Acronyms Flashcards
Remember the acronyms for Security+ 701
Acronym
Combined
DLP
Data Loss Prevention: A strategy for making sure that end users do not send sensitive or critical information outside the corporate network.
AES-256
Advanced Encryption Standards 256-bit: A variant of AES using a 256-bit key size, offering the highest level of encryption in the AES family.
MDM
Mobile Device Management: Software that allows IT administrators to control, secure, and enforce policies on smartphones, tablets, and other endpoints. It’s crucial for organizations implementing BYOD policies.
POTS
Plain Old Telephone Service: The voice-grade telephone service that remains the basic form of residential and small business service connection to the telephone network in many parts of the world. It’s being gradually replaced by VoIP services.
NGFW
Next-generation Firewall: A network security device that combines traditional firewall capabilities with other network device filtering functions. It often includes features like application awareness and control, integrated intrusion prevention, and cloud-delivered threat intelligence.
ECC
Elliptic Curve Cryptography: An approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields.
STIX
Structured Threat Information eXchange: A standardized language for sharing cyber threat intelligence. It’s used to share actionable threat intelligence across organizations.
SoC
System on Chip: An integrated circuit that integrates all or most components of a computer or other electronic system. It’s widely used in embedded systems and mobile devices.
SIM
Subscriber Identity Module: An integrated circuit that securely stores the international mobile subscriber identity and its related key. It’s used in mobile phones to authenticate subscribers.
SAN
Subject Alternative Name: An extension to X.509 that allows various values to be associated with a security certificate. It’s often used to specify additional domains and IP addresses protected by an SSL certificate.
NFC
Near Field Communication: A set of communication protocols that enable two electronic devices to establish communication by bringing them within about 4 cm of each other. It’s often used for contactless payment systems and similar applications.
WEP
Wired Equivalent Privacy: A security algorithm for IEEE 802.11 wireless networks. It’s been deprecated due to security weaknesses.
SLE
Single Loss Expectancy: A dollar figure that is associated with a single event of data loss. It’s used in risk assessment calculations.
WTLS
Wireless Transport Layer Security: A security protocol part of the Wireless Application Protocol (WAP) stack. It’s the wireless equivalent of the Transport Layer Security (TLS) protocol.
BCP
Business Continuity Planning: The process of creating systems of prevention and recovery to deal with potential threats to a company.
CVE
Common Vulnerability Enumeration: A list of publicly disclosed computer security flaws, each with an identification number.
PBX
Private Branch Exchange: A telephone system within an enterprise that switches calls between enterprise users on local lines while allowing all users to share a certain number of external phone lines. It’s used to manage internal and external communications in organizations.
PAP
Password Authentication Protocol: A simple authentication protocol where a user’s password is sent unencrypted over the network. Due to its lack of security, it’s generally only used as a last resort when other protocols are not available.
P2P
Peer to Peer: A distributed application architecture that partitions tasks or workloads between peers. It’s commonly used for file sharing and cryptocurrency networks.
RAS
Remote Access Server: A server that provides remote access connectivity to an organization’s internal network. It allows remote users to access network resources as if they were directly connected to the corporate network.
RAT
Remote Access Trojan: A malware program that includes a back door for administrative control over the target computer. It’s often used by cybercriminals to gain unauthorized access to systems.
ARP
Address Resolution Protocol: A protocol used for discovering the link layer address associated with a given IPv4 address.
DPO
Data Privacy Officer: An enterprise security leadership role required by the General Data Protection Regulation (GDPR).
MSP
Managed Service Provider: A company that remotely manages a customer’s IT infrastructure and/or end-user systems. They often handle day-to-day management of specialized applications and network infrastructure.
TLS
Transport Layer Security: A cryptographic protocol designed to provide communications security over a computer network. It’s the successor to SSL and is widely used for secure communication on the Internet.
RPO
Recovery Point Objective: The maximum targeted period in which data might be lost from an IT service due to a major incident. It’s a key metric in disaster recovery planning.
HA
High Availability: The ability of a system or component to be continuously operational for a desirably long length of time.
RC4
Rivest Cipher version 4: A stream cipher designed by Ron Rivest in 1987. While still used in some protocols, it’s considered insecure for many applications and has been deprecated in modern cryptographic standards.
SCADA
Supervisory Control and Data Acquisition: A control system architecture comprising computers, networked data communications and graphical user interfaces for high-level process supervisory management. It’s widely used in industrial processes.
CCTV
Closed-circuit Television: A TV system in which signals are not publicly distributed but are monitored, primarily for surveillance and security purposes.
