Acronyms explained Flashcards
ACL
An Access Control List (ACL) is a set of rules used to control network traffic and reduce network attacks by limiting which users and systems can access certain resources. It specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. ACLs are critical in network security for managing permissions and ensuring that only authorized entities can access specific resources.
AAA
Authentication Authorization and Accounting (AAA) is a security framework used to control access to computer resources, enforce policies, and audit usage. It ensures that users are who they claim to be (Authentication), grants or denies access to resources (Authorization), and keeps track of user activity (Accounting). This framework is essential for managing and securing network environments, providing a comprehensive approach to access control and user management.
AES
The Advanced Encryption Standard (AES) is a symmetric encryption algorithm widely used across the globe to secure data. It encrypts data in fixed block sizes using key sizes of 128, 192, or 256 bits, providing a robust security mechanism that is both fast and highly secure. AES is the standard chosen by the U.S. government and many other organizations for encrypting sensitive information.
AES-256
Advanced Encryption Standard 256-bit (AES-256) is a version of the AES encryption algorithm that uses a 256-bit key length for encrypting and decrypting data. This provides an extremely high level of security, making it ideal for encrypting sensitive data in governmental, financial, and other high-security environments. AES-256 is known for its resistance to all known practical attacks, ensuring the confidentiality and integrity of the data it protects.
AH
The Authentication Header (AH) is a key component within the IPsec suite, providing crucial security features for data traveling across networks. It acts like a digital fingerprint and seal, verifying the sender’s identity, ensuring data integrity (no tampering), and preventing replay attacks (reusing old packets). By inserting AH into the data packets themselves, AH safeguards communication between devices and networks that require strong data protection and sender authentication.
AIS
Automated Indicator Sharing (AIS) is a program by the U.S. Department of Homeland Security designed to facilitate the sharing of cyber threat indicators between the government and private sector. It helps organizations quickly share and receive information about cybersecurity threats to improve defensive measures. AIS supports a real-time exchange of threat data to enhance collective cybersecurity posture.
ALE
Annualized Loss Expectancy (ALE) is a metric used in risk management to estimate the potential financial loss from a specific risk over the course of a year. It is calculated by multiplying the Single Loss Expectancy (SLE) by the Annual Rate of Occurrence (ARO). ALE helps organizations quantify and prioritize risks based on their potential impact on the business.
Ale = Sle x Aro
AP
Access Point (AP) is a device that allows wireless devices to connect to a wired network using Wi-Fi or other wireless protocols. It acts as a central transmitter and receiver of wireless radio signals, enabling devices to communicate with the network and with each other. APs are essential components in wireless local area networks (WLANs).
API
Application Programming Interface (API) is a set of rules and protocols for building and interacting with software applications. APIs allow different software systems to communicate with each other, enabling integration and interaction. In cybersecurity, secure API management is crucial to prevent unauthorized access and data breaches.
APT
Advanced Persistent Threat (APT) refers to a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period. The goal is to steal data rather than cause damage. APTs are often associated with state-sponsored or highly skilled threat actors targeting specific organizations.
ARO
, Annualized Rate of Occurrence (ARO) is a measure used in risk management to estimate how often a particular risk is expected to occur within a year. It is used in calculating the Annualized Loss Expectancy (ALE) by providing the frequency of potential loss events. ARO helps organizations assess and prioritize risks based on their likelihood.
ARP
Address Resolution Protocol (ARP) is a protocol used for mapping an IP address to a physical machine address (MAC address) on a local area network. ARP operates at the OSI model’s Network layer and is essential for communication between devices on the same network. ARP spoofing attacks can be used to intercept or alter network traffic.
ASLR
Address Space Layout Randomization (ASLR) is a security technique used to prevent exploitation of memory corruption vulnerabilities by randomizing the memory addresses used by system and application processes. ASLR makes it difficult for attackers to predict the location of specific functions or memory segments, thereby reducing the success rate of certain types of attacks.
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a framework developed by MITRE that provides a detailed catalog of cyber adversary behavior. It describes the various techniques and tactics used by attackers throughout the lifecycle of an intrusion. ATT&CK is widely used for threat modeling, red teaming, and improving security operations.
AUP
Acceptable Use Policy (AUP) is a set of rules and guidelines that define acceptable behavior and usage of an organization’s IT resources. It outlines what users are and are not allowed to do with company-owned equipment and network resources. AUPs are essential for ensuring compliance, security, and proper use of technology within an organization.
AV
Antivirus (AV) software is a program designed to detect, prevent, and remove malware from computers and networks. AV solutions use various techniques, such as signature-based detection, heuristic analysis, and behavioral analysis, to identify and mitigate threats. Regular updates and scans are crucial for maintaining effective protection against evolving cyber threats.
BASH
Bourne Again Shell (BASH) is a command language interpreter for Unix and Linux operating systems. It provides a user interface for entering and executing commands, scripts, and programs. BASH is widely used for system administration, automation, and scripting tasks in cybersecurity and IT operations.
BCP
Business Continuity Plan (BCP) is a strategy and set of procedures to ensure that critical business functions continue during and after a disaster or disruption. BCP includes plans for data backup, recovery, and maintaining operations in the face of various threats. It is essential for minimizing downtime and ensuring organizational resilience.
BGP
Border Gateway Protocol (BGP) is a standardized exterior gateway protocol used to exchange routing information between autonomous systems on the internet. BGP helps determine the best paths for data to travel across the complex web of networks that make up the internet. BGP security is crucial to prevent route hijacking and ensure reliable internet connectivity.
BIA
Business Impact Analysis (BIA) is a process used to assess the potential effects of an interruption to critical business operations. It identifies critical functions, assesses the impact of disruptions, and helps prioritize recovery strategies. BIA is a key component of business continuity planning and risk management.
BIOS
Basic Input/Output System (BIOS) is firmware used to perform hardware initialization and provide runtime services for operating systems and programs. It is the first software to run when a computer is powered on, enabling the system to boot. Secure BIOS configurations are crucial for preventing unauthorized access and ensuring system integrity.
BPA
Business Partnership Agreement (BPA) is a formal agreement between two or more parties that outlines the terms and conditions of their business relationship. It defines responsibilities, expectations, and processes for managing the partnership. BPAs are important for establishing clear communication, governance, and accountability.
BPDU
Bridge Protocol Data Unit (BPDU) is a type of network message used in the Spanning Tree Protocol (STP) to prevent loops in network topologies. BPDUs are exchanged between switches to determine the network’s structure and establish a loop-free path. Proper BPDU management is essential for maintaining stable and efficient network operations.
BYOD
Bring Your Own Device (BYOD) refers to a policy that allows employees to use their personal devices (such as smartphones, tablets, and laptops) for work purposes. BYOD can increase productivity and flexibility but also introduces security challenges. Implementing strong security measures and policies is crucial to protect organizational data on personal devices.
CA
Certificate Authority (CA) is a trusted organization that issues digital certificates used to verify the identity of entities and to facilitate secure communication over networks. CAs play a critical role in public key infrastructure (PKI) by ensuring that the parties involved in a digital transaction are who they claim to be. This helps maintain the integrity and security of online communications
CAPTCHA
Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a type of challenge-response test used to determine whether the user is human. It helps prevent automated bots from accessing websites and performing malicious activities such as spamming or data scraping. CAPTCHAs often involve recognizing distorted text or selecting images that meet certain criteria.”
