Acronyms Flashcards
ACL
Access Control List
A rule set that can be implemented on a firewall, switch, or other infrastructure device to control access.
AP
Access Point
A wireless transmitter and receiver that hooks into the wired portion of a network and provides an access point to that network for wireless devices.
ASLR
Address Space Layout Randomization
A technique that can be used to prevent memory attacks
AES
Advanced Encryption Standard
A symmetric algorithm adopted by the US government as the replacement algorithm for 3DES.
APT
Advanced Persistent Threat
A hacking process that targets a specific entity and is carried out over a long period of time. The attacker is usually a group of organized individuals often funded and supported by a nation-state to gain illicit access to another government’s information.
ALE
Annualized Loss Expectancy
The expected risk cost of an annual threat event.
ARO
Annualized Rate of Occurrence
An estimate of how often a given threat might occur annually.
API
Application Programming Interface
A software interface that handles interactions between multiple software applications or mixed hardware/software intermediaries.
ASIC
Application Specific Integrated Circuit
A circuit that is designed specifically for an application and thus is not a general-purpose chip.
AI
Artificial Intelligence
The ability of a machine or computer to learn and adapt.
ARF
Asset Reporting Format
A data model that is used to express the transport format of information about assets and the relationships between assets and reports.
AJAX
Asynchronous JavaScript and XML
A group of interrelated web development techniques used on the client side to create asynchronous web applications.
AIK
Attestation Identity Key
Versatile memory that ensures the integrity of an EK.
ABAC
Attribute-Based Access Control
An access control system that takes multiple factors or attributes into consideration before authenticating and authorizing an entity.
AR
Augmented Reality
A program that overlays virtual objects on the real-world environment.
AAA
Authentication, Authorization, and Accounting
Framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
BYOD
Bring Your Own Device
A strategy in which users bring their own devices and use them for company and personal work.
BACnet
Building Automation and Control Network
An application, network, and media access control layer communications service that can operate over a number of layer 2 protocols, including ethernet.
BCP
Business Continuity Plan
A process that focuses on sustaining an organization’s business/mission processes during and after disruption.
BIA
Business Impact Analysis
The process of identifying mission critical systems and identifying measure to provide fault tolerance and high availability.
CMMI
Capability Maturity Model Integration
A process improvement approach.
CA
Certificate Authority
An entity that creates and signs digital certificates, maintains the certificates, and revokes them when necessary.
CRL
Certificate Revocation List
A list of digital certificates that a CA has revoked.
CSR
Certificate Signing Request
A request that a self-generated certificate be validated and signed by a CA.
COPPA
Children’s Online Privacy Protection Act
A law that addresses abuse of children on the Internet.
CYOD
Choose Your Own Device
A strategy in which organization users choose their own devices from a list of options but the devices are purchased, owned, and managed by the organization.
CBC
Cipher Block Chaining
A DES mode in which 64-bit blocks are chained together and each resultant 64-bit ciphertext block is applied to the next block.
CASB
Cloud Access Security Broker
On-premises or cloud based software that sits between cloud service users and cloud applications and monitors all activity and enforces security policies.
CCE
Common Configuration Enumeration
A set of best practice statements maintained by the NIST.
CIP
Common Industrial Protocol
A suite of messages and services for the collection of manufacturing automation applications.
CN
Common Name
The entity name protected by an SSL/TLS certificate, which is technically represented by the Common Name field in the X.509 certificate specification.
CPE
Common Platform Enumeration
A naming scheme for describing and classifying operations systems, applications, and hardware devices used by SCAP.
CVE
Common Vulnerabilities and Exposures
A free MITRE database that lists vulnerabilities in published operating systems and application software as identified by Common Platform Enumeration (CPE).
CVSS
Common Vulnerability Scoring System
A system of ranking vulnerabilities that are discovered based on predefined metrics.
COBO
Company-Owned, Business Only
A strategy in which mobile devices, are purchased, owned, and managed by the organization.