SED
Self-encrypting Drives: Hard drives that automatically and continuously encrypt the data on them without any user interaction. They provide an additional layer of data security.
CP
Contingency Planning: The process of preparing for unexpected events or situations that could affect an organization’s operations.
IdP
Identity Provider: A system entity that creates, maintains, and manages identity information for principals while providing authentication services to relying applications.
CYOD
Choose Your Own Device: A business model where employees can choose from a limited selection of devices to use for work.
DNAT
Destination Network Address Translation: A technique for modifying network address information in datagram packet headers while in transit across a traffic routing device.
RTOS
Real-time Operating System: An operating system intended to serve real-time applications that process data as it comes in, typically without buffer delays. It’s commonly used in embedded systems and IoT devices.
GCM
Galois Counter Mode: A mode of operation for symmetric key cryptographic block ciphers widely adopted for its performance.
WIPS
Wireless Intrusion Prevention System: A network device that monitors the radio spectrum for the presence of unauthorized access points and can automatically take countermeasures. It provides active protection for wireless networks.
RA
Registration Authority: An entity that verifies information about a user requesting a digital certificate and tells the Certificate Authority (CA) to issue it. It’s a key component of many PKI systems.
NIDS
Network-based Intrusion Detection System: A system that attempts to detect malicious activity such as denial of service attacks, port scans or attempts to crack into computers by monitoring network traffic. It’s a key component of many network security architectures.
EFS
Encrypted File System: A feature of Windows that provides file system-level encryption.
CIRT
Computer Incident Response Team: A group of IT professionals responsible for responding to computer security incidents.
CRC
Cyclical Redundancy Check: An error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.
SQLi
SQL Injection: A code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. It’s a common web application vulnerability.
RA
Recovery Agent: An entity that is authorized to decrypt data encrypted by others. It’s often used in enterprise key management systems to ensure data can be recovered if encryption keys are lost.
CTO
Chief Technology Officer: An executive-level position focused on scientific and technological issues within an organization.
WPA
Wi-Fi Protected Access: A security protocol developed by the Wi-Fi Alliance to secure wireless computer networks. It’s the successor to the insecure WEP protocol.
MTU
Maximum Transmission Unit: The largest size packet or frame that can be transmitted in a single network layer transaction. It’s an important consideration in network design and troubleshooting.
WIDS
Wireless Intrusion Detection System: A network security system designed to detect unauthorized access or attacks on wireless networks and devices. It’s used to enhance the security of wireless networks.
MDF
Main Distribution Frame: A signal distribution frame for connecting equipment to cables and subsystems. It’s commonly used in telephony and computer networking.
SDN
Software-defined Networking: An approach to network management that enables dynamic, programmatically efficient network configuration to improve network performance and monitoring. It’s a key technology in modern network management.
TPM
Trusted Platform Module: A specialized chip on a computer’s motherboard that stores RSA encryption keys specific to the host system for hardware authentication. It’s used to enhance hardware security in computer systems.
RTBH
Remotely Triggered Black Hole: A technique used to drop undesirable traffic before it enters a protected network. It’s often used to mitigate DDoS attacks.
COPE
Corporate Owned, Personally Enabled: A business model where companies provide their employees with mobile devices to be used for both work and personal use.
SNMP
Simple Network Management Protocol: An Internet Standard protocol for collecting and organizing information about managed devices on IP networks. It’s widely used for network monitoring and management.
ISP
Internet Service Provider: An organization that provides services for accessing, using, or participating in the Internet.
RSA
Rivest, Shamir, & Adleman: A public-key cryptosystem that is widely used for secure data transmission. It’s one of the first practical public-key cryptosystems and is widely used for secure data transmission.
TOU
Time-of-use: A rate plan in which rates vary according to the time of day, season, and day type (weekday or weekend/holiday). It’s often used in utility billing.
SPF
Sender Policy Framework: An email authentication method designed to detect forging sender addresses during the delivery of the email. It’s used to prevent spam and phishing.
ERP
Enterprise Resource Planning: Business process management software that allows an organization to use a system of integrated applications to manage the business.
IoC
Indicators of Compromise: Pieces of forensic data that identify potentially malicious activity on a system or network.
PKI
Public Key Infrastructure: A set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. It’s the foundation for many secure communication protocols.
DKIM
DomainKeys Identified Mail: An email authentication method designed to detect forged sender addresses in emails.