CAR
Corrective Action Report (CAR) is a document outlining the steps taken to address and correct issues or non-conformities identified during audits or incident investigations. CARs help organizations improve their processes, prevent recurrence of issues, and ensure compliance with standards and regulations. They are an essential part of continuous improvement and quality management systems
CASB
Cloud Access Security Broker (CASB) is a security policy enforcement point placed between cloud service users and cloud applications. It provides visibility, compliance, data security, and threat protection for cloud-based services. CASBs help organizations secure their cloud environments by enforcing policies and monitoring user activities
CBC
Cipher Block Chaining (CBC) is a mode of operation for block ciphers that enhances the security of encrypted data. In CBC mode, each plaintext block is XORed with the previous ciphertext block before being encrypted, ensuring that identical plaintext blocks produce different ciphertext blocks. This adds an additional layer of security by making patterns in the plaintext less discernible
CCMP
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol used in wireless security standards such as WPA2. CCMP provides data confidentiality, authentication, and integrity by using AES encryption. It is more secure than its predecessor TKIP and is widely used to protect Wi-Fi communications
CCTV
Closed-Circuit Television (CCTV) is a surveillance system that uses video cameras to transmit a signal to a specific, limited set of monitors. CCTV is commonly used for security monitoring in various settings such as businesses, public spaces, and homes. It helps deter criminal activity, monitor for suspicious behavior, and collect evidence for investigations
CERT
Computer Emergency Response Team (CERT) is a group of experts who handle computer security incidents. CERTs are responsible for identifying, assessing, and responding to cybersecurity threats and vulnerabilities. They provide support and guidance to organizations during incidents and help improve overall cybersecurity posture through training and awareness programs
CFB
Cipher Feedback (CFB) is a mode of operation for block ciphers that allows encryption of smaller units of data than the block size. CFB turns a block cipher into a self-synchronizing stream cipher, enabling encryption of data streams and ensuring that identical plaintext segments produce different ciphertext. It is useful for encrypting data of varying lengths.”
CHAP
Challenge-Handshake Authentication Protocol (CHAP) is a security protocol used to authenticate users or devices in network connections. CHAP periodically verifies the identity of the client by using a three-way handshake and a shared secret. This method helps prevent unauthorized access and protects against replay attacks by using different challenge values for each authentication
CIA
Confidentiality, Integrity, and Availability (CIA) is a fundamental model in information security that ensures the protection of data. Confidentiality means protecting data from unauthorized access, integrity ensures data is accurate and unaltered, and availability ensures that data and systems are accessible when needed. The CIA triad is a cornerstone of cybersecurity practices and policies
CIO
Chief Information Officer (CIO) is an executive responsible for managing and overseeing an organization’s information technology (IT) strategy and operations. The CIO ensures that IT systems support the organization’s goals, manages IT budgets, and leads initiatives to improve technology infrastructure. They play a critical role in aligning IT with business objectives and ensuring cybersecurity
CIRT
Computer Incident Response Team (CIRT) is a group of professionals dedicated to responding to and managing computer security incidents. CIRT members are responsible for identifying, analyzing, and mitigating cybersecurity threats. They help organizations recover from incidents, improve security measures, and reduce the risk of future attacks
CMS
Content Management System (CMS) is software used to create, manage, and modify digital content on websites. CMS platforms provide tools for users to design, publish, and maintain web content without requiring extensive technical knowledge. Popular CMSs include WordPress, Joomla, and Drupal, which are widely used for creating and managing websites
COOP
Continuity of Operations Plan (COOP) is a strategy that ensures the continuation of essential functions during and after a disaster or disruption. COOP outlines procedures for maintaining operations, recovering critical systems, and ensuring that vital services remain available. It is crucial for organizational resilience and disaster recovery planning
COPE
Corporate-Owned, Personally-Enabled (COPE) is a policy that provides employees with company-owned devices that they can use for both work and personal purposes. COPE offers better control over security and management of devices while still allowing employees the flexibility to use the devices for personal tasks. It helps organizations maintain security while supporting employee productivity
CP
Contingency Plan (CP) is a set of procedures and guidelines designed to help an organization respond to unexpected events and disruptions. CPs outline steps to take in emergencies, such as natural disasters, cyberattacks, or system failures, to ensure that critical functions can continue or be quickly restored. Effective contingency planning is essential for minimizing downtime and impact on operations.”
CRC
Cyclic Redundancy Check (CRC) is an error-detecting code used to detect accidental changes to raw data. It is commonly used in digital networks and storage devices to ensure data integrity. CRC generates a checksum based on the data, which is compared at the receiving end to verify that the data has not been altered or corrupted during transmission
CRL
Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their expiration dates. CRLs are used to check the validity of a certificate and ensure that it is not used for malicious purposes. Regularly updating and checking CRLs is crucial for maintaining the security of public key infrastructure (PKI).”
CSO
Chief Security Officer (CSO) is an executive responsible for an organization’s security, including physical security, cybersecurity, and risk management. The CSO develops and implements security policies, oversees security operations, and ensures compliance with regulations. They play a key role in protecting the organization’s assets, personnel, and information
CSP
Cloud Service Provider (CSP) is a company that offers cloud computing services, such as infrastructure, platforms, and software, to other businesses and individuals. CSPs provide scalable and flexible resources over the internet, allowing organizations to manage workloads and applications without investing in physical hardware. Common CSPs include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).”
CSR
Certificate Signing Request (CSR) is a block of encoded text submitted to a Certificate Authority (CA) to apply for a digital certificate. A CSR contains information such as the organization’s name, domain, and public key. The CA uses the CSR to create and issue a digital certificate that can be used for secure communications and authentication
CSRF
Cross-Site Request Forgery (CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. By exploiting the trust that a website has in a user’s browser, attackers can make unauthorized requests on behalf of the user. Implementing anti-CSRF tokens and verifying request origins are common defenses against CSRF attacks
CSU
Channel Service Unit (CSU) is a device used to connect a digital communication line, such as a T1 line, to a network router or other data terminal equipment. CSUs perform signal regeneration, loopback testing, and line conditioning to ensure reliable data transmission. They are essential components in telecommunications networks for maintaining signal integrity
CTM
Counter-Mode/CBC-MAC Protocol (CTM) is a cryptographic protocol that combines Counter Mode encryption with Cipher Block Chaining Message Authentication Code (CBC-MAC) for securing data. CTM provides both confidentiality and data integrity, making it suitable for protecting sensitive information in various applications. It is used in protocols like IEEE 802.11i for securing wireless communications
CTO
Chief Technology Officer (CTO) is an executive responsible for overseeing the development and implementation of technology within an organization. The CTO focuses on technology strategy, innovation, and aligning technological advancements with business goals. They play a crucial role in driving technological growth, ensuring competitive advantage, and managing tech-related risks.”
CVE
Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed information security vulnerabilities and exposures. Each CVE entry contains an identifier, a description, and references to vulnerability reports and patches. CVEs help organizations identify and address security flaws in software and hardware, improving overall cybersecurity posture.”
CVSS
Common Vulnerability Scoring System (CVSS) is a standardized framework for rating the severity of security vulnerabilities. CVSS provides a numerical score that reflects the potential impact of a vulnerability, helping organizations prioritize their response and remediation efforts. The scoring system considers factors like exploitability, impact, and the complexity of attacks
CYOD
Choose Your Own Device (CYOD) is a policy that allows employees to select from a range of company-approved devices for work purposes. CYOD provides a balance between user preference and organizational control over device security. It helps ensure that devices meet security standards while offering employees some flexibility in their choice of technology
DAC
Discretionary Access Control (DAC) is a type of access control system where the owner of a resource determines who can access it and what permissions they have. It provides flexible and fine-grained control but can be less secure than other access control models if not managed properly
DBA
Database Administrator (DBA) is responsible for the installation, configuration, upgrading, administration, monitoring, maintenance, and security of databases in an organization. DBAs ensure that databases run efficiently and securely, supporting data management and storage requirements
DDoS
Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic from multiple sources. DDoS attacks can cause significant downtime and disruption for online services.”