CSIRT
Computer Security Incident Response Team
Provides a reliable and trusted single point of contact for reporting computer security incidents worldwide.
CMDB
Configuration Management Database
A database that keeps track of the state of assets, such as products, systems, software, facilities, and people, as they exist at specific points in time, as well as the relationships between such assets.
CDN
Content Delivery Network
A set of geographically dispersed servers that serve content to users based on their location, so that users get content from the physically nearest server.
CMS
Content Management System
Enables non-technical users the ability to create, manage, and modify content on a website.
CTPH
Context Triggered Piecewise Hashes
A rolling hash that involves multiple traditional cryptographic hashes for one or more fixed-size segments in a file.
COOP
Continuity of Operations Plan
A plan that focuses on restoring an organization’s mission essential functions at an alternate site and performing those functions for up to 30 days before returning to normal operations.
CD
Continuous Delivery
The ability to make software features, configuration changes, bug fixes, and experiments available to users safely and quickly and in a sustainable way.
CDP
Continuous Delivery Pipeline
The workflows needed to introduce new functionality to software, from ideation to an on-demand release of value to the end user.
CI
Continuous Integration
The practice of merging all software developer working copies into a shared main line several times a day.
CAN
Controller Area Network bus
A newer standard for vehicle-to-vehicle and vehicle-to-road communication.
COPE
Corporate Owned, Personally Enabled
A strategy in which an organization purchases mobile devices, and users manage those devices.
CTR
Counter
A DES mode that uses an incrementing IV counter to ensure that each block is encrypted with a unique keystream.
CPTED
Crime Prevention Through
Environmental Design
A multi-disciplinary approach to security that involves designing a facility from the ground up to support security.
CSRF
Cross-Site Request Forgery
An attack that causes an end user to execute unwanted actions on a web application in which they are currently authenticated.
XSS
Cross-Site Scripting
An attack in which an attacker locates a website vulnerability and injects malicious code into the web application.
CER
Crossover Error Rate
The point at which FRR equals FAR.
CRM
Customer Relationship Management
Software that identifies customers and stores customer-related data, particularly contact information and data on any direct contacts with customers.
DLP
Data Loss Prevention
Software that uses ingress and egress filters to identify sensitive data that is leaving the organization and can prevent such leakage.
DAM
Database Activity Monitoring
The use of tools to monitor transactions and the activity of database services.
DDS
Data Distribution Service
Enables network interoperability for connect machines, facilitating the scalability, performance, and Quality of Service (QoS) features required for industrial applications.
DevOps
Development Operations
A software development method that aims at shorter development cycles, increased deployment frequency, and more dependable releases, in close alignment with business objectives.
DevSecOps
Development Security Operations
A development approach that involves representatives from development, operations, and security to create a shared sense of responsibility with regard to security.
DH
Diffie-Hellmen
A key agreement process used with asymmetric encryption algorithms allowing for a symmetric key exchange without using public/private key pairs.
DRM
Digital Rights Management
Technology used by hardware manufacturers, publishers, copyright holders, and individuals to control the use of digital content.
DSS
Digital Signature Standard
A US federal digital security standard that governs the Digital Security Algorithm (DSA).
DRaaS
Disaster Recovery Plan
An information system-focused plan designed to restore operability of the target system, application, or computer facility infrastructure at an alternate site after an emergency.
DRP
Disaster Recovery Plan
An information system-focused plan designed to restore operability of the target system, application, or computer facility infrastructure at an alternate site after an emergency.
DAC
Discretionary Access Control
An access control system in which the owner of an object specifies which subjects can access the resource.
DDoS
Distributed Denial of Service
An attack that is carried out from multiple attack locations.
DNP3
Distributed Network Protocol 3
A primary/secondary protocol that uses port 19999 when using TLS and port 2000 when not using TLS. Its main use is in utilities such as electric and water companies.
DoH
DNS over HTTPS
A method of transmitting DNS traffic to remote DNS servers using the Secure HTTPS protocol.
