Acronyms for Security + Flashcards
AAA
Authentication, Authorization, and Accounting
A framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
ACL
Access Control List
access rights each user has to a particular system object, such as a file directory or individual file.
AES
Advanced Encryption Standard
Symmetric Encryption algorithm
AES-256
Advanced Encryption Standards 256-bit
A version of the AES using a 256-bit key size for encryption,
AH
Authentication Header
part of the IPsec protocol that provides authentication and integrity to the data
AIS
Automation Indicator Sharing
system that allows exchange of cyber threat indicators between public and private sectors
ALE
Annualized Loss Expectancy
risk management concept to estimate the monetary loss
AP
Access Point
Network hardware device that allows other WIFI devices to connect to a wired network
APT
Advanced Persistent Threat
Cyberattack where intruder gains access to a network and remains undetected for a long time
ARO
Annualized Rate of Occurrence
Frequency which a event is likely to occur annually
ARP
Address Resolution Protocol
Communication protocol used for discovering link layer address (mac)
Port 219
ASLR
Address Space Layout Randomization
Security Technique preventing memory corruption vulnerabilities
ATT&CK
Adversarial Tactics, Techniques and common Knowledge
maintained by MITRE
AUP
Acceptable Use Policy
AV
Antivirus
BASH
Unix shell command language
BCP
Business Continuity Planning
prevention and recovery from potential threats to a company
BGP
Border Gateway Protocol
Protocol used to route information across the internet
BIA
Business Impact Analysis
evalutes potential effects of natural and man-made events on business operation
BPA
Business Partners Agreement
contract between parties who agreed to share resources to undertake a specific project
BPDU
Bridge Protocol Data Unit
network message transmitted by LAN bridge
BYOD
Bring Your Own Device
CA
Certificate Authority
CAR
Corrective Action Report
report outlines the corrective actions necessary to rectify a detected non-conformance
CASB
Cloud Access Security Broker
security policy enforcement points placed between cloud service consumers and cloud service providers
CBC
Cipher Block Chaining
provides confidentiality but not
message intergrity
CCMP
Counter mode/CBC-MAC Protocol
encryption protocol used in WIFI Networks
CCTV
Closed-circuit Television
CERT
Computer Emergency Response Team
CFB
Cipher Feedback
mode operation for block cipher
CHAP
Challenge Handshake Authentication Protocol
CIA
Confidentiality, Integrity, Availability
CIO
Chief Information Officer
CIRT
Computer Incident Response Team
contact when security breach emergency occurs
CMS
Content Management System
software creates, manages content on a website
COOP
Continuity of Operation Planning
process by gov agencies to ensure critical functions continue during wide range of emergencies
COPE
Corporate Owned, Personally Enabled
corpo owned IT devices for personal use
CP
Contingency Planning
action that helps organization respond to significant future event or situations
CRC
Cyclical Redundancy Check
code - detect accidental changes to raw data
CRL
Certificate Revocation List
revoked by issuing certificate authority
CSO
Chief Security Officer
CSP
Cloud Service Provider
company that offers some component of cloud computing
CSR
Certificate Signing Request
applying for digital identity Certificate
CSRF
Cross-site Request Forgery
malicious exploit of website where unauthorized commands are transmitted from a user that the web application trusts
CSU
Channel Service Unit
device used in digital data transmission for interfacing a digital data terminal with a digital transmission medium
CTM
Counter Mode
mode of operation in cryptography for block ciphers
CTO
Chief Technology Officer
CVE
Common Vulnerability Enumeration
list of publicly disclosed cybersecurity vulnerabilities
CVSS
Common Vulnerability Scoring System
industry standard for assessing the severity of computer system security vulnerabilities
CYOD
Choose Your Own Device
DAC
Discretionary Access Control
access control defined by ACL where access rights are assigned to users by the system
DBA
Database Administrator
DDoS
Distributed Denial of Service
DEP
Data Execution Prevention
security feature that helps prevent damage to the computer from virus and other threats
DES
Digital Encryption Standard
Encryption of data
DHCP
Dynamic Host Configuration Protocol
assigns IP addresses automatically to each device on network
DHE
Diffie-Hellman Ephermal
secure exchange cryptographic keys over public channel
DKIM
Domain Keys Identified Mail
email authentication method designed to detect forage sender addresses in emails
DLL
Dynamic Link Library
feature on windows that allow mulitple software programs to share same functionality
DLP
Data Loss Prevention
set of tools and processes used to ensure that sensitive data is not loss misused or accessed by unauth users
DMARC
Domain Message Authentication Reporting and Conformance
email authentication protocol, prevent email spoofing
DNAT
Destination Network Address Translation
technique for transparently changing the destination IP address of an end route packet
DNS
Domain Name Service
DoS
Denial of Service
DPO
Data Privacy Officer
DRP
Disaster Recovery Plan
DSA
Digital Signature Algorithm
DSL
Digital Subscriber Line
EAP
Extensible Authentication Protocol
authentication framework used for wireless networks
ECB
Electronic Code Book
mode of operation for a block cipher
ECC
Elliptic Curve Cryptography
approach to public key cryptography
ECDHE
Elliptic Curven Diffie-Hellman Ephemeral
ECDHE is one of the three main algorithms used for the initial TLS handshake, are classified as asymmetric algorithms because one party has a secret key and the other party has a public key.