DEP
Data Execution Prevention (DEP) is a security feature that helps prevent code execution from non-executable memory regions. It protects against certain types of exploits by marking areas of memory as non-executable, thereby preventing malicious code from running in those areas
DES
Data Encryption Standard (DES) is an older symmetric-key block cipher encryption algorithm that encrypts data in 64-bit blocks using a 56-bit key. DES is considered insecure due to its short key length and vulnerability to brute-force attacks, leading to its replacement by more secure algorithms like AES
DHCP
Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to dynamically assign IP addresses and other network configuration parameters to devices on a network. DHCP simplifies network administration by automating the assignment of IP addresses
DHE
Diffie-Hellman Ephemeral (DHE) is a key exchange protocol that provides forward secrecy by generating a unique session key for each communication session. It is used in secure communications to ensure that even if a session key is compromised, past sessions remain secure
DKIM
DomainKeys Identified Mail (DKIM) is an email authentication method that uses digital signatures to verify that an email message was sent from an authorized domain. DKIM helps prevent email spoofing and ensures the integrity of email messages
DLL
Dynamic Link Library (DLL) is a file that contains code and data that can be used by multiple programs simultaneously. DLLs help modularize applications, making them easier to update and maintain, but they can also be a vector for malware if not properly secured
DLP
Data Loss Prevention (DLP) refers to strategies and tools designed to prevent sensitive data from being lost, stolen, or accessed by unauthorized users. DLP solutions monitor, detect, and block the unauthorized transmission of sensitive information
DMARC
Domain-based Message Authentication, Reporting & Conformance (DMARC) is an email authentication protocol that builds on SPF and DKIM to detect and prevent email spoofing. DMARC allows domain owners to publish policies on how to handle unauthenticated emails and provides reporting capabilities
DNAT
Destination Network Address Translation (DNAT) is a type of NAT used to change the destination IP address of incoming traffic. It is commonly used in load balancing and to direct traffic to specific servers within a private network
DNS
Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the internet or a private network. DNS translates human-readable domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1)
DoS
Denial of Service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users by overwhelming it with a flood of requests. Unlike DDoS, DoS attacks typically originate from a single source.”
DPO
Data Protection Officer (DPO) is an organizational role required under the GDPR responsible for overseeing data protection strategy and implementation to ensure compliance with data protection laws. The DPO acts as a liaison between the organization and regulatory authorities
DRP
Disaster Recovery Plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. DRPs include strategies for restoring hardware, applications, and data to ensure business continuity.
DSA
Digital Signature Algorithm (DSA) is a Federal Information Processing Standard for digital signatures. It is used to generate and verify digital signatures, providing authentication and integrity for electronic documents and communications
DSL
Digital Subscriber Line (DSL) is a family of technologies that provide internet access by transmitting digital data over the wires of a local telephone network. DSL is widely used for broadband internet connections
EAP
Extensible Authentication Protocol (EAP) is an authentication framework used in wireless networks and point-to-point connections. EAP supports multiple authentication methods, including passwords, digital certificates, and token cards
ECB
Electronic Codebook (ECB) is a simple mode of operation for block ciphers that encrypts each block of data independently. ECB is not recommended for use because it can reveal patterns in the plaintext, making it vulnerable to certain types of attacks
ECC
Elliptic Curve Cryptography (ECC) is a public key encryption technique that uses elliptic curve theory to provide the same level of security as other encryption methods with smaller key sizes. ECC is widely used for secure communication and digital signatures.”
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) is a key exchange protocol that provides forward secrecy using elliptic curve cryptography. ECDHE generates a unique session key for each communication session, enhancing security for encrypted connections
ECDSA
Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital Signature Algorithm (DSA) that uses elliptic curve cryptography. ECDSA provides a high level of security with shorter key lengths, making it efficient for digital signatures.”
EDR
Endpoint Detection and Response (EDR) is a cybersecurity technology that monitors and responds to threats on endpoints, such as computers and mobile devices. EDR solutions provide real-time visibility, detection, and automated response to security incidents
EFS
Encrypting File System (EFS) is a feature of Windows that provides file-level encryption. EFS helps protect sensitive data by encrypting files on disk, making them inaccessible to unauthorized users without the decryption key.
ERP
Enterprise Resource Planning (ERP) is a type of software used by organizations to manage and integrate the important parts of their businesses. ERP software systems integrate planning, purchasing, inventory, sales, marketing, finance, and human resources
ESN
Electronic Serial Number (ESN) is a unique identifier assigned to mobile devices such as cell phones. ESNs are used to identify devices on mobile networks and to help prevent theft and fraud
ESP
Encapsulating Security Payload (ESP) is a component of the IPsec suite that provides encryption, authentication, and integrity for IP packets. ESP helps protect data transmitted over IP networks by ensuring that it is encrypted and tamper-proof
FACL
File Access Control List (FACL) is a list of permissions attached to a file or directory that specifies which users or system processes can access the file and what operations they can perform. FACLs provide fine-grained control over file access. It is used in Linux
FDE
Full Disk Encryption (FDE) is a security measure that encrypts all the data on a disk drive, ensuring that data cannot be read without the correct decryption key. FDE helps protect sensitive information in case the device is lost or stolen
FIM
File Integrity Monitoring (FIM) is a security process that involves checking files and directories for unauthorized changes. FIM solutions alert administrators to potential security breaches by monitoring critical system and application files
FPGA
Field-Programmable Gate Array (FPGA) is an integrated circuit that can be configured by the customer or designer after manufacturing. FPGAs are used in various applications for customizable hardware implementations, including security and encryption
FRR
False Rejection Rate (FRR) is the rate at which a biometric security system incorrectly rejects an authorized user. A high FRR indicates that the system is not user-friendly, as it fails to recognize legitimate users
FTP
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another over a TCP-based network. FTP is commonly used for uploading and downloading files to and from a server. Insecure protocol
FTPS
File Transfer Protocol Secure (FTPS) is an extension to FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. FTPS provides secure file transfer by encrypting the data and control channels
GCM
Galois/Counter Mode (GCM) is a mode of operation for symmetric key cryptographic block ciphers. It provides both data authenticity (integrity) and confidentiality, making it widely used in securing data transmissions.”
GDPR
General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union to safeguard personal data and ensure privacy. GDPR imposes strict regulations on data handling and grants individuals rights over their personal data
GPG
GNU Privacy Guard (GPG) is an encryption software that provides cryptographic privacy and authentication. It is used for securing data communications and ensuring the integrity of data, supporting encryption, decryption, and digital signatures.GnuPG allows you to encrypt and sign your data and communications
GPO
Group Policy Object (GPO) is a feature in Windows that allows administrators to manage and configure operating systems, applications, and user settings in an Active Directory environment. GPOs help enforce security policies and configurations across multiple devices
GPS
Global Positioning System (GPS) is a satellite-based navigation system that provides location and time information anywhere on Earth. GPS is widely used in various applications, including navigation, mapping, and timing
GPU
Graphics Processing Unit (GPU) is a specialized processor designed to accelerate graphics rendering and parallel processing tasks. GPUs are commonly used in gaming, professional visualization, and increasingly in scientific computing and machine learning
GRE
Generic Routing Encapsulation (GRE) is a tunneling protocol used to encapsulate various network layer protocols inside virtual point-to-point links. GRE is used to create VPNs and other secure connections over the internet.”
HA
High Availability (HA) refers to systems or components that are continuously operational for a long time. HA aims to minimize downtime and ensure that critical services and applications remain accessible even during failures or maintenance
HDD
Hard Disk Drive (HDD) is a data storage device that uses spinning disks coated with magnetic material to store and retrieve digital information. HDDs are widely used for storing large amounts of data in computers and servers
HIDS
Host-based Intrusion Detection System (HIDS) is a security system that monitors and analyzes the internals of a computing system to detect suspicious activity. HIDS helps identify potential threats and breaches on individual hosts or devices
HIPS
Host-based Intrusion Prevention System (HIPS) is a security system that monitors and potentially prevents malicious activities on a host. HIPS provides protection by blocking suspicious actions and ensuring system integrity
HMAC
Hash-based Message Authentication Code (HMAC) is a mechanism that combines a cryptographic hash function with a secret key to provide data integrity and authenticity. HMAC is used to verify the authenticity of a message or data
HOTP
HMAC-based One-Time Password (HOTP) is a one-time password algorithm based on HMAC. It is used for two-factor authentication, generating a unique password for each authentication attempt
HSM
Hardware Security Module (HSM) is a physical device that provides secure management, processing, and storage of cryptographic keys. HSMs are used to enhance security for sensitive cryptographic operations
HTML
HyperText Markup Language (HTML) is the standard language for creating and designing web pages and web applications. HTML defines the structure and layout of a web document by using various tags and elements
HTTP
HyperText Transfer Protocol (HTTP) is the foundation of data communication on the World Wide Web. HTTP defines how messages are formatted and transmitted, and how web servers and browsers should respond to various commands
HTTPS
HyperText Transfer Protocol Secure (HTTPS) is an extension of HTTP that uses encryption protocols, such as SSL or TLS, to secure data transfer over the internet. HTTPS ensures that data transmitted between a web server and a client is encrypted and secure
HVAC
Heating, Ventilation, and Air Conditioning (HVAC) systems control the climate and air quality in buildings. In data centers, HVAC systems are crucial for maintaining the optimal temperature and humidity levels for IT equipment
IaaS
Infrastructure as a Service (IaaS) is a cloud computing model that provides virtualized computing resources over the internet. IaaS allows organizations to rent virtual machines, storage, and networking resources on a pay-as-you-go basis.”
