Acronyms Flashcards
AAA
Authentication, Authorization, and Accounting: A framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
ACL
Access Control List: A table that tells a computer operating system which access rights each user has to a particular system object, such as a file directory or individual file.
AES
Advanced Encryption Standard: A symmetric encryption algorithm widely used across the globe to secure data.
AES-256
Advanced Encryption Standards 256-bit: A version of AES using 256-bit key size for encryption, providing a higher level of security.
AH
Authentication Header: A part of the IPsec protocol suite that provides authentication and integrity to the data.
AI
Artificial Intelligence: The simulation of human intelligence processes by machines, especially computer systems.
AIS
Automated Indicator Sharing: A system that allows the exchange of cyber threat indicators between the public and private sectors.
ALE
Annualized Loss Expectancy: A risk management concept to estimate the monetary loss that can be expected for an asset due to a risk over a year.
AP
Access Point: A networking hardware device that allows other Wi-Fi devices to connect to a wired network.
API
Application Programming Interface: A set of functions and procedures allowing the creation of applications that access the features or data on an operating system, application, or other services.
APT
Advanced Persistent Threat: A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
ARO
Annualized Rate of Occurrence: The expected frequency with which a specific event is likely to occur annually.
ARP
Address Resolution Protocol: A communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address.
ASLR
Address Space Layout Randomization: A computer security technique involved in preventing exploitation of memory corruption vulnerabilities.
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge: A knowledge base maintained by MITRE for listing and explaining cyber adversary behavior.
AUP
Acceptable Use Policy: A policy that sets out the rules and guidelines for the proper use of an organization’s information technology.
AV
Antivirus: Software designed to detect and destroy computer viruses.
BASH
Bourne Again Shell: A Unix shell and command language.
BCP
Business Continuity Planning: The process involved in creating a system of prevention and recovery from potential threats to a company.
BGP
Border Gateway Protocol: The protocol used to route information across the internet.
BIA
Business Impact Analysis: A process that identifies and evaluate the potential effects of natural and man-made events on business operations.
BIOS
Basic Input/Output System: Firmware used to perform hardware initialization during the booting process and to provide runtime services for operating systems and programs.
BPA
Business Partners Agreement: A contract between parties who have agreed to share resources to undertake a specific, mutually beneficial project.
BPDU
Bridge Protocol Data Unit: A type of network message that is transmitted by a local area network (LAN) bridge.
BYOD
Bring Your Own Device: A policy that allows employees to bring personally owned devices to their workplace and use those devices to access company information and applications.
CA
Certificate Authority: An entity that issues digital certificates for use by other parties.
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart: A type of challenge-response test used in computing to determine whether the user in human.
CAR
Corrective Action Report: A report that outlines the corrective actions necessary to rectify a detected non-conformance.
CASB
Cloud Access Security Broker: On-premises or cloud-based security policy enforcement points between cloud service consumers and cloud service providers.
CBC
Cipher Block Chaining: A mode of operation for a block cipher that provides confidentiality but not message integrity.
CCMP
Counter Mode/CBC-MAC Protocol: An encryption protocol used in Wi-Fi networks.
CCTV
Closed-circuit Television: A TV system in which signals are not publicly distributed but are monitored, primarily for surveillance and security purposes.
CERT
Computer Emergency Response Team: An expert group that handles computer security incidents.
CFB
Cipher Feedback: a mode of operation for a block cipher.
CHAP
Challenge Handshake Authentication Protocol: A type of authentication protocol used primarily to authenticate a user or network host to an authenticating entity.
CIA
Confidentiality, Integrity, Availability: A model designed to guide policies for information security within an organization.
CIO
Chief Information Officer: A job title commonly given to the most senior executive in an enterprise responsible for the information technology and computer systems that support enterprise goals.
CIRT
Computer Incident Response Team: A service organization that is contacted when a security breach or other computer-related emergency occurs.
CMS
Content Management System: Software that helps users create, manage, and modify content on a website without the need for specialized technical knowledge.
COOP
Continuity of Operation Planning: A process by government agencies to ensure that critical functions continue during a wide range of emergencies, including localized acts of nature, accidents, and technological or attack-related emergencies.
CP
Contingency Planning: A course of action designed to help an organization respond effectively to a significant future event or situation that may or may not happen.
CRC
Certificate Redundancy Check: An error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.
CRL
Certificate Revocation List: A list of digital certificates that have been revoked by the issuing certificate authority before their scheduled expiration date and should no longer be trusted.
CSO
Chief Security Officer: A company executive responsible for the security of personnel, physical assets, and information in both physical and digital form.
CSP
Cloud Service Provider: A company that offers some component of cloud computing - typically Infrastructure as a Service (IaaS), Software as a Service (SaaS) or Platform as a Service (PaaS) - to other businesses or individuals.
CSR
Certificate Signing Request: A message sent from an applicant to a certificate authority in order to apply for a digital identity certificate.
CSRF
Cross-site Request Forgery: A type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts.