ECDSA
Elliptic Curve Digital Signature Algorithm
used on bitcoin
EDR
Endpoint Detection and Response
cybersecurity technology that addresses need for continuous monitoring
EFS
Encrypted File System
feature on Microsoft Windows that provides filesystem - level encryption
ERP
Enterprise Resource Planning
business process management software that allows organizations to use a system of integrated applications
ESN
Electronic Serial Number
ESP
Encapsulated Security Payload
component of IPsec used for confidentiality
FACL
File System Access Control List
data structure that controls access to files and folders
FDE
Full Disk Encryption
FIM
File Integrity Management
FPGA
Field Programmable Gate Array
FRR
False Rejection Rate
likelihood that biometric security system will incorrectly reject access attempt by auth user
FTP
File Transfer Protocol
Network Protocol used for transfer of computer files between a client and server on a computer network
FTPS
File Transfer Protocol Secure
GCM
Galosis Counter mode
mode of operation for symmetric key cryptographic block ciphers
GDPR
General Data Protection Regulation
in the Europe
GPG
GNU Privacy Guard
free software to encrypt data
GPO
Group Policy Object
feature of Windows that provides centralized mangement
GPS
Global Positioning System
GPU
Graphics Processing Unit
GRE
Generic Routing Encapsulation
tunneling protocol, encapsulate layers of network protocols
HA
High Availability
Refers to systems that are durable
HDD
Hard Disk Drive
HIDS
Host-based Intrusion Detection System
HIPS
Host-based Intrusion Prevention system
HMAC
Hashing Message Authentication Code
HOTP
HMAC-based One-time Password
HSM
Hardware Security Module
HTML
Hypertext Markup Language
HTTP
Hypertext Transfer Protocol
HTTPS
Hypertext Transfer Protocol Secure
IaaS
Infrastructure as a Service
IaC
Infrastructure as Code
IAM
Identity and Access Management
framework of business processes, policies, and tech
ICMP
Internet Control Message Protocol
sends error messages
ICS
Industrial Control Systems
IDEA
International Data Encryption Algorithm
symmetric key block cipher
IDF
Intermediate Distribution Frame
cable rack that interconnects telecom wiring
IdP
Identity Provider
provides principal authentication to other service providers within a federation or distrubuted network
IDS
Intrusion Detection System
IEEE
Institute of Electrical and Electronics Engineers
IKE
Internet Key Exchange
protocol used on IPsec for establishing SA
IM
Instant Message
IMAP
Internet Message Access Protocol
used by email clients to retrieve messages from a mail server over TCP/IP
IoC
Indicators of Compromise
IoT
Internet of Things
IP
Internet Protocol
IPS
Intrustion Prevention System
IPSec
Internet Protocol Security
secure network protocol suite that auth and encrypts packet of data sent over internet protocol network
IR
Incident Response
IRP
Incident Response Plan
ISO
International Standards Organization
ISP
Internet Service Provider
ISSO
Information System Security Officer
IV
Initialization Vector
a fixed size input to a cryptographic primitive that is typically required to be random or pseudorandom
KDC
Key Distribution Center
part of crypto system intended to reduce the risks, inherit and exchanging keys
KEK
key encryption key
LAN
local area network
LDAP
Lightweight Directory Access Protocol
protocol for accessing and maintaining distributive directory information services over Internet
LEAP
lightweight extensible authentication protocol
wireless LAN authentication method
MaaS
monitoring as a service
MAC
Message Authentication Code
MAN
Metropolitan area network
MBR
Master boot record
special type of boot sector at the very beginning of a partitioned computer mask storage device
MD5
message digest 5
cryptographic hash function produces a 128-bit hash value not secure
MDF
Main distribution frame
frame for connecting equipment to cables and subscriber carrier equipment
MDM
Mobile device management
MFA
Multi-Factor authentication
MFD
Multi-Function device
MFP
multifunction printer
ML
machine learning
MOA
memorandum of agreement
document written between parties to cooperatively work together on agreed upon project or meet agreed upon objective
MOU
