SY0-701 : Objective 1.0

Question 1

NIPS

Answer 1

Network Intrusion Prevention Systems (NIP)
- a combination of hardware and software that protects computer networks from malicious activity and unauthorized access

Question 2

IDS

Answer 2

Intrusion Detection System (IDS)
- a cybersecurity solution designed to identify and generate alerts regarding potential intrusions

Question 3

SIEM

Answer 3

Security Information and Event Management (SIEM)
- a security management system that helps organizations identify, analyze, and respond to security threats

Question 4

NAC

Answer 4

Network Access Control (NAC)
- a security solution that enforces policy on devices that access networks to increase network visibility and reduce risk

Question 5

DLP

Answer 5

Data Loss Protection (DLP)
- a cybersecurity solution that helps organizations detect and prevent data breaches and leaks

Question 6

CIA

Answer 6

Confidentiality, Integrity, Availability (CIA)

Question 7

AAA

Answer 7

Authentication, Authorization, and Accounting (AAA)

Question 8

PKI

Answer 8

Public Key Infrastructure (PKI)
- refers to tools used to create and manage public keys for encryption, it is used to create, distribute, manage, store, and revoke digital certificates

Question 9

CA

Answer 9

Certificate Authority (CA)
- a trusted entity that issues Secure Sockets Layer (SSL) certificates

Question 10

RA

Answer 10

Registration Authority (RA)
- an authority in a network that verifies user requests for a digital certificate and tells the certificate authority (CA) to issue it

Question 11

CRL

Answer 11

Certification Revocation List (CRL)
- a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date

Question 12

OCSP

Answer 12

Online Certificate Status Protocol (OCSP)
- an alternative to the certificate revocation list (CRL) and is used to check whether a digital certificate is valid or if it has been revoked

Question 13

CSR

Answer 13

Certificate Signing Request (CSR)
- a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA)

Question 14

WAF

Answer 14

Web Application Firewall (WAF)
- helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet

Question 15

AES

Answer 15

Advanced Encryption Standard (AES)

Question 16

RSA

Answer 16

Rivest, Shamir, & Adleman (RSA)

Question 17

DSA

Answer 17

Digital Signature Algorithm (DSA)
- a FIPS (Federal Information Processing Standard) and public-key cryptosystem that’s used for digital signatures

Question 18

PKCS

Answer 18

Public Key Cryptographic Standards (PKCS)
- a set of protocols that help ensure secure information exchange over the internet

Question 19

TLS

Answer 19

Transport Layer Security (TLS)
- a cryptographic protocol that protects data sent over the internet by encrypting the connection between a client and a server

Question 20

MAC

Answer 20

Message Authentication Code (MAC)
- a cryptographic technique used to verify the authenticity and integrity of a message

Question 21

TPM

Answer 21

Trusted Platform Module (TPM)
- a specialized chip on a laptop or desktop computer that is designed to secure hardware with integrated cryptographic keys

Question 22

HSM

Answer 22

Hardware Security Modules (HSM)
- are hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates

Question 23

SHA

Answer 23

Secure Hashing Algorithm (SHA)
- a modified version of MD5 and used for hashing data and certificates

Question 24

OID

Answer 24

Object Identifier (OID)
- a unique number that identifies a specific object or attribute in a directory

Question 25

EFS

Answer 25

Encrypted File System (EFS)
- a Windows feature that encrypts files and folders to protect them from unauthorized access

Question 26

SAN

Answer 26

Subject Alternative Name (SAN)
- a field in an X.509 certificate that allows multiple hostnames to be associated with a single public key

Question 27

CVE

Answer 27

Common Vulnerabilities and Exposures (CVE)
- a list of publicly known cybersecurity vulnerabilities that affect software, hardware, and firmware

Question 28

PEM

Answer 28

Privacy Enhanced Email (PEM)
- a set of standards that define how to secure emails and other data using encryption, digital signatures, and certificates

Question 29

SAML

Answer 29

Security Assertion Markup Language (SAML)
- open federation standard that allows an identity provider (IdP) to authenticate users and then pass an authentication token to another application known as a service provider (SP)

Question 30

RADIUS

Answer 30

Remote Authentication Dial-In User Service (RADIUS)
- client-server protocol enables remote access servers to communicate with a central server

Question 31

SSL

Answer 31

Secure Socket Layer (SSL)

Question 32

EAP

Answer 32

Extensible Authentication Protocol (EAP)
- an authentication framework that allows for the use of different authentication methods for secure network access technologies