User Testing
163
Q

UAV?

A

Unmanned Aerial Vehicle

164
Q

UDP?

A

User Datagram Protocol

  • Connectionless
165
Q

UEFI?

A

Unified Extensible Firmware Interface

  • Specification that defines a software interface betwen an OS and platform firmware
  • Replaces the legacy BIOS firmware interaface, but provides legacy BIOS services
  • UEFI can support remote diagnostics and repair of computers, even if no OS is installed.
166
Q

UEM?

A

Unified Endpoint Management

  • Allows you to manage, secure, and deploy resources and apps on any device from a single console
  • Goes beyond just MDM since it can also control PCs, or IoT devices, for example.
167
Q

UPS?

A

Uninterruptable Power Supply

  • Provides an emergency power to a load in the event of power failure.
168
Q

URI?

A

Uniform Resource Identifier

  • Identifier for a specific resource.
169
Q

URL?

A

Universal Resource Locator

  • All URLs are URIs but not all URIs are URLs
  • If the protocol (http, https, ftp, etc) is present or implied, then it’s a URL.
170
Q

USB?

A

Universal Serial Bus

171
Q

USB OTG?

A

USB On The Go

  • Allows USB devices to act as a host, allowing other USB devices to attack to them.
  • Those devices can then switch back and fourth between the roles of host and device
  • For example, a phone may read from the removal media as the host, but then act as a mass storage device.
172
Q

UTM?

A

Unified Threat Management

  • When a single hardware or software provides multiple security functions.
  • This is in contrast of having individual solutions for each security function.
173
Q

UTP?

A

Unshielded Twisted Pair

174
Q

VBA?

A

Visual Basic

  • Event-driven programming language from Microsoft
175
Q

VDE?

A

Virtual Desktop Environment

176
Q

VDI?

A

Virtual Desktop Infrastructure

  • When the desktop and application software is separated from the hardware.
177
Q

VLAN?

A

Virtual Local Area Network

  • A partitioned and isolated part of a LAN created with Logic (Not physical Separation)
178
Q

VLSM?

A

Variable Length Subnet Masking

  • Design where subnets can have varying sizes.
179
Q

VM?

A

Virtual Machine

180
Q

VNC?

A

Virtual Network Computing

  • TCP
  • PORT 5900
  • Cross-platform version of Remote Desktop Protocol (RDP) for remote user GUI access.
181
Q

VoIP?

A

Voice over Internet Protocol

  • Voice Communications over Internet Protocol N etworks.
182
Q

VPC?

A

Virtual Private Cloud

  • On demand pool of shared resources in a public cloud environment.
  • Provides isolation between organization and resources.
  • Lets you essentiall carve out a piece of the public cloud to host your private resources.
183
Q

VPN?

A

Virtaul Private Network

  • Encrypted conection over the Internet from a device to a Network
  • Helps ensure that you can communicate with remote systems securely and prevents eavesdropping on the traffic.
184
Q

VTC?

A

Video Teleconferencing

185
Q

WAF?

A

Web Application Firewall

186
Q

WAP?

A

Wireless Access Point

  • Allows other wifi devices to connect to a wired network

Wireless Application Protocol

187
Q

WEP?

A

Wired Equivalent Privacy

  • Security protocol that used to be used until it was found that it was inadequate.
188
Q

WIDS?

A

Wireless Intrusion Detection System

  • Can DETECT the presence of unauthorized access points and create alerts.
  • They can also identify Network break-in attempts.
189
Q

WIPS?

A

Wireless Intrusion Prevention System

  • Can Detect the presence of unauthorized access points and automatically TAKE ACTION such as quarantining devices or kicking them off Networks.
  • DETECTS and ACTS
190
Q

WORM?

A

Write Once Read Many

  • Data storage device where information, once written, can’t be modified
  • Great to ensure that data doesn’t get tampered with.
191
Q

WPA?

A

WIFI Protected Access

  • Designed to be MORE secure than WEP
  • WPA vs WPA2
  • WPA uses TKIP
  • WPA2 can use TKIP or AES, AES is preferred.
192
Q

WPS?

A

WIFI Protected Setup

  • Flawed security mechanism used for Routers - can be Brute Forced easily.
  • Not very protected at all…
193
Q

WTLS?

A

Wireless Transport Layer Security

  • Security level for WAP (Wireless Application Protocol) apps
194
Q

XaaS?

A

Anything as a Service

  • Term used to describe anything that can be used or sold as a service.
  • For example, you can have Database as a Service (DaaS), Authentication as a Service (AaaS), etc…
195
Q

XML?

A

Extensible Markup Language

196
Q

XOR?

A

Exclusive Or

  • Logical operator that returns true (represented by a 1) if its arguments are different (IE: One argument is 0 and the other is 1)
  • If the arguments are the same, then XOR returns a 0
197
Q

XSRF?

A

Cross-Site Request Forgery

  • Same as CSRF
198
Q

XSS?

A

Cross-Site Scripting

199
Q

X.509?

A
  • Standard defining the format of public-key certificates.
200
Q

802.1X?

A
  • Network authentication protocol.
  • Defines the standards for using EAP to authenticate clients through authenticators (Router, Switch, Network Devices) using an authentication server (Such as RADIUS)
  • Devices/Users connecting need to provide credentials and prove their identity to get access to the Network.
  • Usually authenticated by Active Directory (AD), RADIUS.