Abbreviations

Question 2

Open Shortest Path First/OSPF

Answer 2

a link‑state interior routing protocol that builds a full network topology map and computes the shortest‑path routes using Dijkstra’s algorithm.

Question 3

Operational Technology/OT

Answer 3

hardware and software that monitor or control physical devices, processes, and industrial infrastructure (e.g., SCADA, PLCs).

Question 4

Over the Air/OTA

Answer 4

wireless delivery of software updates, configuration changes, or data to devices (cellular, Wi‑Fi, Bluetooth, satellite, etc.).

Question 5

Open Vulnerability Assessment Language/OVAL

Answer 5

an XML‑based, community‑driven standard for encoding system configuration, patch, and vulnerability information for automated security testing.

Question 6

PKCS #12/P12

Answer 6

a binary container format that stores a private key together with its associated X.509 certificate chain, usually protected by a password.

Question 7

Peer to Peer/P2P

Answer 7

a decentralized network architecture where each node can act as both client and server, sharing resources directly with other peers.

Question 8

Platform as a Service/PaaS

Answer 8

a cloud service model that provides a managed runtime environment, development tools, and infrastructure so developers can deploy applications without managing servers or OS layers.

Question 9

Proxy Auto Configuration/PAC

Answer 9

a JavaScript file (proxy.pac) that browsers evaluate to determine dynamically which HTTP/HTTPS proxy to use for each requested URL.

Question 10

Privileged Access Management/PAM (Privileged Access Management)

Answer 10

a set of policies, processes, and technologies that control, monitor, and audit the use of privileged accounts (admin, root, service accounts).

Question 11

Pluggable Authentication Modules/PAM (Pluggable Authentication Modules)

Answer 11

a modular authentication framework (primarily on Linux/Unix) that stacks and configures multiple authentication methods (e.g., pam_unix, pam_ldap).

Question 12

Password Authentication Protocol/PAP

Answer 12

a simple, clear‑text authentication method used in PPP and early Wi‑Fi that transmits usernames and passwords without encryption.

Question 13

Port Address Translation/PAT

Answer 13

a variant of NAT that maps many private IP addresses to a single public IP address, distinguishing flows by using different source ports.

Question 14

Password‑Based Key Derivation Function 2/PBKDF2

Answer 14

a key‑stretching algorithm that repeatedly applies a pseudorandom function (e.g., HMAC‑SHA‑256) to a password and salt to produce a derived cryptographic key.

Question 15

Private Branch Exchange/PBX

Answer 15

an on‑premises telephone switching system that routes internal calls and connects to the public PSTN or VoIP networks.

Question 16

Packet Capture/PCAP

Answer 16

a file format (commonly .pcap) that stores raw network packets captured by tools such as Wireshark or tcpdump for later analysis.

Question 17

Payment Card Industry Data Security Standard/PCI DSS

Answer 17

a set of 12 high‑level requirements (with many sub‑requirements) that organizations handling cardholder data must implement to protect that data.

Question 18

Power Distribution Unit/PDU

Answer 18

a rack‑mounted hardware device that distributes electrical power to multiple outlets and may provide monitoring, switching, or metering functions.

Question 19

Protected Extensible Authentication Protocol/PEAP

Answer 19

an EAP method that tunnels a second‑factor authentication (e.g., MS‑CHAP v2) inside a TLS‑protected channel, providing mutual authentication without exposing credentials.

Question 20

Personal Electronic Device/PED

Answer 20

any handheld or portable electronic gadget owned or used by an individual (smartphone, tablet, laptop, wearable, etc.).

Question 21

Privacy Enhanced Mail/PEM

Answer 21

a text‑based encoding (Base64 with header/footer) for representing cryptographic objects such as X.509 certificates, private keys, or CSRs.

Question 22

Perfect Forward Secrecy/PFS

Answer 22

a property of key‑exchange protocols (e.g., Diffie‑Hellman, ECDHE) whereby compromise of long‑term private keys does not enable decryption of past encrypted sessions.

Question 23

Pretty Good Privacy/PGP

Answer 23

an encryption program and open standard (OpenPGP) that provides end‑to‑end confidentiality, integrity, and authentication using a hybrid of symmetric and asymmetric cryptography.