Memorandum of Understanding
agreement between two or more parties outlined in a formal document
MPLS
Multi-Protocol label switching
MSA
Master Service Agreement
contract reached between parties in which parties agree to most of the terms that will govern future transactions
MSCHAP
Microsoft challenge handshake authentication protocol
MSP
Managed Service Provider
MSSP
Managed Security Service Provider
MTBF
meantime between failure
measure of how reliable a hardware product is
MTTF
Meantime to Failure
length of time a device is expected to last in operation
MTTR
Mean Time to Recover
average time that a device will take to recover from any failure
MTU
Maximum Transmission Unit
largest packet that a network product will can transmit
NAC
Network access control
security solution that enforces policy on devices the access networks
NAT
Network address translation
method of remapping one address space into another
NGFW
next generation firewall
NIDS
Network-Based intrusion detection system
analyzes incoming Network traffic
NIPS
Network based intrusion prevention system
NIST
national institution of standards and technology
NTFS
New technology file system
developed by Microsoft
NTLM
New technology Lan manager
Suits of Microsoft security protocols
NTP
Network Time Protocol
protocol for clock synchronization between computer systems
OAUTH
Open authorization
Internet users Grant websites access their information
OCSP
Online Certification Status Protocol
protocol used to obtaining revocation status of digital certification
OID
Object Identifier
An internet protocol used for obtaining the revocation status of an X.509 digital certificate.
OS
Operating System
OSINT
Open Source Intelligence
OSPF
Open Shortest path First
routing protocol for IP
OT
Operational Technology
Hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes, and events in the enterprise.
OTA
Over the Air
OVAL
Open Vulnerability Assessment Language
P12
PKCS 12
A portable format for storing or transporting a user’s private keys, certificates, and miscellaneous secrets.
P2P
Peer to Peer
Paas
Platform as a Service
PAC
Proxy Auto Configuration
PAM
Pluggable Authentication Mangement
PAP
Pluggable Authentication Protocol
PAT
Port Address Translation
PBKDF2
Password-based Key Derivation Function 2
reduce the vulnerability of passwords to brute-force attacks.
PBX
Private Branch Exchange
private telephone network used within a company or organization.
PCAP
Packet Capture
PCI DSS
Payment Card Industry Data Security Standard
PDU
Power Distribution Unit
PEAP
Protected Extensible Authentication Protocol
security protocol that encrypts authentication data using 802.11 Wi-Fi networks
PED
Personal Electronic Device
PEM
Privacy Enhanced Mail
PFS
Perfect Forward Secrecy
PGP
Pretty Good Privacy
PHI
Personal Health Information
PII
Personally Identifiable Information
PIV
Personal Identity Verification
PKCS
Public Key Cryptography Standards
PKI
Public Key Infrastructure
POTS
Plain Old Telephone Service
PPP
Pont-to-Point Protocol
data link protocol commonly used to establish a direct connection between two networking nodes.
PSK
Pre-shared Key
PTZ
Pan-tilt-zoom
PUP
Potentially Unwanted Program
RA
Recovery Agent
RA
Registration Authority
RAD
Rapid Application Development
RADIUS
Remote Authentication Dial-in User Service
protocol that provides centralized AAA
RAID
Redundant Array of Inexpensive Disk
RAS
Remote Access Server
RAT
Remote Access Trojan
RBAC 1/2
Role-Based Access Control
RBAC 2/2
Rule-Based Access Control
RC4
Rivest Cipher version 4
symmetric key stream cipher that encrypts messages one byte at a time.
RDP
Remote Desktop Protocol
Port 3389
RFID
Radio Frequency Identifier
RIPEMD
(RACE Integrity Primitives Evaluation Message Digest):
hashing method no longer secure
ROI
Return on Investment
RPO
Recovery Point Objective
The maximum acceptable amount of data loss measured in time.
RSA
Rivest, Shamir, Adleman
public-key cryptography system
RTBH
Remotely Triggered Black Hole
technique used to block denial-of-service attacks in IP networks.
RTO
Recovery Time Objective
The targeted duration of time and a service level within which a business process must be restored after a disaster or disruption.
