SG 1 - Study Notecards

Question 1

What is XSS?

Answer 1

Cross-site scripting - used to inject scripts into a web page displayed in a user’s browser

Question 2

What is AES?

Answer 2

Advanced Encryption Standard

current NIST-approved encryption standard

Question 3

What is a threat actor?

Answer 3

An entity likely to cause damage or loss to an Org

Question 4

What is DNS?

Answer 4

Domain Name System

used to resolve hostnames to IP addresses and vice versa, also obtains other info associated with a domain

Question 5

What is a firewall?

Answer 5

System or software that allows blocking, rejecting, or allowing network traffic

Question 6

What is SQL

Answer 6

Structured Query Language

used to programmatically interact with relational databases

Question 7

What are microservices?

Answer 7

application functions that are separated out from a larger application, often placed in virtualized environment like containers

Question 8

What is a subnet mask?

Answer 8

A 4 octet value indicating which part of an IP address is network and which is host

Question 9

What is n-tier architecture?

Answer 9

Multiple tiers of systems /. functions used in application delivery

Question 10

What is the OSI Model?

Answer 10

7 layer model describing functions of communications systems

Question 11

What is TCP / IP ?

Answer 11

A 4-layer architecture of communications protocols

Question 12

What is risk?

Answer 12

The measurable potential (probability) for loss or damage

Question 13

What is CIDR?

Answer 13

Classless Inter-Domain Routing

The number of bits covering the network protion of the IP address

Question 14

What is an SIEM?

Answer 14

Security Info and Event Management

Question 15

What is XML external entity injection?

Answer 15

Injecting XML into a web request to obtain info or run system programs