DNS
Domain Name System
A database that provides a hierarchical naming system for computers, services, and any resources connected to the internet or a private network.
DNSSEC
Domain Name System Security Extensions
A secure form of DNS which ensures that a DNS server is authenticated before the transfer of DNS information begins between the DNS server and the client.
DAST
Dynamic Application Security Testing
A form of testing that is automated.
DTP
Dynamic Trunking Protocol
A protocol that enables two switches to form a trunk link automatically, based on their configuration.
ECB
Electronic Codebook
The easiest and fastest DES mode to use. It has security issues because every 64-bit block is encrypted with the same key.
ECC
Elliptic-Curve Cryptography
An approach to public key cryptography that is based on the algebraic structure of elliptic curves over finite fields.
ECDH
Elliptic-Curve Diffie-Hellman
A key agreement protocol that uses an elliptic-curve public/private key pair to establish a symmetric key over an insecure channel.
ECDSA
Elliptic-Curve Digital Signature Algorithm
An algorithm that provides elliptical-curve-based key exchange.
EK
Endorsement Key
Persistent memory installed by a manufacturer that contains a public-private key pair.
EDR
Endpoint Detection and Response
A proactive endpoint security approach that is designed to supplement existing defenses.
ERP
Enterprise Resource Planning
A process that involves collecting, storing, managing, and interpreting data from product planning, product cost, manufacturing or service delivery, marketing/sales, inventory management, shipping, payment, and any other business processes.
ESB
Enterprise Service Bus
A software platform used to facilitate communication between mutually interacting software applications in an SOA.
ELF
Executable and Linkable Format
The standard binary format on Oss such as Linux. Capabilities include dynamic linking, dynamic loading, imposing run-time control on a program, and an improved method for creating shared libraries.
EF
Exposure Factor
The percentage value or functionality of an asset that will be lost when a threat event occurs.
EV
Extended Validation
A certificate that requires verification of the requesting entity’s legal identify before the certificate can be issued.
XACML
Extensible Access Control Markup Language
A standard for an access control policy language using XML. Its goal is to create an ABAC system that decouples the access decision from the application or the local machine.
EAP
Extensible Authentication Protocol
A framework for port-based access control that uses the same three components that are used in RADIUS.
XCCDF
Extensible Configuration Checklist Description Format
A specification language for writing security checklists, benchmarks, and related kinds of documents that is used by SCAP.
XML
Extensible Markup Language
A markup language that is often used in web deployments.
FAR
False Acceptance Rate
A measurement of the percentage of invalid users that will be falsely accepted by the system.
FRR
False Rejection Rate
A measurement of valid users that will be falsely rejected by the system.
FERMA
Federation of European Risk Management Associations Risk Management Standard
An organization that provides guidelines for managing risk in an organization.
FPGA
Field Programmable Gate Array
A type of PLD that is programmed by blowing fuse connections on the chip or using an anti-fuse that makes a connection when a high voltage is applied to the junction.
FIM
File Integrity Monitoring
Methods of ensuring that files have not been altered by an unauthorized person or application.
FIFO
First-In, First-Out
A tape rotation scheme in which the newest backup is saved to the oldest media.
FTK
Forensic Toolkit
A tool for taking images of forensic data without making changed to the original evidence.
FaaS
Function as a Service
An extension of PaaS that completely abstracts the virtual server from the developer.
GCM
Galois/Counter Mode
A DES mode in which blocks are numbered sequentially, and then a block number is combined with an IV and encrypted with a block cipher, usually AES.
GDPR
General Data Protection Regulation
Regulatory guidelines required by the EU.
GPS
Global Positioning System
GPS sensors can report highly accurate location information.
GPG
GNU Privacy Guard
A rewrite or upgrade of PGP that uses AES.
GDB
GNU Project Debugger
A tool that allows visibility into a program while it executes or determines what the program was doing at the moment it crashed.