SD-WAN
Software-defined Wide Area Network: A virtual WAN architecture that allows enterprises to leverage any combination of transport services to securely connect users to applications. It’s increasingly popular for managing enterprise networks.
OSINT
Open-source Intelligence: Data collected from publicly available sources to be used in an intelligence context. It’s widely used in cybersecurity for threat intelligence and risk assessment.
MFP
Multifunction Printer: Similar to MFD, it’s a device that combines printing, scanning, copying, and sometimes faxing capabilities. It’s designed to handle various document management tasks.
DSA
Digital Signature Algorithm: A Federal Information Processing Standard for digital signatures.
MTTF
Mean Time to Failure: The average time expected until first failure of a component of a system. It’s commonly used for non-repairable systems.
SSO
Single Sign-on: An authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems. It’s widely used in enterprise environments to simplify user access.
NAT
Network Address Translation: The process of modifying IP address information in packet headers while in transit across a traffic routing device. It’s commonly used to enable multiple devices on a private network to access the internet using a single public IP address.
ISSO
Information Systems Security Officer: A person responsible for establishing and maintaining the security posture of a specific information system.
BASH
Bourne Again Shell: A Unix shell and command language, widely used as the default login shell for most Linux distributions.
RIPEMD
RACE Integrity Primitives Evaluation Message Digest: A family of cryptographic hash functions developed in Europe. RIPEMD-160 is the most commonly used version.
PCAP
Packet Capture: An application programming interface for capturing network traffic. It’s widely used in network troubleshooting, analysis, and security monitoring.
CAR
Corrective Action Report: A document describing the actions taken to address non-conformances or incidents in a system or process.
SIEM
Security Information and Event Management: A system that combines security information management and security event management functions into one security management system. It’s crucial for real-time analysis of security alerts.
ALE
Annualized Loss Expectancy: A risk assessment calculation that estimates the potential yearly cost of an asset loss.
OID
Object Identifier: A unique identifier used to name an object in computing. They are extensively used in representation of managed objects in network management, as well as in many other fields.
CA
Certificate Authority: An entity that issues digital certificates, which are used to certify the ownership of a public key.
ESP
Encapsulated Security Payload: Part of the IPsec protocol suite used to provide confidentiality, data integrity, and data source authentication of IP packets.
MAC
Message Authentication Code: A short piece of information used to authenticate a message and ensure its integrity. It’s commonly used in cryptographic protocols.
SSH
Secure Shell: A cryptographic network protocol for operating network services securely over an unsecured network. It’s commonly used for remote command-line, login, and remote command execution.
NIPS
Network-based Intrusion Prevention System: Similar to NIDS, but it can also attempt to block potential threats in addition to detecting them. It’s often used in conjunction with firewalls to provide a layered security approach.
MTBF
Mean Time Between Failures: A reliability measure of hardware products, representing the average time between system breakdowns. It’s often used in manufacturing and engineering.
SSL
Secure Sockets Layer: A deprecated cryptographic protocol designed to provide communications security over a computer network. It’s been superseded by TLS but the term is still widely used.
TKIP
Temporal Key Integrity Protocol: A security protocol used in the IEEE 802.11 wireless networking standard. While once popular, it’s now considered insecure and has been deprecated.
FIM
File Integrity Management: An internal control or process that performs the act of validating the integrity of operating system and application software files.
WAP
Wireless Access Point: A networking hardware device that allows wireless devices to connect to a wired network using Wi-Fi or related standards. It’s crucial for creating wireless networks.
PKCS
Public Key Cryptography Standards: A group of public-key cryptography standards devised and published by RSA Security LLC. They’re widely used in certificate management and encryption applications.
IPSec
Internet Protocol Security: A secure network protocol suite that authenticates and encrypts the packets of data sent over an internet protocol network.
KDC
Key Distribution Center: Part of a cryptosystem intended to reduce the risks inherent in exchanging keys.
CTM
Counter Mode: A mode of operation for block ciphers, turning a block cipher into a stream cipher.
NTLM
New Technology LAN Manager: A suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users. While still in use, it’s considered less secure than newer protocols like Kerberos.
SDK
Software Development Kit: A set of software development tools that allows for the creation of applications for a certain software package, framework, hardware platform, computer system, video game console, operating system, or similar development platform.
BGP
Border Gateway Protocol: A standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet.
PAC
Proxy Auto Configuration: A file used to define how web browsers and other user agents can automatically choose the appropriate proxy server for fetching a given URL. It’s used to simplify the management of proxy settings in large organizations.
IR
Incident Response: An organized approach to addressing and managing the aftermath of a security breach or cyberattack.
