An AES-256 bit key is approximately this much larger than an AES-128 bit key
What is trillions of times bigger?

Explanation: Key sizing options double the binary exponent string value, rather than simply doubling geometric value. This calculation provides an exponentially larger keyspace that is resistant to brute force computing arrays.
This cryptographic primitive produces a fixed-length string of bits from an input plaintext of any variable length, while being mathematically one-way and collision-resistant
What is a hashing algorithm?
Explanation: Hashing routines create an unalterable structural print of a payload called a message digest. The algorithm calculates single string lengths uniquely, meaning checking nodes can confirm data integrity.
This cryptographic architecture utilizes digital certificates to authenticate a client to a remote access gateway before generating an encrypted tunnel to protect user credentials and data
What is a Transport Layer Security (TLS) VPN?

Explanation: A Transport Layer Security (TLS) VPN establishes an encrypted application-level tunnel using a server digital certificate to securely identify the VPN gateway. Once a secure tunnel is established, it can safely pass all network traffic over the secure socket without being constrained by application layer protocol types.
This is the key you use as the sender when you send a secure email generally
What is the recipient's public key?

Explanation: Under public key encryption designs, anyone can encrypt data for an endpoint using its publicly available key. However, only the corresponding, securely held private key can reverse that ciphertext package.
This term is used in cryptography to explicitly define an unencrypted, cleartext message?
What is Plaintext?
Explanation: Plaintext, or cleartext, represents the native raw data payload format before any structural scrambling is applied. Once put through a cipher algorithm, this raw information converts directly into encrypted ciphertext.
A patch management system that eliminates a vulnerability after an exploit occurs is an example of this functional control type
What is Corrective?

Explanation: Corrective controls focus on mitigating impact and fixing systems after a security policy violation is actively detected. Applying software updates resolves the underlying exploit vector to restore operations and prevent reoccurrence.
This mode of IPsec operations encrypts only the payload data while leaving the original IP headers intact, making it ideal for securing host-to-host connections over a private network
What is Transport mode?

Explanation: Transport mode is designed for host-to-host architectures where encrypting or hiding internal routing IP headers is unnecessary. If data confidentiality is required, it utilizes the Encapsulating Security Payload (ESP) to encrypt only the payload data traveling across the private segment.
This property of the CIA Triad ensures that data is stored and transferred as intended and that any modification is authorized
What is Integrity?
Explanation: Integrity guarantees that data remains whole, complete, and uncorrupted during storage or transmission. It relies on mechanisms like cryptographic hashing to verify that unauthorized changes have not occurred.
This key is used when signing a digital signature on a message after creating a message digest
What is the signers' private key?

Explanation: Digital signatures combine asymmetric encryption parameters with specific hashing properties. The sender generates a message digest, then locks it with their unique private key to achieve authentication and non-repudiation.
Corporate security awareness training program is best classified as this category of security control
What is Operational?

Explanation: Operational security controls are those that depend primarily on human actions, execution, and behaviors to maintain defense. Training tracks, education seminars, and security guard daily protocols are classic examples of operational controls.
This protocol allows a browser to check a certificate's real-time status by querying a single certificate per transaction instead of downloading a massive list
What is OCSP Online Certificate Status Protocol?

Explanation: OCSP replaces the need to download large, unwieldy Certificate Revocation Lists. Browsers send a targeted request regarding a single certificate and receive an immediate status response.
When deploying cryptographic protections for data assets, this term defines the state of the data in volatile memory, such as system RAM or CPU registers and cache
What is Data In Use?

Explanation: Data in use identifies files undergoing live system manipulation or process execution. This state is distinct from passive non-volatile system storage (data at rest) or active network line transmission (data in transit).
This specialized hardware cryptoprocessor is implemented as a module within the CPU of a computer or mobile device to generate and securely store keys
What is a TPM Trusted Platform Module?
![]()
Explanation: A TPM provides hardware-rooted security directly from a system motherboard or central processing chip. It runs isolated cryptographic calculations so that private data keys never cross into standard memory space.
This digital certificate standard is specified for Public Key Infrastructure (PKIX)
What is X.509?

Explanation: The standard architecture governing modern certificate file blueprints is X.509. It prescribes exact field formatting to display subjects, public key arrays, and issuer signatures.
This technique injects a unique, random, non-secret value into a password before it is run through a hash function to prevent the use of precomputed hash tables
What is Salting? 
Explanation: Salting modifies user inputs with random data loops to render matching password output values completely distinct. This calculation thwarts attackers by forcing them to rebuild custom hash trees for every separate account.
This specific IPsec security protocol signs the network packet via cryptographic hashing to enforce message authentication and data integrity but does not encrypt the underlying payload data
What is the Authentication Header (AH)?