CSU
Channel Service Unit: A device used in digital data transmission for interfacing a digital data terminal with a digital transmission medium.
CTM
Counter Mode: A mode of operation in cryptography for block ciphers.
CTO
Chief Technology Officer: An executive-level position in a company or other entity whose occupant is focused on scientific and technological issues within an organization.
CVE
Common Vulnerability Enumeration: A list of publicly disclosed cybersecurity vulnerabilities.
CVSS
Common Vulnerability Scoring System: A free and open industry standard for assessing the severity of computer system security vulnerabilities.
CYOD
Choose Your Own Device: A corporate policy that permits employees to choose which devices they use for work purposes.
DAC
Discretionary Access Control: A type of access control defined by the Access Control List (ACL) where access rights are assigned to users by the system (or system’s administrators).
DBA
Database Administrator: A person who uses specialized software to store and organize data.
DDoS
Distributed Denial of Service: A type of cyber-attack where multiple compromised computer systems attack a target, such as a server, website, or other network resource, and cause a denial of service for users of the targeted resource.
DEP
Data Execution Prevention: A security feature that can help prevent damage to your computer from viruses and other security threats.
DES
Digital Encryption Standard: A previously dominant algorithm for the encryption of electronic data.
DHCP
Dynamic Host Configuration Protocol: A network management protocol used on IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network.
DHE
Diffie-Hellman Ephemeral: A method of securely exchanging cryptographic keys over a public channel.
DLL
Dynamic Link Library: A feature of Windows and other operating systems that allows multiple software programs to share the same functionality.
DLP
Data Loss Prevention: A set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
DMARC
Domain Message Authentication Reporting and Conformance: An email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
DNAT
Destination Network Address Translation: A technique for transparently changing the destination IP address of an end route packet and performing the invers function for any replies.
DNS
Domain Name System: The phonebook of the Internet, a hierarchical and decentralized naming system for computers, services or other resources connected to the Internet or a private network.
DoS
Denial of Service: A cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
DPO
Data Privacy Officer: A role within a company or organization responsible for ensuring that the company complies with data protection laws.
DRP
Disaster Recovery Plan: A structured approach with policies and procedures for responding to an unplanned incident and recovering critical systems.
DSA
Digital Signature Algorithm: A standard for digital signatures.
DSL
Digital Subscriber Line: A family of technologies that provide internet access by transmitting digital data over the wires of local telephone network.
EAP
Extensible Authentication Protocol: An authentication framework frequently used in wireless networks and Point-to-Point connections.
ECC
Elliptic Curve Cryptography: An approach to public‐key cryptography based on the algebraic
structure of elliptic curves over finite fields.
ECDHE
Elliptical Curve Diffie-Hellman Ephemeral: A variant of the Diffie-Hellman algorithm that uses elliptic curve cryptography.
ECDSA
Elliptical Curve Digital Signature Algorithm: A cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners.
EDR
Endpoint Detection and Response: A cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats.
EFS
Encrypted File System: A feature of some versions of Microsoft Windows that provides filesystem-level encryption.
ERP
Enterprise Resource Planning: Business process management software that allows an organization to use a system of integrated applications to manage the business and automate many back office functions.
ESN
Electronic Serial Number: A unique identification number embedded by manufacturers on a microchip in wireless phones.
ESP
Encapsulated Security Payload: A component of IPsec used for providing confidentiality, along with some authentication and integrity, to the data.
FACL
File System Access Control List: A data structure, most often associated with Microsoft Windows and NTFS, that controls access to files and folders.
FDE
Full Disk Encryption: Encryption at the hardware level.
FIM
File Integrity Management: A technology that monitors and reports changes in files, often used in IT security.
FPGA
Field Programmable Gate Array: An integrated circuit designed to be configured by a customer or a designer after manufacturing.
FRR
False Rejection Rate: In biometric security systems, the measure of the likelihood that the biometric security system will incorrectly reject an access attempt by an authorized user.
FTP
File Transfer Protocol: A standard network protocol used for the transfer of computer files between a client and server on a computer network.
FTPS
Secured File Transfer Protocol: An extension of FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.
GCM
Galois Counter Mode: A mode of operation for symmetric key cryptographic block ciphers that has been widely adopted because of its efficiency and performance.
GDPR
General Data Protection Regulation: A regulation in EU law on dat a protection and privacy in the European Union and the European Economic Area.
GPG
Gnu Privacy Guard: A free software re-implementation of the OpenPGP standard as defined by RFC4880, which allows you to encrypt and sign your data and communications.
GPO
Group Policy Object: A feature of Windows that provides centralized management and configuration of operating systems, applications, and users’ settings in an Active Directory environment.
GPS
Global Positioning System: A satellite-based radio navigation system owned by the United States government and operated by the United States Space Force.
GPU
Graphics Processing Unit: A specialized electronic circuit designed to rapidly manipulate and alter memory to accelerate the creation of images in a frame buffer intended for output to a display device.
GRE
Generic Routing Encapsulation: A tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.