KEK
Key Encryption Key: A cryptographic key that is used for encrypting other keys.
DES
Digital Encryption Standard: A previously predominant symmetric-key algorithm for the encryption of electronic data, now considered insecure.
OSPF
Open Shortest Path First: An interior gateway protocol that uses link state routing algorithm and falls into the group of interior gateway protocols. It’s widely used in large enterprise networks.
XDR
Extended Detection and Response: A unified security incident detection and response platform that automatically collects and correlates data from multiple proprietary security components. It’s an evolution of EDR, providing broader and deeper visibility across networks.
SAN
Storage Area Network: A dedicated high-speed network that interconnects and presents shared pools of storage devices to multiple servers. It’s commonly used in enterprise-level storage solutions.
IRP
Incident Response Plan: A set of instructions to help IT staff detect, respond to, and recover from network security incidents.
RDP
Remote Desktop Protocol: A proprietary protocol developed by Microsoft, providing a user with a graphical interface to connect to another computer over a network connection. It’s widely used for remote administration of Windows systems.
SFTP
Secured File Transfer Protocol: A network protocol that provides file access, file transfer, and file management over any reliable data stream. It’s commonly used as a more secure alternative to FTP.
TTP
Tactics, Techniques, and Procedures: The behavior of an actor. A tactic is the highest-level description of this behavior, techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique.
VDI
Virtual Desktop Infrastructure: The practice of hosting a desktop operating system within a virtual machine running on a centralized server. It’s used to provide secure, centralized desktop environments.
ESN
Electronic Serial Number: A unique identifier assigned to a mobile phone or mobile device.
BIOS
Basic Input/Output System: Firmware used to perform hardware initialization during the booting process and to provide runtime services for operating systems and programs.
VTC
Video Teleconferencing: A set of interactive telecommunication technologies which allow two or more locations to interact via two-way video and audio transmissions simultaneously. It’s commonly used for remote meetings and collaboration.
SAE
Simultaneous Authentication of Equals: A password-authenticated key agreement method. It’s used in WPA3 for more secure Wi-Fi connections.
DAC
Discretionary Access Control: A type of access control system that allows owners to specify who can access specific resources.
CSP
Cloud Service Provider: A company that offers some component of cloud computing to other businesses or individuals.
PII
Personally Identifiable Information: Any data that could potentially identify a specific individual. Protection of PII is a significant concern in privacy law and information security.
PHI
Personal Health Information: Any information about health status, provision of health care, or payment for health care that can be linked to a specific individual. Protecting PHI is a key requirement of HIPAA regulations.
DHCP
Dynamic Host Configuration Protocol: A network management protocol used to automate the process of configuring devices on IP networks.
APT
Advanced Persistent Threat: A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
AV
Antivirus: Software used to prevent, detect, and remove malware.
WAF
Web Application Firewall: A firewall that monitors, filters and blocks HTTP traffic to and from a web application. It’s used to protect web applications from common web exploits.
TOTP
Time-based One-time Password: A computer algorithm that generates a one-time password which uses the current time as a source of uniqueness. It’s commonly used in two-factor authentication systems.
SPIM
Spam over Internet Messaging: Unsolicited messages sent via instant messaging platforms. It’s a growing problem in online communication.
HMAC
Hashed Message Authentication Code: A specific type of message authentication code involving a cryptographic hash function and a secret cryptographic key.
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart: A type of challenge-response test used in computing to determine whether or not the user is human.
HIPS
Host-based Intrusion Prevention System: A system that monitors a single host for suspicious activity by analyzing events occurring within that host, and takes preventive action.
MaaS
Monitoring as a Service: A cloud-based service that provides monitoring and alerting capabilities for applications, services, and infrastructure. It allows organizations to outsource their monitoring needs.
UEM
Unified Endpoint Management: A class of software tools that provide a single management interface for mobile, PC and other devices. It’s crucial for managing diverse device ecosystems in enterprises.
AH
Authentication Header: A protocol that provides data integrity and authentication for IP packets.
DLL
Dynamic Link Library: Microsoft’s implementation of the shared library concept in the Microsoft Windows and OS/2 operating systems.
AES
Advanced Encryption Standard: A symmetric block cipher chosen by the U.S. government to protect classified information, widely used worldwide.
EDR
Endpoint Detection and Response: An integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data.
PAM
Pluggable Authentication Modules: A mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API). It allows programs that rely on authentication to be written independently of the underlying authentication scheme.