IaC
Infrastructure as Code (IaC) is the practice of managing and provisioning computing infrastructure using machine-readable configuration files. IaC enables automated deployment and consistent configuration of IT resources
IAM
Identity and Access Management (IAM) is a framework of policies and technologies that ensure the right individuals have access to the right resources at the right times for the right reasons. IAM helps secure and manage digital identities
ICMP
,”Internet Control Message Protocol (ICMP) is a network layer protocol used for error messages and operational information. ICMP is commonly used for network diagnostics and troubleshooting, such as the ping command.”
ICS
Industrial Control System (ICS) refers to systems and devices used to control industrial processes, such as manufacturing, energy production, and water treatment. ICS includes SCADA systems and DCS, which monitor and control industrial operations
IDEA
International Data Encryption Algorithm (IDEA) is a symmetric key block cipher used for data encryption. IDEA provides high security and is used in various cryptographic applications to protect sensitive information.
IDF
Intermediate Distribution Frame (IDF) is a distribution point for connecting and managing telecommunications cabling between the main distribution frame (MDF) and individual end devices in a building or campus
IdP
Identity Provider (IdP) is an entity in an identity management system that creates, maintains, and manages identity information. IdPs authenticate users and provide identity assertions to service providers for access control
IDS
Intrusion Detection System (IDS) is a security system that monitors network or system activities for malicious activities or policy violations. IDS alerts administrators to potential threats and breaches, helping protect IT infrastructure
IEEE
Institute of Electrical and Electronics Engineers (IEEE) is a professional association dedicated to advancing technology. IEEE develops standards for various technologies, including networking (e.g., IEEE 802.11 for Wi-Fi).”
IKE
Internet Key Exchange (IKE) is a protocol used to set up a secure, authenticated communications channel between two parties. IKE is part of the IPsec suite and helps establish security associations and key management.”
IM
Instant Messaging (IM) is a form of real-time communication between two or more people based on typed text. IM is commonly used in personal and business contexts for quick and direct communication
IMAP
Internet Message Access Protocol (IMAP) is a protocol for accessing and managing email messages on a mail server. IMAP allows users to view and manipulate their emails as if they were stored locally, enabling synchronization across multiple devices
IoC
Indicator of Compromise (IoC) is a piece of data that suggests that an endpoint or network may have been breached. IoCs are used in threat detection and incident response to identify potential security incidents.”
IoT
Internet of Things (IoT) refers to the network of physical objects embedded with sensors, software, and connectivity to collect and exchange data. IoT enables smart devices to communicate and interact with each other and with centralized systems
IP
Internet Protocol (IP) is the principal communications protocol for relaying packets of data across network boundaries. IP addresses are used to identify and locate devices on a network.”
IPS
Intrusion Prevention System (IPS) is a network security device that monitors network traffic for malicious activity and takes action to prevent the threat. IPS can block or reject harmful traffic to protect the network.”
IPSec
Internet Protocol Security (IPsec) is a suite of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session. IPsec is used to establish secure VPNs
IR
Incident Response (IR) refers to the process of identifying, investigating, and mitigating security incidents. IR involves a structured approach to handle breaches and minimize the impact of cyberattacks
IRC
Internet Relay Chat (IRC) is a protocol used for real-time text communication over the internet. IRC is used in various applications, including group chats, discussions, and collaboration.”
IRP
Incident Response Plan (IRP) is a predefined set of instructions and procedures for detecting, responding to, and recovering from security incidents. An IRP helps organizations manage and mitigate the impact of cybersecurity events.”
ISO
International Organization for Standardization (ISO) is an independent, non-governmental international organization that develops and publishes standards for a wide range of industries and technologies.
ISP
Internet Service Provider (ISP) is a company that provides individuals and organizations access to the internet. ISPs offer various services, including internet connectivity, email, and web hosting
ISSO
Information Systems Security Officer (ISSO) is a role responsible for ensuring the security of an organization’s information systems. The ISSO develops and implements security policies, conducts risk assessments, and monitors compliance
IV
Initialization Vector (IV) is a random or pseudo-random value used in cryptography to ensure that identical plaintexts encrypt to different ciphertexts. IVs add randomness to encryption, enhancing security by preventing pattern analysis.”
KDC
Key Distribution Center (KDC) is a part of the Kerberos protocol used for authenticating users and services on a network. The KDC issues tickets that grant access to services, ensuring secure communication within a domain.”
KEK
Key Encryption Key (KEK) is a cryptographic key used to encrypt other keys, such as session keys or data encryption keys. KEKs provide an additional layer of security for key management and distribution
L2TP
Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). L2TP does not provide encryption by itself but is often used with IPsec to secure data transmission.”
LAN
Local Area Network (LAN) is a network that connects devices within a limited area, such as a home, school, or office building. LANs enable resource sharing and communication between connected devices
LDAP
Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral protocol for accessing and managing directory information services. LDAP is commonly used for authentication and authorization in various applications
LEAP
Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco. LEAP provides dynamic WEP keys for enhanced security but has known vulnerabilities
MaaS
Monitoring as a Service (MaaS) is a cloud-based service model that provides monitoring and management of IT infrastructure. MaaS helps organizations keep track of their network performance, security, and compliance
MAC
Media Access Control (MAC) address is a unique identifier assigned to a network interface for communications on the physical network segment. MAC addresses are used to ensure that data packets are delivered to the correct device on a LAN
MAC
Mandatory Access Control (MAC) is a type of access control where the operating system enforces security policies that restrict access based on user classifications and labels. MAC provides a high level of security by strictly controlling access to resources
MAC
Message Authentication Code (MAC) is a cryptographic checksum used to verify the integrity and authenticity of a message. MACs ensure that the data has not been altered and that it comes from a legitimate source
MAN
Metropolitan Area Network (MAN) is a network that spans a city or a large campus. MANs are larger than LANs but smaller than wide area networks (WANs), and they typically connect multiple LANs within a geographic area
MBR
Master Boot Record (MBR) is a special type of boot sector at the beginning of partitioned storage devices like hard drives. The MBR contains information about the disk’s partitions and a small amount of executable code for bootstrapping the operating system.
MD5
Message Digest Algorithm 5 (MD5) is a widely used cryptographic hash function that produces a 128-bit hash value. MD5 is used for data integrity verification but is considered weak and vulnerable to collision attacks.”
MDF
Main Distribution Frame (MDF) is a distribution frame in a telecommunications network where cables from different devices connect. The MDF serves as a central point for connecting and managing telecommunications circuits
MDM
Mobile Device Management (MDM) is a security software used by IT departments to manage, monitor, and secure employees’ mobile devices. MDM ensures that devices comply with organizational policies and provides remote management capabilities
MFA
Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more verification factors to gain access to a resource. MFA enhances security by combining something you know (password), something you have (token), and something you are (biometric).”
MFD
Multi-Function Device (MFD) is an office machine that incorporates the functionality of multiple devices in one, such as a printer, scanner, copier, and fax machine. MFDs help save space and cost in office environments.”
