Security +

AAA

Authentication, Authorization, and Accounting

ABAC

Attribute-based Access Control

ACL

Access Control List

AES

Advanced Encryption Standard

AES256

Advanced Encryption Standards 256bit

AH

Authentication Header

ALE

Annualized Loss Expectancy

AP

Access Point

API

Application Programming Interface

APT

Advanced Persistent Threat

ARO

Annualized Rate of Occurrence

ARP

Address Resolution Protocol

ASLR

Address Space Layout Randomization

ASP

Application Service Provider

AUP

Acceptable Use Policy

AV

Antivirus

AV

Asset Value

BAC

Business Availability Center

BCP

Business Continuity Planning

BIA

Business Impact Analysis

BIOS

Basic Input/Output System

BPA

Business Partners Agreement

BPDU

Bridge Protocol Data Unit

BYOD

Bring Your Own Device

CA

Certificate Authority

CAC

Common Access Card

CAN

Controller Area Network

CAPTCHA

Completely Automated Public Turing Test to Tell Computers and Humans Apart

CAR

Corrective Action Report

CBC

Cipher Block Chaining

CCMP

Counter-Mode/CBC-Mac Protocol

CCTV

Closed-circuit Television

CER

Certificate

CER

Cross-over Error Rate

CERT

Computer Emergency Response Team

CFB

Cipher Feedback

CHAP

Challenge Handshake Authentication Protocol

CIO

Chief Information Officer

CIRT

Computer Incident Response Team

CMS

Content Management System

COOP

Continuity of Operations Plan

COPE

Corporate Owned, Personally Enabled

CP

Contingency Planning

CRC

Cyclical Redundancy Check

CRL

Certificate Revocation List

CSIRT

Computer Security Incident Response Team

CSO

Chief Security Officer

CSP

Cloud Service Provider

CSR

Certificate Signing Request

CSRF

Cross-site Request Forgery

CSU

Channel Service Unit

CTM

Counter-Mode

CTO

Chief Technology Officer

CTR

Counter

CYOD

Choose Your Own Device

DAC

Discretionary Access Control

DBA

Database Administrator

DDoS

Distributed Denial of Service

DEP

Data Execution Prevention

DER

Distinguished Encoding Rules

DES

Digital Encryption Standard

DFIR

Digital Forensics and Investigation Response

DHCP

Dynamic Host Configuration Protocol

DHE

Data-Handling Electronics

DHE

Diffie-Hellman Ephemeral

DLL

Dynamic Link Library

DLP

Data Loss Prevention

DMZ

Demilitarized Zone

DNAT

Destination Network Address Transaction

DNS

Domain Name Service (Server)