MSCHAP
Microsoft Challenge Handshake Authentication Protocol: A proprietary version of CHAP by Microsoft. It’s used to authenticate remote Windows workstations, providing a higher level of security than standard CHAP.
BPDU
Bridge Protocol Data Unit: A data message transmitted across a local area network to detect loops in network topologies.
BIA
Business Impact Analysis: An assessment of the financial and operational effects resulting from the disruption of business functions and processes.
MAC
Mandatory Access Control: A type of access control where the operating system constrains the ability of a subject to access or perform operations on an object. It’s often used in high-security environments.
UDP
User Datagram Protocol: One of the core members of the Internet protocol suite. It’s used for time-sensitive transmissions such as video playback or DNS lookups.
PEM
Privacy Enhanced Mail: A de facto file format for storing and sending cryptographic keys, certificates, and other data. It’s widely used in email encryption and SSL/TLS certificates.
CRL
Certificate Revocation List: A list of digital certificates that have been revoked by the issuing Certificate Authority before their scheduled expiration date.
MFD
Multifunction Device: A device that incorporates the functionality of multiple devices into one, such as a printer, scanner, copier, and fax machine. It’s common in office environments.
RBAC
Rule-based Access Control: A method of regulating access to system resources based on a set of rules and policies. It’s often used in conjunction with other access control methods like RBAC.
PIV
Personal Identity Verification: A U.S. government-wide credential used to access Federally controlled facilities and information systems at the appropriate security level. It’s a key component of federal identity management systems.
SAML
Security Assertions Markup Language: An open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. It’s widely used for web browser single sign-on.
IaC
Infrastructure as Code: The process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration.
UAV
Unmanned Aerial Vehicle: An aircraft without a human pilot aboard, commonly known as a drone. They’re used in various applications from military to recreational.
DHE
Diffie-Hellman Ephemeral: A method of securely exchanging cryptographic keys over a public channel, providing perfect forward secrecy.
TACACS+
Terminal Access Controller Access Control System Plus: A proprietary protocol that handles authentication, authorization, and accounting services. It’s often used in network devices and Unix-like operating systems.
CERT
Computer Emergency Response Team: A group of experts who handle computer security incidents.
SCEP
Simple Certificate Enrollment Protocol: A protocol for requesting and managing digital certificates. It’s widely used in enterprise environments for certificate management.
IDEA
International Data Encryption Algorithm: A symmetric-key block cipher designed to be an international replacement for DES.
SOAP
Simple Object Access Protocol: A messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML for its message format.
UTP
Unshielded Twisted Pair: A type of cable used in computer networking. It’s the most common cable used in computer networks.
DMARC
Domain Message Authentication Reporting and Conformance: An email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use.
GPG
Gnu Privacy Guard: A free-software replacement for Symantec’s PGP cryptographic software suite.
PAT
Port Address Translation: A feature of NAT that translates connections made to a set of public IP:port pairs into a set of private IP:port pairs. It allows multiple devices on a private network to share a single public IP address.
EAP
Extensible Authentication Protocol: An authentication framework frequently used in wireless networks and point-to-point connections.
UEFI
Unified Extensible Firmware Interface: A specification that defines a software interface between an operating system and platform firmware. It’s meant to replace BIOS.
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge: A globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
IPS
Intrusion Prevention System: A network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.
SASE
Secure Access Service Edge: A network architecture that combines WAN capabilities with security functions to support the dynamic, secure access needs of organizations. It’s an emerging enterprise networking technology.
PPP
Point-to-Point Protocol: A data link layer protocol used to establish a direct connection between two nodes. It’s commonly used to establish internet connections over dial-up modems.
RADIUS
Remote Authentication Dial-in User Service: A networking protocol that provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service. It’s widely used for network access control.
ACL
Access Control List: A list of permissions attached to an object, specifying which users or system processes are granted access to objects, as well as what operations are allowed.
IDF
Intermediate Distribution Frame: A distribution frame in a central office or customer premises, which cross-connects the user cable media to individual user line circuits.
CBC
Cipher Block Chaining: A mode of operation for block ciphers where each block of plaintext is XORed with the previous ciphertext block before being encrypted.
IAM
Identity and Access Management: A framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources.
PDU
Power Distribution Unit: A device fitted with multiple outputs designed to distribute electric power, especially to racks of computers and networking equipment located in a data center. It’s crucial for power management in data centers.
PEAP
Protected Extensible Authentication Protocol: A protocol that encapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel. It’s commonly used in wireless networks for secure authentication.