GFS
Grandfather/Father/Son
A tape rotation scheme in which three sets of backups are defined. Most often these three definitions are daily (sons), weekly (fathers), and monthly(grandfathers). Each week, one son advances to the father set.
HSM
Hardware Security Module
An appliance that safeguards and manages digital keys used with strong authentication and provides crypto processing.
HMAC
Host-based Message Authentication Code
A keyed-has MAC that involves a hash function with a symmetric key. HMAC provides data ingrity an authentication.
HSM
Hierarchical Storage Management
A backup method that involves storing frequently accessed data on faster media and less frequently accessed data on slower media.
HIDS
Host-based Intrusion Detection System
Provides threat detection by monitoring OS logs, processes, services, and file systems.
HIPS
Host-based Intrusion Prevention System
Provides detection and responds to identified anomalies by stopping service, blocking communications, or stopping processes.
HMAC
Host-based Message Authentication Code
Specified message authentication that can verify both the source and content of a message without any other means. On the sender and receiver know the secret key.
HOTP
HMAC-based One-Time Password
An algorithm that computes a password from a shared secret that is used on time only. It uses an incrementing counter that is synchronized on the client and the server to do this.
HSTS
HTTP Strict Transport Security
A policy mechanism that informs web browsers (or other user agents) that they should automatically interact with it using only HTTPS connections.
HUMINT
Human Intelligence
Any information gathered via person-to-person contact.
HSDN
Hybrid Software-Defined Networks
A mix of traditional and software-defined networks operating within the same environment. A middle ground for companies with existing infrastructure who cannot replace all of the equipment to take full use of SDNs.
IRT
Incident Response Team
A written document that helps an organization before, during, and after a confirmed or suspected security incident.
IoC
Indicator of Compromise
Any activity, artifact, or log entry that is typically associated with an attack of some sort.
ICS
Industrial Control System
A general term that encompasses several types of control systems used in industrial production.
ISAC
Information Sharing and Analysis Center
Nonprofit organizations that host security information sharing systems.
ISCP
Information System Contingency Plan
A plan that provides established procedures for the assessment and recovery of a system following a system disruption.
IaaS
Infrastructure as a Service
A cloud service model in which the vendor provides the hardware platform or data center, and the company installs and manages its own OS and apps.
IV
Initialization Vector
A fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom.
IAST
Interactive Application Security Testing
A form of testing in which the tester interacts with the system.
ISA
Interconnection Security Agreement
An agreement between two organizations that own and operate connected IT systems to document the technical requirements of the interconnection.
IMAP
Internet Message Access Protocol
An application layer protocol used on a client to retrieve email from a server.
IPSec
Internet Protocol Security
A suite of protocols that establishes a secure channel between two devices.
IoT
Internet of Things
A system of interrelated computing devices, mechanical and digital machines, and objects that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or humant-to-computer interaction.
IDS
Intrusion Detection System
A system responsible for detecting unauthorized access or attacks against systems and networks.
IPS
Intrusion Prevention System
A system that is responsible for preventing attacks.
JSON
JavaScript Object Notation
The data exchange format used to send data between applications in the form of an API-based representational state transfer (REST) architectural style.
JWT
JSON Web Token
A proposed internet standard that uses signed tokens to communicate with previously established authentication information in an SSO environment.
KPI
Key Performance Indicator
A metric that is created, collected, and analyzed to assess performance.
KRI
Key Risk Indicator
A metric that is created, collected, and analyzed to assess risk.
L2TP
Layer 2 Tunneling Protocol
A newer protocol that operates at layer 2 of the OSI model. Like PPTP, L2TP can use various authentication mechanisms, however, L2TP does not provide any encryption. It is typically used with IPSec, which is a very strong encryption method.
LEAP
Lightweight Extensible Authentication Protocol
A proprietary wireless LAN authentication method developed by Cisco.
LDAP
Lightweight Directory Access Protocol
A common directory services standard.
ML
Machine Learning
The use of generated training data to build a model that makes predictions and decisions without being explicitly programmed to do so.