MFP
Multi-Function Printer (MFP) is a device that combines printing, scanning, copying, and faxing capabilities. MFPs are commonly used in both home and office settings to consolidate multiple functions into a single device.”
ML
Machine Learning (ML) is a subset of artificial intelligence (AI) that enables computers to learn from and make decisions based on data. ML algorithms improve their performance over time by identifying patterns and making predictions
MMS
Multimedia Messaging Service (MMS) is a standard way to send multimedia messages, such as images, audio, and video, over a cellular network. MMS extends the functionality of SMS to include multimedia content
MOA
Memorandum of Agreement (MOA) is a document that outlines the terms and details of an agreement between parties, including the roles and responsibilities of each party. MOAs are used to formalize collaborations and partnerships
MOU
Memorandum of Understanding (MOU) is a non-binding agreement between two or more parties that outlines the terms and details of an understanding. MOUs are used to establish mutual intentions and clarify the scope of collaboration
MPLS
Multi-Protocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses. MPLS improves the speed and efficiency of data flow
MSA
Measurement Systems Analysis (MSA) is a statistical method used to assess the accuracy and precision of measurement systems. MSA ensures that measurements are reliable and consistent across different measurement devices and processes
MSCHAP
Microsoft Challenge-Handshake Authentication Protocol (MSCHAP) is an authentication protocol used in Windows-based networks. MSCHAP provides mutual authentication between a client and a server using a three-way handshake
MSP
Managed Service Provider (MSP) is a third-party company that remotely manages a customer’s IT infrastructure and end-user systems. MSPs provide a range of services, including network management, security, and data backup
MSSP
Managed Security Service Provider (MSSP) is a type of MSP that focuses specifically on providing security services. MSSPs monitor and manage security devices and systems, helping organizations protect against cyber threats
MTBF
Mean Time Between Failures (MTBF) is a measure of the reliability of a system or component, representing the average time between failures. MTBF is used to predict the lifespan and maintenance needs of hardware and systems
MTTF
Mean Time to Failure (MTTF) is the average time a system or component operates before experiencing a failure. MTTF is used to estimate the reliability and durability of non-repairable systems.”
MTTR
Mean Time to Repair (MTTR) is the average time required to repair a system or component and restore it to full functionality. MTTR is used to assess the maintainability and downtime of systems.”
MTU
Maximum Transmission Unit (MTU) is the largest size of a packet that can be transmitted over a network medium. MTU affects the efficiency and performance of data transmission, with larger MTUs allowing more data to be sent in a single packet.”
NAC
Network Access Control (NAC) is a security solution that controls and manages access to a network based on predefined security policies. NAC helps ensure that only compliant and authenticated devices can connect to the network.”
NAT
Network Address Translation (NAT) is a method used to remap IP addresses by modifying network address information in the IP header of packets while they are in transit. NAT improves security and conserves the number of IP addresses in use.”
NDA
Non-Disclosure Agreement (NDA) is a legally binding contract that establishes a confidential relationship between parties. NDAs are used to protect sensitive information from being disclosed to unauthorized individuals
NFC
Near Field Communication (NFC) is a short-range wireless technology that enables communication between devices within a few centimeters. NFC is commonly used for contactless payment systems, access control, and data exchange
NGFW
Next-Generation Firewall (NGFW) is an advanced type of firewall that provides capabilities beyond traditional firewalls, such as application awareness, integrated intrusion prevention, and cloud-delivered threat intelligence
NIDS
Network Intrusion Detection System (NIDS) is a security system that monitors and analyzes network traffic for suspicious activities and potential threats. NIDS helps detect and respond to cyber attacks on a network
NIPS
Network Intrusion Prevention System (NIPS) is a security solution that monitors network traffic to detect and prevent suspicious activities and attacks. NIPS actively blocks or mitigates threats to protect the network
NIST
National Institute of Standards and Technology (NIST) is a U.S. federal agency that develops and promotes standards for technology and industry. NIST provides guidelines and best practices for cybersecurity and information protection
NTFS
New Technology File System (NTFS) is a file system developed by Microsoft for Windows operating systems. NTFS provides advanced features such as file and folder security, compression, and support for large volumes
NTLM
NT LAN Manager (NTLM) is a suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. NTLM is used for network logins and secure data exchange in Windows environments.”
NTP
Network Time Protocol (NTP) is a protocol used to synchronize the clocks of computers over a network. NTP ensures that all systems within a network have accurate and consistent time settings.”
OAUTH
OAuth, Open Authorization is an open standard for access delegation commonly used to grant websites or applications limited access to user information without exposing passwords. OAuth is used for token-based authentication and authorization
OCSP
Online Certificate Status Protocol (OCSP) is a protocol used to check the revocation status of digital certificates in real-time. OCSP provides a method for determining whether a certificate is still valid or has been revoked.”OID
OID
Object Identifier (OID) is a globally unique identifier used to name an object in a hierarchical structure. OIDs are used in various standards and protocols, such as SNMP and LDAP, to uniquely identify objects
OS
Operating System (OS) is the software that manages hardware and software resources on a computer. The OS provides a user interface and controls the execution of applications and services
OSINT
Open Source Intelligence (OSINT) refers to the collection and analysis of publicly available information from open sources, such as the internet, social media, and public records. OSINT is used for security, intelligence, and investigative purposes.”
OSPF
Open Shortest Path First (OSPF) is a link-state routing protocol used in IP networks. OSPF calculates the shortest path for data packets based on the topology of the network and is commonly used in large enterprise networks
OT
Operational Technology (OT) refers to hardware and software systems used to monitor and control industrial processes, such as manufacturing, energy production, and transportation. OT includes SCADA systems and industrial control systems.
OTA
Over-the-Air (OTA) refers to the wireless transmission and reception of data, such as updates or configurations, to devices. OTA is commonly used for firmware updates in mobile devices and IoT devices
OVAL
Open Vulnerability and Assessment Language (OVAL) is a standard for representing and communicating security information. OVAL is used to automate the assessment and reporting of security vulnerabilities and compliance
PKCS #12
PKCS #12 (P12) is a standard for storing and transporting cryptographic keys and certificates in a secure format. P12 files are commonly used to distribute private keys and certificates for secure communication.”
P2P
Peer-to-Peer (P2P) is a decentralized network architecture where each participant (peer) has equal privileges and can initiate or complete transactions without a central server. P2P is commonly used for file sharing and distributed computing
PaaS
Platform as a Service (PaaS) is a cloud computing model that provides a platform allowing customers to develop, run, and manage applications without dealing with the underlying infrastructure. PaaS simplifies application development and deployment
PAC
Proxy Auto-Configuration (PAC) is a method used to automatically configure web browsers to use a proxy server. A PAC file contains a JavaScript function that determines the appropriate proxy for a given URL.”
PAM
Privileged Access Management (PAM) is a set of technologies and practices designed to secure, control, and monitor access to an organization’s critical systems and data by privileged users. PAM helps mitigate the risks associated with privileged access
PAM
Pluggable Authentication Module (PAM) is a framework used in Unix-like operating systems to integrate multiple authentication methods. PAM provides a way to develop programs that are independent of the underlying authentication scheme
PAP
Password Authentication Protocol (PAP) is a simple authentication protocol used to verify a user’s identity. PAP transmits usernames and passwords in plaintext, making it less secure compared to more advanced authentication protocols
PAT
Port Address Translation (PAT) is a type of NAT that allows multiple devices on a local network to be mapped to a single public IP address with different port numbers. PAT conserves public IP addresses and enables multiple devices to share a single internet connection
PBKDF2
Password-Based Key Derivation Function 2 (PBKDF2) is a key derivation function that applies a pseudorandom function to the input password along with a salt value and repeats the process many times. PBKDF2 is used to produce a cryptographic key from a password.”