MAC
Media Access Control: A unique identifier assigned to network interface controllers for communications on the physical network segment. It’s often referred to as the physical address of a network device.
SOC
Security Operations Center: A centralized unit that deals with security issues on an organizational and technical level. It’s a crucial component of many organizations’ cybersecurity strategies.
HIDS
Host-based Intrusion Detection System: A software application that monitors a single host for suspicious activity by analyzing events occurring within that host.
RTO
Recovery Time Objective: The targeted duration of time within which a business process must be restored after a disaster to avoid unacceptable consequences. It’s a critical component of business continuity planning.
AAA
Authentication, Authorization, and Accounting: A security framework that controls access to computer resources, enforces policies, and provides the tools for auditing usage.
CSR
Certificate Signing Request: A message sent from an applicant to a Certificate Authority in order to apply for a digital identity certificate.
TSIG
Transaction Signature: A mechanism for authenticating DNS updates, typically used between DNS servers. It’s important for maintaining the integrity of DNS data.
ICS
Industrial Control Systems: General term for several types of control systems and associated instrumentation used in industrial production.
PGP
Pretty Good Privacy: An encryption program that provides cryptographic privacy and authentication for data communication. It’s widely used for signing, encrypting, and decrypting texts, emails, files, directories, and whole disk partitions.
SRTP
Secure Real-Time Protocol: A security profile for RTP that adds confidentiality, message authentication, and replay protection to that protocol. It’s commonly used to protect VoIP traffic.
GPO
Group Policy Object: A collection of settings that define what a system will look like and how it will behave for a defined group of users.
S/MIME
Secure/Multipurpose Internet Mail Extensions: A standard for public key encryption and signing of MIME data. It’s used for secure email communication.
ASLR
Address Space Layout Randomization: A security technique involved in preventing exploitation of memory corruption vulnerabilities.
FPGA
Field Programmable Gate Array: An integrated circuit designed to be configured by a customer or a designer after manufacturing.
PBKDF2
Password-based Key Derivation Function 2: A key derivation function with a sliding computational cost, used to reduce vulnerabilities to brute force attacks. It’s widely used for password hashing and key generation.
IEEE
Institute of Electrical and Electronics Engineers: A professional association for electronic engineering and electrical engineering with its corporate office in New York City and its operations center in Piscataway, New Jersey.
IKE
Internet Key Exchange: The protocol used to set up a security association in the IPsec protocol suite.
COOP
Continuity of Operation Planning: A strategy that ensures critical operations can continue during and after a disaster.
BYOD
Bring Your Own Device: A policy allowing employees to bring personally owned devices to their workplace and use them to access company information and applications.
IV
Initialization Vector: An input to a cryptographic primitive being used to provide the initial state.
PAM
Privileged Access Management: Technologies and processes to control, monitor, and audit privileged accounts and access in an organization. It’s crucial for protecting against insider threats and external attacks targeting privileged accounts.
MAN
Metropolitan Area Network: A computer network that interconnects users with computer resources in a geographic region of the size of a metropolitan area. It’s larger than a LAN but smaller than a WAN.
NTP
Network Time Protocol: A networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. It’s crucial for maintaining accurate time across networked systems.
RFID
Radio Frequency Identifier: A technology that uses electromagnetic fields to automatically identify and track tags attached to objects. It’s used in a wide variety of applications from inventory tracking to access control.
SEH
Structured Exception Handler: A mechanism in Windows for handling both hardware and software exceptions. It’s an important consideration in Windows software development and security.
TGT
Ticket Granting Ticket: In Kerberos authentication, a special ticket that allows the client to request additional tickets without reapplying for authentication. It’s crucial for efficient authentication in Kerberos systems.
ARO
Annualized Rate of Occurrence: The estimated frequency with which a threat is expected to occur in a year.
SWG
Secure Web Gateway: A solution that filters unwanted software/malware from user-initiated web/internet traffic and enforces corporate and regulatory policy compliance. It’s a key component of many organizations’ web security strategies.
WPS
Wi-Fi Protected Setup: A network security standard that attempts to make connections between a router and wireless devices faster and easier. It’s been largely deprecated due to security vulnerabilities.
CSRF
Cross-site Request Forgery: A type of malicious exploit of a website where unauthorized commands are submitted from a user that the web application trusts.
PCI DSS
Payment Card Industry Data Security Standard: An information security standard for organizations that handle branded credit cards from the major card schemes. It’s designed to increase controls around cardholder data to reduce credit card fraud.
