Security+ Acronyms

Attacks, Threats, & Vulnerabilities

Architecture & Design

Implementation

Operations & Incident Response

Governance, Risk, & Compliance

100

This type of attack uses instant messaging to send SPAM messages.

What is SPIM?

100

This detects & prevents unauthorized access to, or sending of, sensitive data.

What is DLP?

100

This monitors a host device for intrusions & alerts the admin.

What is a HIDS?

100

theHarvester is a tool used for this type of activity.

What is OSINT?

100

This protects the PII of EU & EEA citizens.

What is the GDPR?

200

This attack uses a botnet to remotely attack targets.

What is DDoS?

200

This provides a cloud-based execution environment for custom code.

What is PaaS?

200

Dynamic code analysis may include this to ensure that a normal end-user usability.

What is UAT?

200

This offers a customizable dashboard to monitor network events in real-time.

What is a SIEM?

200

This NIST framework has 6 phases that sets security requirements for federal agencies.

What is CIS?

300

A boot sector virus attaches itself to this to avoid detection.

What is MBR?

300

This flexible computing device is meant to be programmed by the end user.

What is an FPGA?

300

This combines authentication & authorization into a single solution.

What is IAM?

300

This type of traffic can be used to collect VOIP call metadata, including a record of calls made.

What is SIP?

300

These SSAE reports are security assessment & auditing standards.

What are SOC reports?

400

This wireless security protocol is the oldest & least secure.

What is WEP?

400

This type of ICS focuses on data-gathering & is event-driven.

What is SCADA?

400

This is an insecure plaintext password-login mechanism.

What is PAP?

400

This framework lays out the main activities related to digital forensics.

What is EDRM?

400

This point is where a manufacturer stops creating a product.

What is EOL?

500

This tool gathers data about user habits & activities to detect threats & attacks.

What is UEBA?

500

This type of encryption key is used to encrypt another encryption key.

What is KEK?

500

This entity sends the CA a formal CSR before the CA builds, signs, & issues a certificate.

What is the RA?

500

This SOP details how to detect, prevent, & respond to incidents.

What is an IRP?

500

This company exec crafts & implements the company data protection & privacy policy.

Who is the DPO?