PBX
Private Branch Exchange (PBX) is a private telephone network used within an organization. PBX systems manage incoming and outgoing calls and provide features such as voicemail, call forwarding, and conference calling
PCAP
Packet Capture (PCAP) is a method used to capture and analyze network traffic. PCAP files contain raw network data and are used for network troubleshooting, performance analysis, and security monitoring
PCIDSS
Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. PCI DSS helps protect cardholder data and reduce fraud
PDU
Protocol Data Unit (PDU) is a unit of data specified in a protocol of a given layer and consists of protocol control information and user data. PDUs are used in networking to manage data transmission and communication between devices
PEAP
Protected Extensible Authentication Protocol (PEAP) is an authentication protocol that encapsulates EAP within a secure TLS tunnel. PEAP provides an extra layer of security for wireless communication by protecting EAP authentication exchanges
PED
Portable Electronic Device (PED) refers to any small, portable electronic device that can store, process, or transmit data. Examples include smartphones, tablets, laptops, and USB drives
PEM
Privacy-Enhanced Mail (PEM) is a standard for securing email communications using encryption and digital signatures. PEM files also refer to a file format commonly used to store and share cryptographic keys and certificates
PFS
Perfect Forward Secrecy (PFS) is a property of secure communication protocols where session keys are not compromised even if the server’s private key is compromised. PFS ensures that past communication remains secure even if long-term keys are compromised
PGP
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for securing emails, files, and other forms of data transfer.”
PHI
Protected Health Information (PHI) refers to any information in a medical record that can be used to identify an individual and that was created, used, or disclosed in the course of providing health care services. PHI is protected under laws such as HIPAA
PII
Personally Identifiable Information (PII) refers to any data that can be used to identify an individual, such as name, address, Social Security number, and biometric data. Protecting PII is crucial for privacy and security
PIV
Personal Identity Verification (PIV) is a standard for smart card-based identification and authentication used by U.S. federal employees and contractors. PIV cards provide secure access to government facilities and information systems
PKCS
Public Key Cryptography Standards (PKCS) are a set of standards for public key cryptography developed by RSA Laboratories. PKCS includes specifications for cryptographic algorithms, key exchange, and secure data transmission
PKI
Public Key Infrastructure (PKI) is a framework for managing digital certificates and public-key encryption. PKI enables secure communication and authentication over networks by using a hierarchy of trusted certificate authorities
POP
Post Office Protocol (POP) is a protocol used by email clients to retrieve messages from a mail server. POP3, the latest version, downloads emails to the local device and usually deletes them from the server
POTS
Plain Old Telephone Service (POTS) refers to the traditional analog voice transmission phone system. POTS is the standard telephone service that operates over copper wires
PPP
Point-to-Point Protocol (PPP) is a data link layer communication protocol used to establish a direct connection between two network nodes. PPP is commonly used for internet dial-up connections and other point-to-point links
PPTP
Point-to-Point Tunneling Protocol (PPTP) is a VPN protocol used to create secure tunnels over the internet. PPTP supports data encryption and authentication for secure communication
PSK
Pre-Shared Key (PSK) is a shared secret used in cryptographic protocols for securing communication. PSK is commonly used in wireless networks for WPA/WPA2 authentication
PTZ
Pan-Tilt-Zoom (PTZ) refers to the capabilities of a camera to pan horizontally, tilt vertically, and zoom in and out. PTZ cameras are used in surveillance systems to cover large areas and focus on specific details.”
PUP
Potentially Unwanted Program (PUP) refers to software that may be unwanted by the user, such as adware or spyware. PUPs can be intrusive and may compromise system performance or security.”
RA
Registration Authority (RA) is an entity within a Public Key Infrastructure (PKI) responsible for accepting requests for digital certificates and authenticating the entity making the request. The RA acts as a mediator between the user and the Certificate Authority (CA).”
RACE
Research and Development in Advanced Communications Technologies in Europe (RACE) was a European Union research program aimed at developing advanced communication technologies. The RACE program contributed to the development of the GSM mobile communication standard
RAD
Rapid Application Development (RAD) is a software development methodology that emphasizes quick development and iteration of prototypes over extensive planning. RAD aims to produce high-quality systems quickly by using user feedback and iterative development cycles
RADIUS
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users connecting to a network service. RADIUS is commonly used for managing user access to Wi-Fi networks
RAID
Redundant Array of Independent Disks (RAID) is a data storage technology that combines multiple physical disk drives into one or more logical units for redundancy, performance improvement, or both. RAID helps protect data against drive failures and improves storage performance
RAS
Remote Access Service (RAS) allows users to connect to a network or computer from a remote location. RAS is commonly used by employees to access corporate networks from home or while traveling
RAT
Remote Access Trojan (RAT) is a type of malware that allows an attacker to gain unauthorized access and control over a computer or network. RATs are used for espionage, data theft, and system manipulation
RBAC
Role-Based Access Control (RBAC) is a method of restricting access to resources based on the roles assigned to users within an organization. RBAC simplifies management of user permissions by assigning permissions to roles rather than individuals
RBAC
Rule-Based Access Control (RBAC) is a type of access control mechanism where access decisions are based on a set of rules defined by the system administrator. This approach is used to enforce security policies and automate access management
RC4
Rivest Cipher 4 (RC4) is a stream cipher designed by Ron Rivest in 1987. RC4 is known for its simplicity and speed, but it has been found to have vulnerabilities and is no longer considered secure for most applications
RDP
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft that provides a user with a graphical interface to connect to another computer over a network connection. RDP is commonly used for remote management and support
RFID
Radio-Frequency Identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. RFID is commonly used in inventory management, access control, and contactless payment systems
RIPEMD
RACE Integrity Primitives Evaluation Message Digest (RIPEMD) is a family of cryptographic hash functions. RIPEMD-160, a 160-bit version, is commonly used for data integrity and digital signatures
ROI
Return on Investment (ROI) is a financial metric used to evaluate the profitability of an investment. ROI is calculated by dividing the net profit from an investment by the cost of the investment.”
RPO
Recovery Point Objective (RPO) is the maximum acceptable amount of data loss measured in time. RPO defines the point in time to which data must be restored after a disaster to resume normal operations
RSA
Rivest-Shamir-Adleman (RSA) is a widely used public-key cryptosystem for secure data transmission. RSA encryption relies on the computational difficulty of factoring large prime numbers.”
RTBH
Remote Triggered Black Hole (RTBH) is a network security technique used to mitigate denial-of-service (DoS) attacks by directing malicious traffic to a ‘black hole’ where it is discarded. RTBH helps protect networks from overwhelming traffic
RTO
Recovery Time Objective (RTO) is the maximum acceptable amount of time to restore a system or service after a disaster. RTO defines the time frame within which operations must be resumed to avoid unacceptable consequences.”
RTOS
Real-Time Operating System (RTOS) is an operating system designed to process data and execute tasks in real-time, with minimal latency. RTOS is commonly used in embedded systems and applications requiring precise timing and reliability
RTP
Real-time Transport Protocol (RTP) is a network protocol for delivering audio and video over IP networks. RTP is widely used in streaming media, telephony, and video conferencing
S/MIME
Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and digital signing of MIME data. S/MIME provides end-to-end security for email communication
SaaS
Software as a Service (SaaS) is a cloud computing model where software applications are delivered over the internet on a subscription basis. SaaS allows users to access software without managing the underlying infrastructure
SAE
Simultaneous Authentication of Equals (SAE) is a secure password-based authentication protocol used in Wi-Fi networks. SAE provides protection against offline dictionary attacks and is used in WPA3 security
SAML
Security Assertion Markup Language (SAML) is an XML-based framework for exchanging authentication and authorization data between parties. SAML is used for single sign-on (SSO) to enable users to authenticate once and access multiple applications
SAN
Storage Area Network (SAN) is a high-speed network that provides access to consolidated, block-level data storage. SANs are used to improve the performance and availability of storage resources.”
SAN
Subject Alternative Name (SAN) is an extension to the X.509 specification for digital certificates that allows additional domain names or IP addresses to be associated with a certificate. SAN is commonly used for securing multiple domains with a single certificate.”
