3DES | Triple Data Encryption Standard |
AAA | Authentication, Authorization, and Accounting |
ABAC | Attribute-based Access Control |
ACL | Access Control List |
AD | Active Directory |
AES | Advanced Encryption Standard |
AES256 | Advanced Encryption Standard 256bit |
AH | Authentication Header |
AI | Artificial Intelligence |
AIS | Automated Indicator Sharing |
ALE | Annualized Loss Expectancy |
AP | Access Point |
API | Application Programming Interface |
APT | Advanced Persistent Threat |
ARO | Annualized Rate of Occurrence |
ARP | Address Resolution Protocol |
ASLR | Address Space Layout Randomization |
ASP | Active Server Pages |
ATT&C | Adversarial Tactics, Techniques, and Common Knowledge |
AUP | Acceptable Use Policy |
AV | Antivirus |
AV | Asset Value |
BASH | Bourne Again Shell |
BAC | Business Availability Center |
BCP | Business Continuity Planning |
BIA | Business Impact Analysis |
BIOS | Basic Input/Output System |
BPA | Business Partners Agreement |
BPDU | Bridge Protocol Data Unit |
BSSID | Basic Service Set Identifier |
BYOD | Bring Your Own Device |
CA | Certificate Authority |
CAC | Common Access Card |
CAN | Controller Area Network |
CAPTCHA | Completely Automated Public Turing Test to Tell Computers and Human Apart |
CAR | Corrective Action Report |
CASB | Cloud Access Security Broker |
CBC | Cipher Block Chaining |
CBT | Computer-Based Training |
CCMP | Counter-Mode/CBC-Mac Protocol |
CCTV | Closed-Circuit Television |
CER | Certificate |
CER | Cross-Over Error Rate |
CERT | Computer Emergency Response Team |
CFB | Cipher Feedback |
CHAP | Challenge Handshake Authentication Protocol |
CIO | Chief Information Officer |
CIRT | Computer Incident Response Team |
CIS | Center for Internet Security |
CMS | Content Management System |
CN | Common Name |
COOP | Continuity of Operations Plan |
COPE | Corporate Owned, Personally Enabled |
CP | Contingency Planning |
CRC | Cyclic Redundancy Check |
CRL | Certificate Revocation List |
CSA | Cloud Security Alliance |
CSIRT | Computer Security Incident Response Team |
CSO | Chief Security Officer |
CSP | Cloud Service Provider |
CSR | Certificate Signing Request |
CSRF | Cross-Site Request Forgery |
CSU | Channel Service Unit |
CTM | Counter-Mode |
CTO | Chief Technology Officer |
CTR | Counter |
CVE | Common Vulnerabilities and Exposures |
CVSS | Common Vulnerability Scoring System |
CYOD | Choose Your Own Device |
DAC | Discretionary Access Control |
DBA | Database Administrator |
DDoS | Distributed Denial of Service |
DEP | Data Execution Prevention |
DER | Distinguished Encoding Rules |
DES | Data Encryption Standard |
DFIR | Digital Forensics and Investigation Response |
DHCP | Dynamic Host Configuration Protocol |
DHE | Data-Handling Electronics |
DHE | Diffie-Hellman Ephemeral |
DKIM | Domain Keys Identified Mail |
DLL | Dynamic Link Library |
DLP | Data Loss Prevention |
DMARC | Domain Message Authentication Reporting and Conformance |
DMZ | Demilitarized Zone |
DNAT | Destination Network Address Translation |
DNS | Domain Name Service (Server) |
DNSSEC | Domain Name System Security Extensions |
DoS | Denial of Service |
DPO | Data Protection Officer |
DRP | Disaster Recovery Plan |
DSA | Digital Signature Algorithm |
DSL | Digital Subscriber Line |
DSU | Data Service Unit |
EAP | Extensible Authentication Protocol |
ECB | Electronic Code Book |
ECC | Elliptic Curve Cryptography |
ECDHE | Elliptic Curve Diffie-Hellman Ephemeral |
ECDSA | Elliptic Curve Digital Signature Algorithm |
EDR | Endpoint Detection and Response |
EFS | Encrypted File System |
EIP | Extended Instruction Pointer |
EMI | Electromagnetic Interference |
EMP | Electro Magnetic Pulse |
EOL | End of Life |
EOS | End of Service |
ERP | Enterprise Resource Planning |
ESN | Electronic Serial Number |
ESP | Encapsulated Security Payload |
EF | Exposure Factor |
ESSID | Extended Service Set Identifier |
FACL | File System Access Control List |
FAR | False Acceptance Rate |
FDE | Full Disk Encryption |
FIM | File Integrity Monitoring |
