802.1x
A port-based authentication protocol. It can use simple credentials such as a shared secret (or password) or use a digital certificate. WPA2-Enterprise mode uses an 802.1X server (implemented as a RADIUS server) to add authentication.
3DES
Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It was originally designed as a replacement for DES. It uses multiple keys and multiple passes and is not as efficient as AES, but is still used in some applications, such as when hardware doesn't support AES.
AAA
Authentication, Authorization, and Accounting. AAA protocols are used in remote access systems. For example, TACACS+ is an AAA protocol that uses multiple challenges and responses during a session. Authentication verifies a user's identification. Authorization determines if a user should have access. Accounting tracks a user's access with logs.
ABAC
Attribute Based Access Control. An access control model that grants access to resources based on attributes assigned to subjects and objects
ACL
Access control list. A list of rules used to grant access to a resource. In NTFS, a list of ACEs makes up the ACL for a resource. In a firewall, an ACL identifies traffic that is allowed or blocked based on IP addresses, networks, ports, and some protocols (using the protocol ID).
AES
Advanced Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. AES is quick, highly secure, and used in a wide assortment of cryptography schemes. It includes key sizes of 128 bits, 192 bits, or 256 bits.
AES256
Advanced Encryption Standard 256 bit. AES sometimes includes the number of bits used in the encryption keys and AES256 uses 256-bit encryption keys.
AH
Authentication Header. IPsec includes both AH and ESP. AH provides authentication and integrity, and ESP provides confidentiality, integrity, and authentication. AH is identified with protocol ID number 51.
ALE
Annualized loss expectancy. Used to measure risk with annualized rate of occurrence (ARO) and single loss expectancy (SLE). The ALE identifies the total amount of loss expected for a given risk. The calculation is SLE x ARO = ALE.
AP
Access point, short for wireless access point (WAP). APs provide access to a wired network to wireless clients. Many APs support isolation mode to segment wireless uses from other wireless users.
ARO
Annualized rate of occurrence. Used to measure risk with annualized loss expectancy (ALE) and single loss expectancy (SLE). The ARO identifies how many times a loss is expected to occur in a year. The calculation is SLE x ARO = ALE.
ARP
Address Resolution Protocol. Resolves IP addresses to MAC addresses. ARP poisoning attacks can redirect traffic through an attacker's system by sending false MAC address updates. VLAN segregation helps prevent the scope of ARP poisoning attacks within a network.
AUP
Acceptable use policy. An AUP defines proper system usage. It will often describe the purpose of computer systems and networks, how users can access them, and the responsibilities of users when accessing the systems.