MDF
Main Distribution Frame
A signal distribution frame for connecting equipment (inside plant) to cables and subscriber carrier equipment (outside plant).
MSSP
Managed Security Service Provider
A provider that offers the option to fully outsource all information assurance to a third party.
MAC
Mandatory Access Control
An access control system in which subject authoritzation is based on security labels.
MSA
Master Service Agreement
A contract between two partiees in which both parties agree to most of the terms that will govern future transactions or future agreements.
MTBF
Mean Time Between Failures
The estimated amount of time a device will operate before a failure occurs.
MTTR
Mean Time to Recovery
The average time to repair a single resource or function when a disaster or disruption occurs.
MOU
Memorandum of Understanding
An agreement between two or more organizations that details a common line of action.
MD5
Message Digest Algorithm
Produces a 128-bit output and is less secure than SHA. it sometimes represents passwords.
ATT&CK
Adversarial Tactics, Techniques, & Common Knowledge
A knowledge base of adversarial tactics and technique based on real-world observations.
ATT&CK ICS
ATT&CK for Industrial Control Systems
A MITRE knowledge base that focuses specifically on industrial control systems.
MCKMS
Multi-Cloud Key Management System
A key management system configured for multiple clouds.
MFA
Multi-Factor Authentication
Authentication in which authentication factors from at least two different factor categories are used. For example, a PIN, a retina scan, and signature dynamics.
MIME
Multipurpose Internet Mail Extensions
An Internet standard that allows email to include non-text attachments, non-ASCII character sets, multiple part message bodies, and non-ASCII header information.
NFC
Near Field Communication
A sect of communication protocols that allow two electronic devices, one of which is usually a mobile device, to establish communication when they are within 2 inches of each other.
NPV
Net Present Value
A function that considers the fact that money spent today is worth more than savings realized tomorrow.
NAC
Network Access Control
A service that goes beyond authentication of the user and includes examination of the state of the computer the user is introducing to the network when making a remove access, or VPN, connection to the network.
NAT
Network Address Translation
A service that can be supplied by a router or by a server that translates public IP addresses to private IP addresses and vice versa.
NIDS
Network Intrusion Detection System
An IDS that monitors network traffic on a local network segment.
NIPS
Network Intrusion Prevention System
An IPS that scans traffic on a network for signs of malicious activity and takes some action to prevent it.
NGFW
Next Generation Firewall
A type of firewall that attempts to address the traffic inspection and application-awareness shortcomings of a traditional stateful firewall without hampering performance.
NDA
Non-Disclosure Agreement
An agreement between two parties that defines what information is considered confidential and cannot be shared outside the two parties.
NX
No-Execute bit
Technology used in CPUs to segregate areas of memory for use by either storage of processor instructions or storage of data.
OTP
One-Time Password
A password that is used only once to log in to the access control system. This password type provides the highest level of security because it is discarded after it is used once. Also called a dynamic password.
OCSP
Online Certificate Status Protocol
An internet protocol that obtains the revocation status of an X.509 digital certificate by using the serial number.
OAuth
Open Authorization
A standard for authorization that allows users to share private resources on one site to another site without using credentials.
OSINT
Open-Source Intelligence
Data collected from publicly available sources.
OSSTMM
Open Source Security Testing Methodology Manual
A manual that covers different kinds of security tests of physical, human (processes), and communication systems.
OSA
Open System Authentication
The default authentication used in 802.11 networks using WEP. The authentication request contains only the station ID and authentication response.
OVAL
Open Vulnerability and Assessment Language
A standardized method used to transfer security information across the entire spectrum of security tools and services.
OWASP
Open Web Application Security Project
A group that monitors web attacks.
OLA
Operational-Level Agreement
An internal organizational document that details the relationships that exist between departments to support business activities.
OFB
Output Feedback
A DES mode that uses a previous keystream with a key to create the next keystream.