Question 24

Personal Health Information/PHI

Answer 24

any individually identifiable health information protected under regulations such as HIPAA (medical records, treatment details, lab results).

Question 25

Personally Identifiable Information/PII

Answer 25

any data that can be used to uniquely identify, contact, or locate a specific individual (name, SSN, biometric data, etc.).

Question 26

Personal Identity Verification/PIV

Answer 26

a U.S. federal government smart‑card standard (NIST 800‑78) that provides strong, multifactor authentication for federal employees and contractors.

Question 27

Public Key Cryptography Standards/PKCS

Answer 27

a family of RSA‑originated specifications (e.g., PKCS #1, #7, #12) that define formats and protocols for public‑key encryption, signatures, and key management.

Question 28

Public Key Infrastructure/PKI

Answer 28

a set of policies, procedures, hardware, software, and standards that enable creation, management, distribution, use, storage, and revocation of digital certificates and public‑key encryption.

Question 29

Post Office Protocol/POP

Answer 29

an application‑layer protocol (most commonly POP3) used by email clients to retrieve messages from a mail server, typically deleting them from the server after download.

Question 30

Plain Old Telephone Service/POTS

Answer 30

the traditional analog voice‑only telephone service delivered over the public switched telephone network (circuit‑switched PSTN).

Question 31

Point-to-Point Protocol/PPP

Answer 31

a data link layer protocol used to encapsulate network layer packets over direct serial links (e.g., dial‑up, PPPoE) and provide authentication, compression, and error detection.

Question 32

Point-to-Point Tunneling Protocol/PPTP

Answer 32

a legacy VPN protocol that encapsulates PPP frames inside GRE tunnels and encrypts them with MPPE; widely considered insecure today.

Question 33

Pre‑shared Key/PSK

Answer 33

a symmetric secret (password or passphrase) configured in advance on both ends of a secure communication channel (e.g., Wi‑Fi WPA‑PSK).

Question 34

Pan‑tilt‑zoom/PTZ

Answer 34

a type of camera that can be remotely rotated horizontally (pan), vertically (tilt), and optically magnified (zoom) for flexible surveillance coverage.

Question 35

Potentially Unwanted Program/PUP

Answer 35

software that, while not outright malicious, exhibits unwanted behavior such as ad injection, unwanted toolbars, or excessive data collection.

Question 36

Recovery Agent/RA

Answer 36

an entity (person or service) authorized to recover encrypted data (e.g., a Data Recovery Agent for EFS) when the original key is unavailable.

Question 37

Registration Authority/RA

Answer 37

a trusted entity that validates identities and issues digital certificates on behalf of a Certificate Authority (CA).

Question 38

RACE (Research and Development in Advanced Communications Technologies in Europe)/RACE

Answer 38

a former European Union research program (early 1990s) that funded projects on advanced telecommunications and networking technologies.

Question 39

Rapid Application Development/RAD

Answer 39

a software development approach that emphasizes quick prototyping, iterative feedback, and minimal planning to accelerate delivery of functional applications.

Question 40

Remote Authentication Dial‑in User Service/RADIUS

Answer 40

a client‑server protocol that provides centralized authentication, authorization, and accounting (AAA) for network access (e.g., Wi‑Fi, VPN).

Question 41

Redundant Array of Inexpensive Disks/RAID

Answer 41

a storage virtualization technology that combines multiple physical disks into logical units to improve performance, fault tolerance, or both.

Question 42

Remote Access Server/RAS

Answer 42

a server (often a VPN concentrator or dial‑in server) that provides remote users with access to an internal network.

Question 43

Remote Access Trojan/RAT

Answer 43

malware that creates a backdoor on a compromised host, allowing an attacker to control the system remotely and exfiltrate data.

Question 44

Role‑based Access Control/RBAC

Answer 44

an authorization model that assigns permissions to roles rather than individuals; users acquire privileges by being assigned to roles.

Question 45

Rule‑based Access Control/RBAC

Answer 45

an access‑control model that grants or denies access based on a set of predefined rules or policies (often expressed as if‑then statements).

Question 46

Rivest Cipher version 4/RC4

Answer 46

a stream cipher designed by Ron Rivest, historically used in TLS and WEP but now considered insecure due to biased outputs.