SASE
Secure Access Service Edge (SASE) is a network architecture that combines network security functions with wide area networking capabilities to support the dynamic secure access needs of organizations. SASE enables secure and fast access to cloud applications and services
SCADA
Supervisory Control and Data Acquisition (SCADA) is a system used to monitor and control industrial processes. SCADA systems gather real-time data from sensors and equipment, allowing operators to manage and optimize operations
SCAP
Security Content Automation Protocol (SCAP) is a suite of standards used to automate vulnerability management, security measurement, and compliance evaluation. SCAP helps organizations ensure their systems are secure and compliant with regulations
SCEP
Simple Certificate Enrollment Protocol (SCEP) is a protocol used to simplify the issuance and management of digital certificates. SCEP allows devices to request and renew certificates automatically from a certificate authority
SD-WAN
Software-Defined Wide Area Network (SD-WAN) is a network architecture that uses software to control the management and operation of WAN connections. SD-WAN optimizes traffic routing, improves performance, and enhances security
SDK
Software Development Kit (SDK) is a collection of software tools, libraries, and documentation that developers use to create applications for specific platforms or environments. SDKs provide the resources needed to develop, test, and deploy software
SDLC
Software Development Life Cycle (SDLC) is a process used for planning, creating, testing, and deploying information systems. SDLC provides a structured approach to software development, ensuring high-quality and efficient delivery
SDLM
Secure Development Lifecycle Management (SDLM) is the practice of integrating security considerations into every phase of the software development lifecycle. SDLM aims to build secure software by identifying and mitigating security risks early.”
SDN
Software-Defined Networking (SDN) is an approach to networking that uses software-based controllers to manage network resources and traffic. SDN provides centralized control and automation of network operations, improving flexibility and efficiency.”
SE Linux
Security-Enhanced Linux (SELinux) is a security architecture for Linux systems that provides mandatory access control (MAC). SELinux enforces security policies to restrict the actions that users and programs can perform, enhancing system security.”
SED
Self-Encrypting Drive (SED) is a hard drive or solid-state drive that automatically encrypts data stored on it. SEDs provide hardware-based encryption to protect data at rest from unauthorized access.”
SEH
Structured Exception Handling (SEH) is a mechanism in Windows programming that provides a way to handle exceptions or errors that occur during program execution. SEH helps improve the robustness and reliability of software.
SFTP
SSH File Transfer Protocol (SFTP) is a secure file transfer protocol that uses the SSH protocol to provide encryption and secure authentication. SFTP is used to transfer files securely over a network.”
SHA
Secure Hash Algorithm (SHA) is a family of cryptographic hash functions designed to ensure data integrity. SHA algorithms produce a fixed-size hash value from input data and are widely used in security applications, such as digital signatures and certificates
SHTTP
Secure Hypertext Transfer Protocol (S-HTTP) is an extension of HTTP that provides encryption and secure communication between clients and servers. S-HTTP ensures data confidentiality and integrity during transmission
SIEM
Security Information and Event Management (SIEM) is a solution that combines security information management (SIM) and security event management (SEM) to provide real-time analysis of security alerts and events. SIEM helps organizations detect and respond to security incidents
SIM
Subscriber Identity Module (SIM) is a small card used in mobile devices to store subscriber information and authentication data. SIM cards are essential for connecting to mobile networks and accessing services
SLA
Service Level Agreement (SLA) is a contract between a service provider and a customer that defines the level of service expected from the provider. SLAs specify performance metrics, responsibilities, and remedies for service failures
SLE
Single Loss Expectancy (SLE) is a measure of the potential financial loss that could occur from a single security incident. SLE is calculated by multiplying the asset value by the exposure factor.”
SMS
Short Message Service (SMS) is a text messaging service that allows users to send and receive short text messages on mobile devices. SMS is widely used for communication and as a method for delivering notifications and alerts
SMTP
Simple Mail Transfer Protocol (SMTP) is an internet standard protocol for sending email messages between servers. SMTP is used by email clients to send messages to mail servers and between mail servers for message relay
SMTPS
Simple Mail Transfer Protocol Secure (SMTPS) is a protocol that uses SSL/TLS to secure SMTP communications. SMTPS ensures that email messages are encrypted and protected during transmission
SNMP
Simple Network Management Protocol (SNMP) is an internet standard protocol for managing and monitoring devices on IP networks. SNMP allows network administrators to collect information and configure devices remotely
SOAP
Simple Object Access Protocol (SOAP) is a protocol for exchanging structured information in web services. SOAP uses XML to encode messages and relies on other application layer protocols for message negotiation and transmission
SOAR
Security Orchestration, Automation, and Response (SOAR) refers to technologies that enable organizations to collect security data, automate response processes, and coordinate actions across multiple security tools. SOAR helps improve the efficiency and effectiveness of security operations
SoC
System on Chip (SoC) is an integrated circuit that combines all the components of a computer or electronic system onto a single chip. SoCs are used in mobile devices, embedded systems, and IoT devices to provide compact and efficient processing capabilities
SOC
Security Operations Center (SOC) is a centralized unit that monitors, detects, and responds to security incidents within an organization. The SOC team uses a combination of technology and processes to protect the organization from cyber threats.”
SOW
Statement of Work (SOW) is a formal document that outlines the scope, objectives, and deliverables of a project. SOWs are used to define the work to be performed and the terms and conditions agreed upon by the parties involved
SPF
Sender Policy Framework (SPF) is an email authentication protocol that allows domain owners to specify which mail servers are authorized to send email on their behalf. SPF helps prevent email spoofing and phishing attacks
SPIM
Spam over Instant Messaging (SPIM) refers to unsolicited and unwanted messages sent over instant messaging services. SPIM can be used for advertising, phishing, and spreading malware
SQL
Structured Query Language (SQL) is a standard programming language used to manage and manipulate relational databases. SQL is used for querying, updating, and managing data in databases
SQLi
SQL Injection (SQLi) is a type of security vulnerability that occurs when an attacker injects malicious SQL code into a query. SQLi can be used to manipulate databases, steal data, and bypass authentication mechanisms
SRTP
Secure Real-time Transport Protocol (SRTP) is a protocol for providing encryption, message authentication, and integrity for real-time audio and video communications. SRTP is used to secure VoIP and multimedia streaming
SSD
Solid-State Drive (SSD) is a data storage device that uses flash memory to store data. SSDs offer faster read and write speeds compared to traditional hard disk drives (HDDs).”
SSH
Secure Shell (SSH) is a cryptographic network protocol for secure communication over an unsecured network. SSH provides strong authentication and secure data transmission, commonly used for remote server administration.”
SSL
Secure Sockets Layer (SSL) is a cryptographic protocol that provides secure communication over the internet. SSL has been deprecated and replaced by Transport Layer Security (TLS).”
SSO
Single Sign-On (SSO) is an authentication process that allows a user to access multiple applications or systems with a single set of credentials. SSO improves user convenience and reduces the number of login credentials.”
STIX
Structured Threat Information Expression (STIX) is a standardized language for representing cyber threat information. STIX is used to share threat intelligence across organizations and systems.”
SWG
Secure Web Gateway (SWG) is a security solution that filters and monitors web traffic to protect against threats and enforce policies. SWGs provide protection against malware, phishing, and other web-based threats
TACACS+
Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol that provides centralized Authentication, Authorization, and Accounting (AAA) for users accessing a network. TACACS+ is widely used in large enterprise networks
TAXII
Trusted Automated eXchange of Indicator Information (TAXII) is a protocol used to exchange cyber threat intelligence information. TAXII enables organizations to share and receive threat data in a standardized and automated manner
TCP/IP
Transmission Control Protocol/Internet Protocol (TCP/IP) is a suite of communication protocols used to interconnect network devices on the internet. TCP/IP provides end-to-end communication, specifying how data should be packetized, addressed, transmitted, routed, and received
TGT
Ticket Granting Ticket (TGT) is a ticket used in the Kerberos authentication protocol. The TGT allows users to obtain service tickets for accessing various network services without repeatedly entering their credentials
TKIP
Temporal Key Integrity Protocol (TKIP) is a security protocol used in Wi-Fi networks to enhance the security of WEP. TKIP provides per-packet key mixing, message integrity check, and re-keying mechanisms
TLS
Transport Layer Security (TLS) is a cryptographic protocol that provides secure communication over a computer network. TLS is the successor to SSL and ensures data privacy and integrity between communicating applications
TOC
Table of Contents (TOC) is a list of the titles of the parts of a book or document, organized in the order in which the parts appear. In the context of cybersecurity, TOC may also refer to the contents and structure of a digital document or report.”