DoS

Denial of Service

DRP

Disaster Recovery Plan

DSA

Digital Signature Algorithm

DSL

Digital Subscriber Line

DSU

Data Service Unit

EAP

Extensible Authentication Protocol

ECB

Electronic Code Book

ECC

Elliptic Curve Cryptography

ECDHE

Elliptic Curve Diffie-Hellman Ephemeral

ECDSA

Elliptic Curve Digital Signature Algorithm

EFS

Encrypted File System

EMI

Electromagnetic Interference

EMP

Electro Magnetic Pulse

ERP

Enterprise Resource Planning

ESN

Electronic Serial Number

ESP

Encapsulated Security Payload

EF

Exposure Factor

FACL

File System Access Control List

FAR

False Acceptance Rate

FDE

Full Disk Encryption

FRR

False Rejection Rate

FTP

File Transfer Protocol

FTPS

Secured File Transfer Protocol

GCM

Galois Counter Mode

GPG

Gnu Privacy Guard

GPO

Group Policy Object

GPS

Global Positioning System

GPU

Graphic Processing Unit

GRE

Generic Routing Encapsulation

HA

High Availability

HDD

Hard Disk Drive

HIDS

Host-based Intrusion Detection System

HIPS

Host-based Intrusion Prevention System

HMAC

Hashed Message Authentication Code

HOTP

HMAC-based One-Time Password

HSM

Hardware Security Module

HTM

L Hypertext Markup Language

HTTP

Hypertext Transfer Protocol

HTTPS

Hypertext Transfer Protocol over SSL/TLS

HVAC

Heating,Ventilation and Air Conditioning

IaaS

Infrastructure as a Service

ICMP

Internet Control Message Protocol

ICS

Industrial Control Systems

ID

Identification

IDEA

International Data Encryption Algorithm

IDF

Intermediate Distribution Frame

IdP

Identity Provider

IDS

Intrusion Detection System

IEEE

Institute of Electrical and Electronic Engineers

IIS

Internet Information System

IKE

Internet Key Exchange

IM

Instant Messaging

IMAP4

Internet Message Access Protocol v4

IoT

Internet of Things

IP

Internet Protocol

IPSec

Internet Protocol Security

IR

Incident Response

IR

Infrared

IRC

Internet Relay Chat

IRP

Incident Response Plan

ISA

Interconnection Security Agreement

ISP

Internet Service Provider

ISSO

Information Systems Security Officer

ITCP

IT Contingency Plan

IV

Initialization Vector

KDC

Key Distribution Center

KEK

Key Encryption Key

L2TP

Layer 2 Tunneling Protocol

LAN

Local Area Network

LDAP

Lightweight Directory Access Protocol

LEAP

Lightweight Extensible Authentication Protocol

MaaS

Monitoring as a Service

MAC

Mandatory Access Control

MAC

Media Access Control

MAC

Message Authentication Code

MAN

Metropolitan Area Network

MBR

Master Boot Record

MD5

Message Digest 5

MDF

Main Distribution Frame

MDM

Mobile Device Management

MFA

Multi-Factor Authentication

MFD

Multi-function Device

MITM

Man-in-the-Middle

MMS

Multimedia Message Service

MOA

Memorandum of Agreement

MOU

Memorandum of Understanding

MPLS

Multi-protocol Label Switching

MSCHAP

Microsoft Challenge Handshake Authentication Protocol

MSP

Managed Service Provider

MTBF

Mean Time Between Failures

MTTF

Mean Time to Failure

MTTR

Mean Time to Recover or Mean Time to Repair

MTU

Maximum Transmission Unit

NAC

Network Access Control

NAT

Network Address Translation

NDA

Non-disclosure Agreement

NFC

Near Field Communication

NGAC

Next Generation Access Control

NIDS

Network-based Intrusion Detection System

NIPS

Network-based Intrusion Prevention System

NIST

National Institute of Standards & Technology

NTFS

New Technology File System

NTLM

New Technology LAN Manager

NTP

Network Time Protocol

OAUTH

Open Authorization

OCSP

Online Certificate Status Protocol

OID

Object Identifier

OS

Operating System

OTA

Over The Air

OVAL

Open Vulnerability Assessment Language

P12

PKCS #12

P2P

Peer to Peer

PaaS

Platform as a Service

PAC

Proxy Auto Configuration

PAM

Pluggable Authentication Modules

PAP

Password Authentication Protocol

PAT

Port Address Translation

PBKDF2

Password-based Key Derivation Function 2

PBX

Private Branch Exchange

PCAP

Packet Capture

PEAP