Question 47

Remote Desktop Protocol/RDP

Answer 47

Microsoft’s proprietary protocol for providing graphical remote‑desktop access to Windows computers over a network.

Question 48

Radio‑Frequency Identification/RFID

Answer 48

a technology that uses radio waves to automatically identify and track tags attached to objects, animals, or people.

Question 49

RACE Integrity Primitives Evaluation Message Digest/RIPEMD

Answer 49

a family of cryptographic hash functions (RIPEMD‑128, RIPEMD‑160, etc.) developed under the RACE project.

Question 50

Return on Investment/ROI

Answer 50

a financial metric that evaluates the efficiency or profitability of an investment, calculated as (gain – cost) / cost.

Question 51

Recovery Point Objective/RPO

Answer 51

the maximum tolerable amount of data loss measured in time; it defines how far back in time a system must be restored after a disruption.

Question 52

Rivest, Shamir, & Adleman/RSA

Answer 52

a widely used public‑key cryptosystem for encryption, digital signatures, and key exchange, based on the mathematical difficulty of factoring large integers.

Question 53

Remotely Triggered Black Hole/RTBH

Answer 53

a network‑traffic‑filtering technique in which a router is instructed (often via BGP) to drop traffic destined for a specific IP prefix, effectively null‑routing malicious traffic.

Question 54

Recovery Time Objective/RTO

Answer 54

the maximum acceptable length of time that a business process or IT service can be unavailable after a disruption before causing unacceptable impact.

Question 55

Real‑time Operating System/RTOS

Answer 55

an operating system designed to process data and respond to events within strict timing constraints, guaranteeing deterministic behavior.

Question 56

Real‑time Transport Protocol/RTP

Answer 56

a network protocol that delivers audio and video over IP networks with minimal latency, typically used with VoIP and streaming media.

Question 57

Secure/Multipurpose Internet Mail Extensions/S‑MIME

Answer 57

an IETF standard for encrypting and digitally signing MIME‑encoded email messages, providing confidentiality and authentication.

Question 58

Software as a Service/SaaS

Answer 58

a cloud‑delivery model in which applications are hosted by a provider and accessed by customers over the Internet, with the provider managing the underlying infrastructure.

Question 59

Simultaneous Authentication of Equals/SAE

Answer 59

the password‑authenticated key‑exchange (PAKE) used in WPA3 for mutual authentication and forward secrecy between Wi‑Fi stations and access points.

Question 60

Security Assertions Markup Language/SAML

Answer 60

an XML‑based framework for exchanging authentication and authorization assertions between an identity provider and a service provider (single sign‑on).

Question 61

Storage Area Network/SAN

Answer 61

a dedicated high‑speed network (usually Fibre Channel or iSCSI) that provides block‑level storage access to servers, appearing as locally attached disks.

Question 62

Subject Alternative Name/SAN

Answer 62

an X.509 certificate extension that allows a single certificate to secure multiple domain names, IP addresses, or other identifiers.

Question 63

Secure Access Service Edge/SASE

Answer 63

a network architecture that converges cloud‑delivered wide‑area networking (SD‑WAN) with security services (firewall‑as‑a‑service, CASB, ZTNA) at the edge.

Question 64

Supervisory Control and Data Acquisition/SCADA

Answer 64

a control‑system architecture used in industrial, utility, and infrastructure environments to monitor and control remote equipment.

Question 65

Security Content Automation Protocol/SCAP

Answer 65

a suite of specifications (including CVE, CPE, CVSS, XCCDF, OVAL) that standardizes the format and exchange of security configuration and vulnerability data.

Question 66

Simple Certificate Enrollment Protocol/SCEP

Answer 66

an automated protocol that allows network devices to request and obtain X.509 certificates from a Certificate Authority.Software‑defined Wide Area Network/SD‑WAN

Question 67

Software Development Kit/SDK

Answer 67

a collection of tools, libraries, documentation, and sample code that enables developers to create applications for a specific platform or service.

Question 68

Software Development Lifecycle/SDLC

Answer 68

the structured process of planning, creating, testing, and maintaining software, encompassing phases such as requirements, design, implementation, verification, and maintenance.Software Development Lifecycle Methodology/SDLM