PED
Personal Electronic Device: Any electronic device intended for personal use, such as smartphones, tablets, or laptops. Managing PEDs is a key concern in enterprise mobility and BYOD policies.
OVAL
Open Vulnerability Assessment Language: An international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. It’s used for vulnerability assessment and configuration management.
VLSM
Variable Length Subnet Masking: Allows a network admin to divide an IP address space into a hierarchy of subnets of different sizes, making address allocation more efficient. It’s crucial for efficient use of IP address space.
FRR
False Rejection Rate: The likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user.
SCAP
Security Content Automation Protocol: A method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation. It’s used to maintain the security of enterprise systems.
RACE
Research and Development in Advanced Communications Technologies in Europe: A European Union research and development program in advanced communications technologies. It has contributed to various telecommunications standards.
FACL
File System Access Control List: A data structure that contains access control entries defining individual user or group rights to specific system objects.
SOW
Statement of Work: A document that defines project-specific activities, deliverables, and timelines for a vendor providing services to a client. It’s commonly used in project management.
HOTP
HMAC-based One-time Password: An algorithm for generating one-time passwords based on HMAC.
MTTR
Mean Time to Recover: The average time required to repair a failed component or device. It’s a key metric in evaluating system maintainability.
L2TP
Layer 2 Tunneling Protocol: A tunneling protocol used to support virtual private networks or as part of the delivery of services by ISPs.
TAXII
Trusted Automated eXchange of Indicator Information: A set of specifications defining protocols for securely exchanging cyber threat information. It’s often used in conjunction with STIX.
RBAC
Role-based Access Control: An approach to restricting system access to authorized users based on their role within an organization. It’s widely used in enterprise systems to manage access rights efficiently.
OAUTH
Open Authorization: An open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. It’s widely used for secure API authorization.
RAD
Rapid Application Development: An adaptive software development approach that favors rapid prototyping and quick feedback over long, pre-planned development cycles. It’s often used in software projects with short timelines.
NAC
Network Access Control: A computer networking security approach that attempts to unify endpoint security technology, user or system authentication, and network security enforcement. It’s used to ensure only compliant and trusted endpoints can access the network.
DEP
Data Execution Prevention: A security feature in modern operating systems that prevents certain types of malicious software from executing.
CFB
Cipher Feedback: A mode of operation for a block cipher, allowing it to be used as a stream cipher.
MPLS
Multi-protocol Label Switching: A routing technique in telecommunications networks that directs data from one network node to the next based on labels rather than network addresses. It improves network performance and manageability.
DSL
Digital Subscriber Line: A family of technologies that provide internet access by transmitting digital data over telephone lines.
VDE
Virtual Desktop Environment: A user interface that takes the entire desktop experience from a traditional PC and puts it on another computer or device. It’s used for remote work and centralized desktop management.
PTZ
Pan-tilt-zoom: Refers to a type of camera that is capable of remote directional and zoom control. PTZ cameras are commonly used in surveillance systems.
SOAR
Security Orchestration, Automation, Response: A stack of compatible software programs that enables organizations to collect data about security threats and respond to security events without human assistance. It’s increasingly important in modern cybersecurity operations.
OCSP
Online Certificate Status Protocol: An internet protocol used for obtaining the revocation status of an X.509 digital certificate. It’s an alternative to certificate revocation lists and is used in many PKI implementations.
BPA
Business Partners Agreement: A contract between business partners that outlines the terms of their partnership.
ECB
Electronic Code Book: A simple mode of operation for block ciphers, where each block is encrypted separately.
PFS
Perfect Forward Secrecy: A feature of specific key agreement protocols that ensures session keys will not be compromised even if the private key of the server is compromised. It’s an important consideration in secure communications protocols.
AIS
Automated Indicator Sharing: A capability that enables the exchange of cyber threat indicators between the federal government and the private sector at machine speed.
PUP
Potentially Unwanted Program: Software that a user may perceive as unwanted or unnecessary. It’s often bundled with desired software and may include adware or other mildly intrusive programs.
PPTP
Point-to-Point Tunneling Protocol: An obsolete method for implementing virtual private networks. While still in use, it’s considered insecure and has largely been replaced by more secure protocols like L2TP/IPsec and OpenVPN.
AUP
Acceptable Use Policy: A set of rules applied by the owner, creator or administrator of a network, website, or service that restrict the ways in which the network, website or system may be used.
CIO
Chief Information Officer: A job title commonly given to the person responsible for the information technology and computer systems that support enterprise goals.
