Security+ Set A

Question 1

AAA (Authentication, Authorization, Accounting)

Answer 1

security concept where a centralized platform verifies subject identification, ensures subject is assigned permissions, and then logs these actions to create an audit trail.

Question 2

ABAC (attribute-based access control)

Answer 2

an access control technique that evaluates a set of attributes that each subject possesses to determine if access should be granted.

Question 3

ACL (Access Control List)

Answer 3

A collection of access control entries (ACEs) that determines which subjects are allowed or denied access to the object and the privileges given.

Question 4

AES (Advanced Encryption Standard)

Answer 4

A symmetric 128-, 192-, 256-bit block cipher based on the Rijndael algorithm developed by Belgian cryptographers Joan Daemen and Vincent Rijmen and adopted by the U.S. government as its encryption standard to replace DES.

Question 5

AH (Authentication header)

Answer 5

An IPSec protocol that provides authentication for the origin of transmitted data as well as integrity and protection against replay attacks.

Question 6

AIS (automated indicator sharing)

Answer 6

threat intelligence data feed operated by the DHS.

Question 7

ALE (annual loss expectancy)

Answer 7

the total cost of a risk to an organization on an annual basis. This is determined by multiplying the SLE by the annual rate of occurrence (ARO).

Question 8

AP (access point)

Answer 8

A device that provides a connection between wireless devices and can connect to wired networks. Also known as wireless access point or WAP.

Question 9

API (application programming interface)

Answer 9

A library of programming utilities used, for example, to enable software developers to access functions of the TCP/IP network stack under a particular operating system.

Question 10

APT (advanced persistent threat)

Answer 10

an attacker’s ability to obtain, maintain, and diversify access to network systems using exploits and malware.

Question 11

ARO (annual rate of occurrence)

Answer 11

in risk calculation, an expression of the probability/likelihood of a risk as the number of times per year a particular loss is expected to occur.

Question 12

ARP inspection

Answer 12

an optional security feature of a switch that prevents excessive ARP replies from flooding a network segment.

Question 13

ARP poisoning (ARP spoofing)

Answer 13

network based attack where an attacker with access to the target local network segment redirects an IP address to the MAC address of a computer that is not the intended recipient. This can be used to perform a variety of attacks, including DoS, spoofing, and Man-in-the-Middle.

Question 14

ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge)

Answer 14

a knowledge base maintained by the MITRE corporation for listing and explaining specific adversary tactics, techniques, and procedures.

Question 15

Agile model (Agile)

Answer 15

A software development model that focuses on iterative and incremental development to account for evolving requirements and expectations.

Question 16

Arduino

Answer 16

Open-source platform producing programmable circuit boards for education and industrial prototyping.

Question 17

Autopsy

Answer 17

The Sleuth Kit is an open source collection of command line and programming libraries for disk imaging and file analysis. Autopsy is a graphical frontend for these tools and also provides a case managemgent/workflow tool. Also known as Sleuth Kit.

Question 18

account policies

Answer 18

set of rules governing user security information, such as password expiration and uniqueness, which can be set globally.

Question 19

active defense

Answer 19

the practice of responding to a threat by destroying or deceiving a threat actor’s capabilities.

Question 20

Adversarial AI

Answer 20

Using AI to identify vulnerabilities and attack vectors to circumvent security systems.

Question 21

air gap

Answer 21

type of network isolation that physically separates a network from all other networks.

Question 22

application aware firewall

Answer 22

A layer 7 firewall technology that inspects packets at the application layer of the OSI model.

Question 23

application firewall

Answer 23

software designed to run on a server to protect a particular application such as a web server or SQL server.

Question 24

asymmetric algorithm (Public Key)

Answer 24

a cipher that uses public and private keys. The keys are mathematically linked, using either Rivel, Shamir, Adleman (RSA) or elliptic curve cryptography (ECC) algorithms, but the private key is not derivable from the public one. An asymmetric key cannot reverse the operation it performs, so the public key cannot decrypt what it has encrypted. Also known as ECC.

Question 25

attack surface

Answer 25

the points at which a network or application receives external connections or inputs/outputs that are potential vectors to be exploited by a threat actor.

Question 26

attack vector

Answer 26

a specific path by which a threat actor gains unauthorized access to a system. Also known as vector.

Question 27

authenticator

Answer 27

a PNAC switch or router that activates EAPoL and passes a supplicant’s authentication data to an authenticating server, such as a RADIUS server.

Question 28

automation

Answer 28

using scripts and APIs to provision and deprovision systems without manual intervention.

Question 29

availability

Answer 29

the fundamental security goal of ensuring that computer systems operate continuously and that authorized persons can access data that they need.