MISC

Question 1

APT

Answer 1

Advanced Persistent Threat

Question 2

Authn

Answer 2

Authentication

Question 3

Authz

Answer 3

Authorization

Question 4

BAS

Answer 4

Breach & Attack Simulation

Question 5

BCP

Answer 5

Business Continuity Plan

Question 6

BEC

Answer 6

Business Email Compromise

Question 7

BGH

Answer 7

Big Game Hunting (BGH) in cybersecurity refers to targeted, sophisticated ransomware attacks against high-value organizations—such as large enterprises, hospitals, and government agencies—for maximum financial gain. These attacks are rarely random, involving reconnaissance to identify critical systems and ensure large ransom payouts.

Question 8

BIA

Answer 8

Business Impact Analysis

Question 9

BSIMM

Answer 9

Building Security in Maturity Model

Question 10

C2

Answer 10

Command & Control

Question 11

CAPTCHA

Answer 11

Completely Automated Public Turing Test to Tell Computers and Humans Apart

Question 12

CIA

Answer 12

Confidentiality, Integrity, Availability

Question 13

CISA

Answer 13

Cybersecurity and Infrastructure Security Agency | Certified Information Systems Auditor

Question 14

CoA

Answer 14

Course of Action

Question 15

CTA

Answer 15

Cyber Threat Intelligence (IAM - Identity & Access Management)

Question 16

IOA

Answer 16

Indicators of Attack

Question 17

IOC

Answer 17

Indicators of Compromise

Question 18

MALOPS

Answer 18

Malicious Operations

Question 19

MTTR

Answer 19

Mean Time to Resolve

Question 20

PAM

Answer 20

Privileged Access Management

Question 21

RBAC

Answer 21

Role Based Access Control

Question 22

RBOM

Answer 22

Runtime Bill of Materials

Question 23

SBOM

Answer 23

Software Bill of Materials

Question 24

SDLC

Answer 24

Software Development Lifecycle

Question 25

SD-WAN

Answer 25

Software Defined Wide Area Network

Question 26

SKU

Answer 26

Stock Keeping Unit (Unique identification that defines an element)

Question 27

SRA

Answer 27

Security Response Automation

Question 28

SSS

Answer 28

Stack Smashing Protector (compilers) SWOT - Strengths, Weaknesses, Opportunities, and Threats (SWOT Analysis)

Question 29

TI

Answer 29

Threat Intelligence

Question 30

TOCTOU

Answer 30

Time-of-check. Time-of-use is a race condition security vulnerability where a program checks a resource's state (e.g., file existence, permissions) but the state changes before the program uses it, allowing attackers to manipulate the system. It is common in file system operations or banking applications.

Question 31

TTP

Answer 31

Tactics, Techniques, and Procedures

Question 32

UAC

Answer 32

User Access Control

Question 33

VAP

Answer 33

Very Attacked Person (VAP) is an employee or user who is highly targeted by cybercriminals, typically identified through a high Proofpoint Attack Index score. Unlike VIPs, VAPs are targeted due to their access to sensitive data, financial authority, or public-facing roles, requiring targeted security measures, such as web isolation, to prevent breaches from phishing or malware.

Question 34

VPN

Answer 34

Virtual Private Network

Question 35

YARA

Answer 35

Yet Another Recursive/Ridiculous Acronym (YARA) is an open-source, widely used pattern-matching tool designed for malware classification and threat identification. Developed by Victor Alvarez of VirusTotal in 2013, it allows security researchers to create rules to detect malicious files based on text or binary string patterns. (There is also YARA - L for logs)