RTOS
Real Time Operating System
RTP
Real-time Transport Protocol
network protocol for delivering audio and video over IP networks.
S/MIME
Secure/Multipurpose Internet Mail Extension
SaaS
Software as a Service
SAE
Simultaneous Authentication of Equals
A security protocol used in Wi-Fi networks.
SAML
Security Assertions Markup Language
open standard for exchanging authentication and authorization data between parties
SAN 1/2
Storage Area Network
SAN 2/2
Subject Alternative Name
extension to X.509 specification that allows users to specify additional host names for a single SSL certificate.
SASE
Secure Access Service Edge
network architecture that combines WAN capabilities with comprehensive security functions.
SCADA
Supervisory Control and Data Acquisition
SCAP
Security Content Automation Protocol
specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation.
SCEP
Simple Certificate Enrollment Protocol
protocol used for the secure issuance of digital certificates.
SD-WAN
Software-defined Wide Area Network
SDK
Software Development Kit
SDLC
Software Development Lifecycle
SDLM
Software Development Lifecycle Methodology
SDN
Software-defined Network
SE Linux
Security-enhanced Linux
SED
Self-encrypting Drives
SEH
Structure Exception Handler
SFTP
Secured File Transfer Protocol
SHA
Secure Hashing Algorithm
SHTTP
Secure Hypertext Transfer Protocol
SIEM
Security Information and Event Management
SIM
Subscriber Identity Module
SLA
Service-level Agreement
commitment between a service provider and a client. Particular aspects of the service – quality, availability, responsibilities – are agreed upon between the service provider and the service user.
SLE
Single Loss Expectancy
term used in risk management referring to the monetary value expected from the occurrence of a risk on an asset.
SMTP
Simple Mail Transfer Protocol
SMTPS
Simple Mail Transfer Protocol Secure
SNMP
Simple Network Management Protocol
SOAP
Simple Object Access Protocol
SOAR
Security Orchestration, Automation, and Response
a set of tools and services that automate cyberattack response and prevention.
SoC
System on Chip
SOC
Security Operations Center
SOW
Statement of Work
It defines project-specific activities, deliverables, and timelines for a vendor providing services to the client.
SPF
Sender Policy Framework
email authentication method lists the servers that can send emails from a domain
SPIM
Spam over Internet Message
SQLi
SQL Injection
SRTP
Secure Real-Time Protocol
SSD
Solid State Drive
SSH
Secure Shell
SSL
Secure Socket Layer
SSO
Single Sign In
STIX
Structured Threat Information eXchange
language and serialization format used to exchange cyber threat intelligence.
SWG
Secure Web Gateway
TACACS+
Terminal Access Controller Access Control System plus
TAXII
Trusted Automated eXchange of Indicator Information
the format through which threat intelligence data is transmitted
TCP/IP
Transmission Control Protocol/Internet Protocol
TGT
Ticket Granting Ticket
part of the Kerberos protocol used for authenticating requests for service tickets within the network.
TKIP
Temporal Key Integrity Protocol
security protocol used in the IEEE 802.11 wireless networking standard.
TLS
Transport Layer Security
TOC
Time-of-Check
problem where the state of a system can change between the time it is checked and the time it is used.
TOTP
Time-Based One-Time Password
TOU
Time of Use
TPM
Trusted Platform Module
TTP
Tactics, Techniques and Procedures
TSIG
Transaction Signature
protocol used for securing updates to DNS, which is based on shared secret key cryptography.
UAT
User Acceptance Testing
UAV
Unmanned Arial Vehicle
UDP
User Datagram Protocol
messages between computing devices in a network. It’s used for time-sensitive transmissions.
UEFI
Unified Extensible Firmware Interface
replaces BIOS
UEM
Unified Endpoint Mangement
UPS
Uninterruptible Power Supply
URI
Uniform Resource Identifier
UTM
Unified Threat Management
UTP
Unshielded Twisted Pair
VBA
Visual Basic for Applications
computer programming language
VDE
Virtual Desktop Environment
VDI
Virtual Desktop Infrastructure
VLAN
Virtual Local Area Network
VLSM
Variable Length Subnet Masking
VM
Virtual Machine
VoIP
Voice over Internet Protocol
VPC
Virtual Private Cloud
VPN
Virtual Private Network
VTC
Video Teleconferencing
WAF
Web Application Firewall
WAP
Wirless Access Point
WEP
Wired Equivalent Prvacy