OTA
Over-the-Air
An industry-standard mechanism or process that wirelessly delivers OS and firmware updates to a mobile device over Wi-Fi or a mobile data connection.
PCAP
Packet Capture
Packet and protocol analysis rely on a sniffer tool to capture and decode the frames of data. Network traffic can be captured from a host or a network segment.
PAP
Password Authentication Protocol
A password-based authentication protocol used by Point to Point Protocol (PPP) to validate users.
PBKDF2
Password-Based Key Derivation FUnction 2
An encryption mechanism that basically uses a password and manipulates it to generate a strong key that can be used for encryption and subsequently decryption.
PCI DSS
Payment Card Industry Data Security Standard
A security standard that enumerates requirements that payment card industry players should meet to secure and monitor their networks, protect cardholder data, manage vulnerabilities, implement strong access controls, and maintain security policies.
PFS
Perfect Forward Secrecy
A process which ensures that a session key derived from a set of long term keys cannot be compromised if one of the long term keys is compromised in the future.
PII
Personally Identifiable Information
A piece of data that can be used alone or with other information to identify a particular person.
PaaS
Platform as a Service
A cloud service model in which the vendor provides the hardware platform or data center and the software running on the platform, including the OS and infrastructure software. The company is still involved in managing the system.
PCR
Platform Configuration Register hash
Versatile memory that stores data hashes for the sealing function.
PPTP
Point-to-Point Tunneling Protocol
A Microsoft protocol based on PPP that uses built-in Microsoft Point-to-Point encryption and can use a number of authentication methods, including CHAP, MS-CHAP, and EAP-TLS.
POP
Post Office Protocol
An application layer email retrieval protocol.
PRL
Preferred Roaming List
A list of radio frequencies that resides in the memory of some kinds of digital phones.
PGP
Pretty Good Privacy
An encryption system that provides email encryption over the internet can provide confidentiality, integrity, and authentication, depending on the encryption methods used.
PLA
Privacy-Level Agreement
A document that sets out in contractual terms how a third-party provider will ensure that the information it hosts will not be seen by the wrong set of eyes.
PBX
Private Branch Exchange
A telephone exchange or telephone switching system that is installed at, and serves, a private organization with a large number of internal devices.
PFE
Private Function Evaluation
The process of evaluating one party’s private data using a private function owned by another party.
PIR
Private Information Retrieval
A type of protocol that can retrieve information from a server without revealing which item is retrieved.
PAM
Privileged Access Management
Protects against the issues related to credential theft and misuse.
PRI
Product Release Information
A connection between a mobile device and a radio
PLD
Programmable Logic Device
An integrated circuit with connections or internal logic gates that can be changed through a programming process.
PKI
Public Key Infrastructure
The set of systems, software, and communication protocols that distribute, manage, and control public key cryptography.
RIPEMD
RACE Integrity Primitives Evaluation Message Digest
A hashing algorithm that produces a 160-bit hash value after performing 160 rounds of computations on 512-bit blocks.
RTP
Real-Time Transport Protocol
A network protocol for delivering audio and video over IP networks.
RUM
Real User Monitoring
A monitoring method that captures and analyzes every transaction of every application or website user.
RAID
Redundant Array of Inexpensive Disks
Refers to how a sysadmin configures the storage array to provide redundancy in the case of one or more disks failing.
RA
Registration Authority
A server that verifies a requester’s identity and registers the requester.
RADIUS
Remote Authentication Dial-In User Service
A networking protocol that provides centralized authentication and authorization.
RDP
Remote Desktop Protocol
A proprietary protocol developed by Microsoft that provides a graphical interface to connect to another computer over a network.
RTU
Remote Terminal Unit
A device in an ICS that connects to sensors and converts sensor data to digital data, including telemetry hardware.
REST
Representational State Transfer
A client/server model for interacting with content on remote systems, typically using HTTP.
ROI
Return On Investment
The money gained or lost after an organization makes an investment.
RSA
Rivest, Shamir, and Adleman
The most popular asymmetric algorithm.