GRE
Generic Routing Encapsulation: A tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links.
SHTTP
Secure Hypertext Transfer Protocol: A little-used alternative to HTTPS for encrypting web communications carried over HTTP. It’s largely been superseded by HTTPS.
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral: A key agreement protocol that allows two parties to establish a shared secret over an insecure channel.
FDE
Full Disk Encryption: Encryption of every bit of data that goes on a disk or disk volume.
TOC
Time-of-check: Refers to the time at which a condition is checked, often used in the context of the Time-of-check to time-of-use” (TOCTOU) class of software bugs.”
CCMP
Counter Mode/CBC-MAC Protocol: A method of ensuring data integrity and privacy for wireless networks, considered an improvement on TKIP.
P12
PKCS #12: A file format for storing cryptographic objects as a single file. It’s commonly used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust.
WO
Work Order: A document that provides details of a job to be performed. In IT, it’s often used to track and manage service requests and tasks.
SDLC
Software Development Lifecycle: A process for planning, creating, testing, and deploying an information system. It’s a framework followed by development teams to produce high-quality software.
DRP
Disaster Recovery Plan: A documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster.
CIA
Confidentiality, Integrity, Availability: The three main objectives of information security, often referred to as the CIA triad.
USB OTG
USB On the Go: A specification that allows USB devices such as tablets or smartphones to act as a host, allowing other USB devices like USB flash drives, digital cameras, mice or keyboards to be attached to them. It enhances the flexibility of USB devices.
ICMP
Internet Control Message Protocol: A supporting protocol in the Internet protocol suite used by network devices to send error messages and operational information.
AP
Access Point: A networking hardware device that allows other Wi-Fi devices to connect to a wired network.
RTP
Real-time Transport Protocol: A network protocol for delivering audio and video over IP networks. It’s widely used in communication and entertainment systems that involve streaming media.
OT
Operational Technology: Hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in enterprise. It’s crucial in industrial control systems and critical infrastructure.
SE Linux
Security-enhanced Linux: A Linux kernel security module that provides a mechanism for supporting access control security policies. It’s widely used in security-focused Linux distributions.
PSK
Pre-shared Key: A shared secret which was previously shared between the two parties using some secure channel before it needs to be used. It’s commonly used in Wi-Fi security protocols like WPA.
LEAP
Lightweight Extensible Authentication Protocol: A proprietary wireless LAN authentication method developed by Cisco Systems. It’s considered insecure and has been largely replaced by more robust protocols.
CASB
Cloud Access Security Broker: A software tool or service that sits between an organization’s on-premises infrastructure and a cloud provider’s infrastructure.
CHAP
Challenge Handshake Authentication Protocol: An authentication method that uses a three-way handshake to periodically verify the identity of the client.
RAID
Redundant Array of Inexpensive Disks: A storage technology that combines multiple disk drive components into a logical unit for the purposes of data redundancy and performance improvement. It’s commonly used in enterprise storage systems.
OTA
Over the Air: Various methods of distributing new software, configuration settings, and even updating encryption keys to devices like cell phones, set-top boxes or secure voice communication equipment. It’s widely used for mobile device management.
CVSS
Common Vulnerability Scoring System: A free and open industry standard for assessing the severity of computer system security vulnerabilities.
UTM
Unified Threat Management: A security appliance that combines multiple security features like firewall, gateway antivirus, and intrusion detection. It’s used to simplify network security management.
HSM
Hardware Security Module: A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing.
CMS
Content Management System: A software application used to manage digital content, allowing multiple contributors to create, edit and publish.
IDS
Intrusion Detection System: A device or software application that monitors a network or systems for malicious activity or policy violations.
CSU
Channel Service Unit: A digital interface device used to connect data terminal equipment to a digital circuit.
SDLM
Software Development Lifecycle Methodology: A framework that is used to structure, plan, and control the process of developing an information system. It includes pre-definition of specific deliverables and artifacts.
VLAN
Virtual Local Area Network: Any broadcast domain that is partitioned and isolated in a computer network at the data link layer. It’s used to improve network performance and security.
MSSP
Managed Security Service Provider: A type of MSP that provides outsourced monitoring and management of security devices and systems. They offer services like managed firewall, intrusion detection, VPN, vulnerability scanning, and anti-viral services.
ECDSA
Elliptic Curve Digital Signature Algorithm: A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.
SHA
Secure Hashing Algorithm: A family of cryptographic hash functions designed by the U.S. National Security Agency. SHA-256 and SHA-3 are widely used in various security applications and protocols.