Explanation: The Authentication Header (AH) performs a cryptographic hash over the entire packet to compute an Integrity Check Value (ICV). Because the payload data is left unencrypted, this protocol provides integrity and authentication without providing confidentiality.
External responsibility for corporate security (such as due care or liability) lies mainly with this group
What are Directors or Owners?

Explanation: Although technical teams implement daily configuration adjustments, legal liability cannot be fully delegated away from corporate ownership. Directors and executive business owners carry the ultimate burden of proof regarding due care and external compliance.
This specialized security business unit features a dedicated team of professionals who monitor and protect critical assets across all corporate operations
What is a SOC Security Operations Center?

Explanation: A SOC operates as a centralized business facility where analysts oversee the continuous defense of digital resources. Because they require significant financing and specialized staff, they are typically found in large corporations.
This file, which the subject generates and submits to a Certificate Authority, is used to request a new digital certificate containing its public key
What is a CSR Certificate Signing Request?
Explanation: A CSR contains essential identity parameters along with the subject's newly created public key. The requesting computer retains its corresponding private key while passing the CSR up for formal signature authorization.
This term is used to describe an adversary’s ability to achieve ongoing compromise of network security to obtain and maintain access over time using a variety of tools
What is APT Advanced Persistent Threat?

Explanation: An APT represents an ongoing stealth operations campaign managed by high-capability, well-funded adversaries. Rather than running sudden transactional hits, an APT works methodically over long horizons to establish a persistent network presence.
Registering lookalike domain names such as gogle.com to deceive users into thinking they are interacting with a trusted brand is known as what
What is Typosquatting?

Explanation: Typosquatting relies on user keyboard errors or visual oversight when reading long electronic links. Attackers secure these slight misspelling mutations (doppelganger domains) to build highly accurate phishing sites.
In a "drop attack," this type of threat vector is used by the malicious actor
What is a USB stick?
Explanation: Drop attacks leverage human curiosity by scattering physical memory hardware across high-traffic shared environments like office parking lots. Malicious actors expect that an employee will connect the device to an internal laptop, inadvertently deploying embedded malware.
This type of threat actor group is primarily motivated by the desire to bring about a change in society or governance
What are Hacktivists?

Explanation: Hacktivists utilize electronic weapons, website service disruptions, and data exfiltration explicitly to advance an ideological or political agenda. Well-known examples include public digital advocacy consortiums like Anonymous or WikiLeaks.
This type of social engineering attack relies on corrupting the way a victim's computer performs Internet name resolution to redirect them to a fake website
What is Pharming?

Explanation: Pharming corrupts network routing infrastructure parameters rather than attempting standard email trickery. The mechanism manipulates host address mappings, invisibly driving traffic away from legitimate domains toward clone destinations.
This specific protocol handles mutual endpoint authentication, negotiates cryptographic ciphers, and manages security associations (SA) between peer devices across its two negotiation phases
What is the Internet Key Exchange (IKE) protocol?
Explanation: The Internet Key Exchange (IKE) protocol acts as the setup engine for IPsec environments by establishing a mutually supported security association between peers. Phase I creates a secure channel via Diffie-Hellman key agreement, and Phase II establishes the exact symmetric ciphers used to encrypt data.
Signs and warnings describing legal penalties against trespass or network intrusion serve as this functional type of control
What is Deterrent?

Explanation: Deterrent controls do not construct physical or electronic logical blocks against data access. Instead, they rely on visible psychological discouragement to alter an attacker's desire to attempt an intrusion.
This process is used to identify how an organization's current security systems deviate from those recommended by a cybersecurity framework
What is Gap Analysis?

Explanation: A gap analysis thoroughly evaluates an organization's existing security configurations against target industry benchmarks. The resulting documentation outlines exactly where missing or poorly configured controls must be remediated.
Brute force cryptanalysis is defined as this
What is trying all possibilities?

Explanation: Brute force approaches attempt to decode scrambled datasets through exhaustive programmatic trial and error. Computers sequentially iterate down the entire structural keyspace matrix until plaintext emerges.
To better support smartphone remote access clients, this updated key exchange protocol introduces native support for user credential checks via EAP alongside multihoming to maintain active tunnels when switching between cellular and Wi-Fi networks.
What is IKEv2?
Explanation: IKEv2 provides a dedicated remote access standard built heavily around client-to-site remote user scenarios. Its native multihoming capability allows mobile devices to transition between Wi-Fi and mobile data carriers without tearing down and rebuilding the underlying secure IPsec connection.
An exploit that can be launched by sending malicious code to a target over a network without depending on an authenticated session is categorized as this technique
What is a remote exploit?

Explanation: Remote security exploits target logical network listening interfaces directly from afar without initial credential requirements. Conversely, local exploits require an existing, authenticated interactive environment to run their payload code.