SY0-701 : Objective 3.0 Flashcards
RPO
Recovery Point Objective (RPO)
- represents the maximum acceptable amount of data loss measured in time
- if an organization has a RPO of 4 hours, it means the business can tolerate a data loss of up to 4 hours
RTO
Recovery Time Objective (RTO)
- represents the maximum acceptable length of time the can elapse before the lack of a business function severely impacts the organization
MTBF
Mean Time Between Failure (MTBF)
- the average time between repairable failures of a technology product
SCADA
Supervisory Control and Data Acquisition (SCADA)
- a computerized system that monitors and controls industrial processes
ICS
Industrial Control System (ICS)
- involves the strategies and practices to safeguard the critical infrastructure and operational technology (OT) systems employed in several industries, such as manufacturing, energy, and transportation
IoT
Internet of Things (IoT)
FDE
Full Disk Encryption (FDE)
SDN
Software-defined Networking (SDN)
- an architecture that abstracts different, distinguishable layers of a network to make networks agile and flexible
IaC
Infrastructure as Code (IaC)
- modern approach to IT infrastructure management that involves the automating the provisioning and management of computing resources through machine readable definition files or scripts
- process that automates the provisioning and management of cloud resources
RTOS
Real-time Operating System (RTOS)
- a software system that manages tasks in real-time systems that have strict timing constraints
PDU
Power Distribution Unit (PDU)
- device that manages the power supply for computer networks, data centers, and other industrial environments
PPTP
Point-to-Point Tunneling Protocol (PPTP)
- a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks
IPSec
Internet Protocol Security (IPSec)
- protocol suite used to secure IP communications by authenticating and encrypting each IP packet in data stream
UPS
Uninterruptable Power Supply (UPS)
EAP
Extensible Authentication Protocol (EAP)
- an authentication framework that allows for the use of different authentication methods for secure network access technologies
- provides common functions and negotiation of authentication protocols and is used in wireless networks and point-to-point connections
PEAP
Protected Extensible Authentication Protocol (PEAP)
- provides a method to transport securely authentication data, including legacy password-based protocols, via 802.11 Wi-Fi networks
EAP-TTLS
Extensible Authentication Protocol-Tunnel Transport Layer Security (EAP-TTLS)
- authentication protocol that extends TLS support across multiple platforms
LEAP
Lightweight Extensible Authentication Protocol (LEAP)
- a proprietary wireless LAN authentication method developed by Cisco Systems
PSK
Pre-shared Key (PSK)
- a string of characters used for authentication and encryption in wireless networks and Virtual Private Networks (VPNs)
IKE
Internet Key Exchange (IKE)
- a secure key management protocol that is used to set up a secure, authenticated communications channel between two devices
ICMP
Internet Control Message Protocol (ICMP)
- a protocol that devices within a network use to communicate problems with data transmission
AH
Authentication Header (AH)
- A deprecated IPsec security protocol that provides integrity protection (but not confidentiality) for packet headers and data
UTM
Unified Threat Management (UTM)
- an information security term that refers to a single security solution, and usually a single security appliance, that provides multiple security functions at a single point on the network
CHAP
Challenge Handshake Authentication Protocol (CHAP)
- a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user
PPP
Point-to-Point Protocol (PPP)
- a data link layer (layer 2) communication protocol between two routers directly without any host or any other networking in between
SPF
Sender Policy Framework (SPF)
- email authentication method designed to prevent forging sender addresses during email delivery
DKIM
Domain Key Identified Mail (DKIM)
- allows the receiver to check if the email was actually sent by the domain it claims to be sent from and if the content was tampered with during transit
DMARC
Domain-based Message Authentication Reporting & Conformance (DMARC)
- an email authentication, policy, and reporting protocol, helps to prevent email spoofing and phishing
S/MIME
Secure/Multipurpose Internet Mail Extensions (S/MIME)
- an email encryption and signing industry standard widely used by corporations to enhance email security
NGFW
Next-generation Firewall (NGFW)
- are deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall
SASE
Secure Access Service Edge (SASE)
- an architecture that delivers converged network and security as a service capabilities including SD-WAN and cloud native security functions such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access
SD-WAN
Software-defined Wide Area Network (SD-WAN)
- virtual WAN architecture that allows enterprises to leverage any combination of transport services — including MPLS, LTE and broadband internet services — to securely connect users to applications
COOP
Continuity of Operation Planning (COOP)
- A predetermined set of instructions or procedures that describe how an organization’s mission essential functions will be sustained within 12 hours and for up to 30 days as a result of a disaster event before returning to normal operations
PCI DSS
Payment Card Industry Data Security Standard (PCI DSS)
GDPR
General Data Protection Regulation (GDPR)
ESP
Encapsulated Security Payload (ESP)
- which is a protocol that encrypts and authenticates data packets between devices, part of the IPSec suite of protocols
HVAC
Heating, Ventilation Air Conditioning (HVAC)
MPLS
Multi-protocol Label Switching (MPLS)
- a networking technology that routes traffic using the shortest path based on “labels,” rather than network addresses, to handle forwarding over private wide area networks, but it doesn’t have encryption by default
HA
High Availability (HA)
Role BAC
Role-based Access Control (Role BAC)
- a cybersecurity method that limits access to systems and networks based on a user’s role within an organization
DAC
Discretionary Access Control (DAC)
- a cybersecurity model that gives the owner of a resource control over who can access it
MAC
Mandatory Access Control (MAC)
- a cybersecurity model that restricts access to system resources based on a user’s authorization level and the sensitivity of the information
Rule BAC
Rule-based Access Control (Rule BAC)
- a system that uses pre-defined rules to determine if a user has access to network resources.
NAT
Network Address Translation (NAT)
- a routing technique that allows private IP networks to connect to the internet by translating private IP addresses to public IP addresses
L2TP
Layer 2 Tunneling Protocol (L2TP)
- an extension of the Point-to-Point Tunneling Protocol (PPTP) used by internet service providers (ISPs) to enable virtual private networks (VPNs)
RAS
Remote Access Server (RAS)
- a system that allows users to connect to a network remotely, as if they were physically present
TACACS+
Terminal Access Controller Access Control System (TACACS+)
- a network security protocol designed to offer centralized authentication, authorization, and accounting services for remote access servers
PAP
Password Authentication Protocol (PAP)
- a point-to-point protocol (PPP) authentication method that uses passwords to validate users
PFS
Perfect Forward Security (PFS)
- also called forward secrecy (FS), refers to an encryption system that changes the keys used to encrypt and decrypt information frequently and automatically
IRP
Incident Response Plan (IRP)
- a written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.
NTP
Network Time Protocol (NTP)
- an internet protocol used to synchronize with computer clock time sources in a network
MTTF
Mean Time to Failure (MTTF)
MTTR
Mean Time To Repair (MTTR)
- represents the average time required to repair a failed component or system
SMTP
Simple Mail Transfer Protocol (SMTP)
SMTPS
Simple Mail Transfer Protocol Secure (SMTPS)
IaaS
Infrastructure as a Service (IaaS)