RBAC
Rule-Based Access Control
An access control system in which each subject is assigned to one or more roles. Roles are hierarchical, and access control is defined based on the roles.
ROE
Rules of Engagement
A document describing how a pen-test may be performed, including the type of testing to be performed, the scope of software and systems to be included in the test, along with contact information.
RoT
Root of Trust
Or, trust anchor, is a secure subsystem that provides attestation, meaning the receiver can trust a statement made by the system.
SIS
Safety Instrumented Data
Contains sensors, logic solvers, and final control elements (like horns, flashing lights, and sirens) to return an industrial process to a safe state after detecting predetermined conditions.
SOW
Scope of Work
Describes the specific systems, or range of IP addresses, time frame, testing, location of where testing is to be performed, and other details.
SFE
Secure Function Evaluation
The process in which multiple parties collectively compute a function and receive its output without learning the inputs from any other party.
SHA
Secure Hashing Algorithm
A family of four algorithms published by the US NIST.
S/MIME
Secure Multipurpose Internet Mail Extensions
A secure version of MIME that encrypts and digitally signs email messages and encrypts attachments.
SSH
Secure Shell
A protocol created to provide an encrypted method of performing remote command-line operations.
SSL
Secure Sockets Layer
A protocol used to create secure connections to servers. It works at the application layer of the OSI model. It is used mainly to protect HTTP/HTTPS traffic or web servers.
SAML
Security Assertion Markup Language
A security attestation model built on XML and SOAP-based services that allows for the exchange of authentication and authorization data between systems and that supports federated identity management.
SCAP
Security Content Automation Protocol
A standard that the security automation community uses to enumerate software flaws and configuration issues.
SEAndroid
Security-Enhanced Android
An SELinux version that runs on Android devices.
SELinux
Security-Enhanced Linux
A Linux kernel security module that separates enforcement of security decisions from the security policy itself and streamlines the amount of software involved with security policy enforcement.
SIEM
Security Information and Event Management
A system that provides log centralization and an automated solution for analyzing events.
SOAR
Security Orchestration, Automation, and Response
The use of technologies to accomplish automation and orchestration in performing mundane tasks that are crucial to identifying and responding to security issues.
SRTM
Security Requirements Traceability Matrix
A grid that documents the security requirements that a new asset must meet.
STAR
Security Trust Assurance and Risk registry
A list of cloud providers that have met the requirements laid out by the Cloud Security Alliance (CSA).
SED
Self-Encrypting Drives
An HDD or SSD designed to automatically encrypt drive data as it is written to the disk and decrypt stored data.
SPF
Sender Policy Framework
An email validation system that works by using DNS to determine whether an email sent by someone has been sent by a host sanctioned by that domain’s administrator.
SLA
Service Level Agreement
An agreement to respond to problems within a certain time frame while providing an agreed level of service.
SOA
Service Oriented Architecture
A style of software design that involves using software to provide application functionality as services to other applications.
SSID
Service Set Identifier
A name or value assigned to identify a WLAN from other WLANs.
SKA
Shared Key Authentication
A verification process that uses WEP and a shared secret key for authentication. The challenge text is encrypted with WEP using the shared secret key.
SCEP
Simple Certificate Enrollment Protocol
A protocol that is used in provisioning certificates to network devices, including mobile devices.
SMTP
Simple Mail Transfer Protocol
An application layer protocol that is used to retrieve information from network devices and to send configuration changes to those devices.
SNMP
Simple Network Management Protocol
An application layer protocol that is used to retrieve information from network devices and to send configuration changes to those devices.
SOAP
Simple Object Access Protocol
A protocol specification for exchanging structured information in the implementation of web services in computer networks.
SLE
Single Loss Expectancy
The monetary impact of a threat occurrence.
SSO
Single Sign-On
SaaS
Software as a Service
A cloud service model in which the vendor provides the entire solution, including the OS, the infrastructure software, and the application.