Protected Extensible Authentication Protocol

PED

Personal Electronic Device

PEM

Privacy-enhanced Electronic Mail

PFS

Perfect Forward Secrecy

PFX

Personal Exchange Format

PGP

Pretty Good Privacy

PHI

Personal Health Information

PII

Personally Identifiable Information

PIV

Personal Identity Verification

PKI

Public Key Infrastructure

POODLE

Padding Oracle on Downgrade Legacy Encryption

POP

Post Office Protocol

POTS

Plain Old Telephone Service

PPP

Point-to-Point Protocol

PPTP

Point-to-Point Tunneling Protocol

PSK

Pre-shared Key

PTZ

Pan-Tilt-Zoom

RA

Recovery Agent

RA

Registration Authority

RAD

Rapid Application Development

RADIUS

Remote Authentication Dial-in User Server

RAID

Redundant Array of Inexpensive Disks

RAS

Remote Access Server

RAT

Remote Access Trojan

RBAC

Role-based Access Control

RBAC

Rule-based Access Control

RC4

Rivest Cipher version 4

RDP

Remote Desktop Protocol

RFID

Radio Frequency Identifier

RIPEMD

RACE Integrity Primitives Evaluation Message Digest

ROI

Return on Investment

RMF

Risk Management Framework

RPO

Recovery Point Objective

RSA

Rivest,Shamir,& Adleman

RTBH

Remotely Triggered Black Hole

RTO

Recovery Time Objective

RTOS

Real-time Operating System

RTP

Real-time Transport Protocol

S/MIME

Secure/Multipurpose Internet Mail Extensions

SaaS

Software as a Service

SAML

Security Assertions Markup Language

SAN

Storage Area Network

SAN

Subject Alternative Name

SCADA

System Control and Data Acquisition

SCAP

Security Content Automation Protocol

SCEP

Simple Certificate Enrollment Protocol

SCP

Secure Copy

SCSI

Small Computer System Interface

SDK

Software Development Kit

SDLC

Software Development Life Cycle

SDLM

Software Development Life Cycle Methodology

SDN

Software Defined Network

SED

Self-encrypting Drive

SEH

Structured Exception Handler

SFTP

Secured File Transfer Protocol

SHA

Secure Hashing Algorithm

SHTTP

Secure Hypertext Transfer Protocol

SIEM

Security Information and Event Management

SIM

Subscriber Identity Module

SLA

Service Level Agreement

SLE

Single Loss Expectancy

SMB

Server Message Block

SMS

Short Message Service

SMTP

Simple Mail Transfer Protocol

SMTPS

Simple Mail Transfer Protocol Secure

SNMP

Simple Network Management Protocol

SOAP

Simple Object Access Protocol

SoC

System on Chip

SPF

Sender Policy Framework

SPIM

Spam over Internet Messaging

SPoF

Single Point of Failure

SQL

Structured Query Language

SRTP

Secure Real-Time Protocol

SSD

Solid State Drive

SSH

Secure Shell

SSID

Service Set Identifier

SSL

Secure Sockets Layer

SSO

Single Sign-on

STP

Shielded Twisted Pair

TACACS+

Terminal Access Controller Access, Control System Plus

TCP/IP

Transmission Control Protocol/Internet Protocol

TGT

Ticket Granting Ticket

TKIP

Temporal Key Integrity Protocol

TLS

Transport Layer Security

TOTP

Time-based One-time Password

TPM

Trusted Platform Module

TSIG

Transaction Signature

UAT

User Acceptance Testing

UAV

Unmanned Aerial Vehicle

UDP

User Datagram Protocol

UEFI

Unified Extensible Firmware Interface

UPS

Uninterruptable Power Supply

URI

Uniform Resource Identifier

URL

Universal Resource Locator

USB

Universal Serial Bus

USB OTG

USB On The Go

UTM

Unified Threat Management

UTP

Unshielded Twisted Pair

VDE

Virtual Desktop Environment

VDI

Virtual Desktop Infrastructure

VLAN

Virtual Local Area Network

VLSM

Variable Length Subnet Masking

VM

Virtual Machine

VoIP

Voice over IP

VPN

Virtual Private Network

VTC

Video Teleconferencing

WAF

Web Application Firewall

WAP

Wireless Access Point

WEP

Wired Equivalent Privacy

WIDS

Wireless Intrusion Detection System

WIPS

Wireless Intrusion Prevention System

WORM

Write Once Read Many

WPA

WiFi Protected Access

WPA2

WiFi Protected Access 2

WPS

WiFi Protected Setup

WTLS

Wireless TLS

XML

Extensible Markup Language

XOR

Exclusive Or

XSRF

Cross-site Request Forgery

XSS

Cross-site Scripting