TOTP
Time-based One-Time Password (TOTP) is a temporary passcode generated by an algorithm that uses the current time as an input. TOTP is used in two-factor authentication (2FA) systems to enhance security
TOU
Time of Use (TOU) is a type of race condition where the state of a resource changes between the time it is checked (time of check, TOC) and the time it is used (time of use). This can lead to security vulnerabilities if an attacker can alter the resource’s state in the interval between check and use, potentially exploiting the discrepancy for malicious purposes
TPM
Trusted Platform Module (TPM) is a hardware-based security feature embedded in devices to provide cryptographic functions. TPM is used for secure boot, hardware-based encryption, and ensuring the integrity of the system
TTP
Tactics, Techniques, and Procedures (TTP) are the behavior patterns of cyber adversaries, including their methods and tools. Understanding TTP helps organizations predict, detect, and defend against cyber threats
TSIG
Transaction Signature (TSIG) is a security protocol used to authenticate DNS messages and ensure their integrity. TSIG uses shared secret keys to sign DNS messages between DNS servers.”
UAT
User Acceptance Testing (UAT) is the final phase of software testing where the intended users test the software to ensure it meets their requirements and expectations. UAT validates that the software is ready for deployment.”
UAV
Unmanned Aerial Vehicle (UAV), commonly known as a drone, is an aircraft operated without a human pilot on board. UAVs are used for various purposes, including surveillance, delivery, and aerial photography.
UDP
User Datagram Protocol (UDP) is a communication protocol used for low-latency, loss-tolerating connections. Unlike TCP, UDP is connectionless and does not guarantee delivery, order, or error checking, making it suitable for real-time applications like streaming
UEFI
Unified Extensible Firmware Interface (UEFI) is a modern firmware interface for computers, designed to replace BIOS. UEFI provides enhanced security features, faster boot times, and support for large storage devices
UEM
Unified Endpoint Management (UEM) is an approach to managing and securing all endpoints within an organization from a single console. UEM includes management of mobile devices, laptops, desktops, and IoT devicesUPS
UPS
Uninterruptible Power Supply (UPS) is a device that provides emergency power to a load when the main power source fails. UPS systems ensure that critical systems remain operational during power outages
URI
Uniform Resource Identifier (URI) is a string of characters that identifies a particular resource on the internet. URIs include URLs (Uniform Resource Locators) and URNs (Uniform Resource Names).”
URL
Uniform Resource Locator (URL) is a specific type of URI that provides a way to access a resource on the internet. A URL includes the protocol, domain name, and path to the resource.”
USB
Universal Serial Bus (USB) is an industry standard for cables, connectors, and protocols used for connection, communication, and power supply between computers and electronic devices
USB
Universal Serial Bus (USB) Flash Drive is a portable storage device that uses flash memory and connects to a computer via a USB port. USB flash drives are used for data storage and transfer.”
UTM
Unified Threat Management (UTM) is a security solution that integrates multiple security functions, such as firewall, intrusion detection, and antivirus, into a single device or service. UTM simplifies security management and provides comprehensive protection.”
UTP
Unshielded Twisted Pair (UTP) is a type of cabling used in networking, consisting of pairs of wires twisted together to reduce electromagnetic interference. UTP cables are commonly used in Ethernet networks
VBA
Visual Basic for Applications (VBA) is a programming language developed by Microsoft that is used for automating tasks in Microsoft Office applications. VBA allows users to create macros and custom functions to enhance productivity
VDE
Virtual Desktop Environment (VDE) refers to a desktop computing environment where the operating system, applications, and data are stored on a remote server. Users access the VDE over a network, providing flexibility and centralized management.
VDI
Virtual Desktop Infrastructure (VDI) is a technology that delivers desktop environments to end-users through virtual machines hosted on a centralized server. VDI enables secure and efficient management of desktop resources
VLAN
Virtual Local Area Network (VLAN) is a logical subdivision of a physical network that groups together devices within a LAN. VLANs improve network segmentation, security, and performance by isolating broadcast domains
VLSM
Variable Length Subnet Mask (VLSM) allows for the use of different subnet masks within the same network, enabling more efficient IP address allocation. VLSM reduces IP address wastage and improves network scalability
VM
Virtual Machine (VM) is a software emulation of a physical computer that runs an operating system and applications. VMs enable multiple isolated environments on a single physical machine, improving resource utilization.”
VoIP
Voice over Internet Protocol (VoIP) is a technology that allows voice communication and multimedia sessions over the internet. VoIP converts voice signals into digital data and transmits them over IP networks
VPC
Virtual Private Cloud (VPC) is a secure, isolated cloud environment within a public cloud. VPCs provide the benefits of cloud computing while maintaining control over network configuration and security
VPN
Virtual Private Network (VPN) is a technology that creates a secure, encrypted connection over a less secure network, such as the internet. VPNs are used to protect data privacy and ensure secure remote access.”
VTC
Video Teleconferencing (VTC) is a technology that enables live video communication between two or more locations. VTC is used for meetings, remote collaboration, and telemedicine
WAF
Web Application Firewall (WAF) is a security solution that protects web applications by filtering and monitoring HTTP traffic. WAFs prevent attacks such as SQL injection, cross-site scripting (XSS), and other web-based threats
WAP
Wireless Access Point (WAP) is a device that allows wireless devices to connect to a wired network using Wi-Fi. WAPs extend network coverage and enable wireless communication within a network
WEP
Wired Equivalent Privacy (WEP) is a security protocol for wireless networks, designed to provide a level of security comparable to a wired network. WEP has been found to have significant vulnerabilities and is largely replaced by WPA/WPA2
WIDS
Wireless Intrusion Detection System (WIDS) monitors wireless networks for suspicious activity and potential security breaches. WIDS helps detect unauthorized access points, rogue devices, and network attacks
WIPS
Wireless Intrusion Prevention System (WIPS) actively monitors and protects wireless networks by detecting and preventing unauthorized access and malicious activity. WIPS provides proactive security measures for wireless environmentsWO
WO
Work Order (WO) is a document that provides instructions for the maintenance, repair, or operation of equipment or systems. WOs are used to track and manage tasks in various industries
WPA
Wi-Fi Protected Access (WPA) is a security protocol developed to secure wireless networks. WPA improves upon WEP by providing stronger encryption and authentication mechanisms. WPA2 is an enhanced version of WPA with even stronger security
WPS
Wi-Fi Protected Setup (WPS) is a network security standard that simplifies the process of connecting devices to a wireless network. WPS allows users to easily configure wireless security settings by pressing a button or entering a PIN
WTLS
Wireless Transport Layer Security (WTLS) is a security protocol used to provide privacy and data integrity for wireless communications. WTLS is based on TLS and is used in mobile and wireless networks
XDR
Extended Detection and Response (XDR) is a security approach that integrates and correlates data from multiple security products to provide comprehensive threat detection and response. XDR enhances visibility and simplifies threat management across an organization
XML
Extensible Markup Language (XML) is a flexible, structured language used for encoding documents and data. XML is widely used for data interchange between systems, including web services and APIs
XOR
,”Exclusive OR (XOR) is a logical operation used in cryptography and computer science. XOR compares two binary values and returns true if the values are different. XOR is used in encryption algorithms and error detection.”
XSRF
Cross-Site Request Forgery (XSRF) is a type of attack that tricks a user into performing unwanted actions on a web application where they are authenticated. XSRF exploits the trust a web application has in the user’s browser
XSS
Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by users. XSS can be used to steal sensitive information, manipulate web content, and launch phishing attacks