SCA
Software Composition Analysis
The process of performing automated scans of an application’s code base, including related artifacts such as containers and registries, to identify all open-source components, their license compliance data, and any security vulnerabilities and fix vulnerabilities through prioritization and auto remediation.
SDN
Software-Defined Networks
The decoupling of the control plan and the data plane in networking.
SNAT
Stateful Network Address Translation
A service that implements two or more NAT devices to work together as a translation group. It is called stateful NAT because it maintains a table about the communication sessions between internal and external systems.
SAST
Static Application Security Testing
A form of testing that is performed with the application not running.
SRK
Storage Root Key
Persistent memory that secures the keys stored in a TPM chip.
SQLi
Structured Query Language Injection
SQLi manipulates SQL language in poorly crafted web applications in order to gain access to data stored in the underlying database.
SCADA
Supervisory Control And Data Acquisition
A system that operates with coded signals over communication channels to provide control of remote equipment.
SoC
System on a Chip
Software contained on a chip such as a baseband processor in a network interface that manages radio functions.
SFC
System File Checker
A command-line utility that checks and verifies the version of system files on a computer.
SPAN
Switched-Port Analyzer
A port that has been configured to include mirrored traffic from other ports on a switch.
TACACS
Terminal Access Controller Access Control System
A networking protocol that provides centralized authentication and authorization.
TAP
Test Access Port
The preferred mechanism for performing traffic capture, sniffing.
TOTP
Time-based One-Time Password
An algorithm that computes a password from a shared secret and the current time. It is based on the HOTP but turns the current time into an integer-based counter.
TOCTOU
Time of Check vs Time of Use
Describes issues associated with programming that follow a sequence of steps and makes assumptions about the state of the steps. A lack of atomic execution exposes applications to TOCTOU types of attacks.
TCO
Total Cost of Ownership
A measure of the overall costs associated with running an organizational risk management process, including insurance premiums, finance costs, administrative costs, and any losses incurred.
TLS
Transport Layer Security
A cryptographic protocol that protects internet communications and is an upgrade of SSL.
3DES
Triple Digital Encryption Standard
The replacement algorithm for DES.
TPM
Trusted Platform Module
A specification for hardware-based storage of encryption keys, hashed passwords, and other user and platform identification information.
2FA
Two-Factor Authentication
Authentication in which authentication factors from two different factor categories are used. For example, a password and an iris scan.
UEFI
Unified Extensible Firmware Interface
An alternative to BIOS for interfacing between the software and the firmware of a system.
UTM
Unified Threat Management
A solution in which devices perform multiple security functions. For example, antivirus, firewalling, and network access control may all be provided by a single device.
UDDI
Universal Description Discovery and Integration
A platform-dependent, XML protocol that includes a (XML-based) registry by which businesses worldwide can list themselves on the internet, and a mechanism to register and locate web service applications.
UEBA
User and Entity Behavior Analytics
A type of analysis that focuses on observing network behaviors for anomalies.
VDI
Virtual Desktop Infrastructure
A server-based virtualization technology that hosts and manages virtual desktops. Functions include creating the desktop images, managing the desktops on the servers, and providing client network access for the desktop.
WAF
Web Application Firewall
Provides effective protection of web applications by inspecting traffic for signs of malicious activity.
WSS
Web Services Security
An extension to SOAP that is used to apply security to web services.
WPA
Wi-Fi Protected Access
WPA2 Wi-Fi Protected Access 2
WPA3 Wi-Fi Protected Access 3
WEP
Wired Equivalent Privacy
WIDS
Wireless Intrusion Detection System
An IDS that operates on a WLAN rather than on a wired network.
XN
Execute Never bit
A method for specifying areas of memory that cannot be used for execution.
XXEi
XML External Entity Injection
An attack against an application that parses XML input. A weakly configured XML parser may process references to an external entity that could leak confidential data.
XCCDF
Extensible Configuration Checklist Description Format
Provides a consistent and standardized way to define benchmark information as well as configuration and security checks to be performed during an assessment.