FPGA | Field Programmable Gate Array |
FRR | False Rejection Rate |
FTP | File Transfer Protocol |
FTPS | Secured File Transfer Protocol |
GCM | Galois Counter Mode |
GDPR | General Data Protection Regulation |
GPG | GNU Privacy Guard |
GPO | Group Policy Object |
GPS | Global Positioning System |
GPU | Graphic Processing Unit |
GRE | Generic Routing Encapsulation |
HA | High Availability |
HDD | Hard Disk Drive |
HIDS | Host-Based Intrusion Detection System |
HIPS | Host-Based Intrusion Prevention System |
HMAC | Hashed Message Authentication Code |
HOTP | HMAC-based One-Time Password |
HSM | Hardware Security Module |
HSMaaS | Hardware Security Module as a Service |
HTML | Hypertext Markup Language |
HTTP | Hypertext Transfer Protocol |
HTTPS | Hypertext Transfer Protocol Secure |
HVAC | Heating, Ventilation and Air Conditioning |
IaaS | Infrastructure as a Service |
ICMP | Internet Control Message Protocol |
ICS | Industrial Control Systems |
ID | Identification |
IDEA | International Data Encryption Algorithm |
IDF | Intermediate Distribution Frame |
IdP | Identity Provider |
IDS | Intrusion Detection System |
IEEE | Institute of Electrical and Electronic Engineers |
IIS | Internet Information System |
IKE | Internet Key Exchange |
IM | Instant Messaging |
IMAP4 | Internet Message Access Protocol V4 |
IoC | Indicators of Compromise |
IoT | Internet of Things |
IP | Internet Protocol |
IPS | Intrusion Prevention System |
IPSec | Internet Protocol Security |
IR | Incident Response |
IR | Infrared |
IRC | Internet Relay Chat |
IRP | Incident Response Plan |
ISA | Interconnection Security Agreement |
ISFW | Internal Segmentation Firewall |
ISO | International Organization for Standardization |
ISP | Internet Service Provider |
ISSO | Information Systems Security Officer |
ITCP | IT Contingency Plan |
IV | Initialization Vector |
KDC | Key Distribution Center |
KEK | Key Encryption Key |
L2TP | Layer 2 Tunneling Protocol |
LAN | Local Area Network |
LDAP | Lightweight Directory Access Protocol |
LEAP | Lightweight Extensible Authentication Protocol |
MaaS | Monitoring as a Service |
MAC | Mandatory Access Control |
MAC | Media Access Control |
MAC | Message Authentication Code |
MAM | Mobile Application Network |
MAN | Metropolitan Area Network |
MBR | Master Boot Record |
MD5 | Message Digest 5 |
MDF | Main Distribution Frame |
MDM | Mobile Device Management |
MFA | Multi-Factor Authentication |
MFD | Multi-Function Device |
MFP | Multi-Function Printer |
MITM | Man-in-the-Middle |
ML | Machine Learning |
MMS | Multimedia Message Service |
MOA | Memorandum of Agreement |
MOU | Memorandum of Understanding |
MPLS | Multi-Protocol Label Switching |
MSA | Measurement Systems Analysis |
MSCHAP | Microsoft Challenge Handshake Authentication Protocol |
MSP | Managed Service Provider |
MSSP | Managed Security Service Provider |
MTBF | Mean Time Between Failures |
MTTF | Mean Time to Failure |
MTTR | Mean Time to Recover or Mean Time to Repair |
MTU | Maximum Transmission Unit |
NAC | Network Access Control |
NAS | Network Attached Storage |
NAT | Network Address Translation |
NDA | Non-Disclosure Agreement |
NFC | Near Field Communication |
NFV | Network Function Virtualization |
NGAC | Next Generation Access Control |
NGFW | Next Generation Firewall |
NG-SWG | Next Generation Secure Web Gateway |
NIC | Network Interface Card |
NIDS | Network-Based Intrusion Detection System |
NIPS | Network-Based Intrusion Prevention System |
NIST | National Institute of Standards & Technology |
NOC | Network Operations Center |
NTFS | New Technology File System |
NTLM | New Technology LAN Manager |
NTP | Network Time Protocol |
OAUTH | Open Authorization |
OCSP | Online Certificate Status Protocol |
OID | Object Identifier |
OS | Operating System |
OSI | Open Systems Interconnection |
OSINT | Open Source Intelligence |
OSPF | Open Shortest Path First |
OT | Operational Technology |
OTA | Over The Air |
OTG | On The Go |
OVAL | Open Vulnerability Assessment Language |
OWASP | Open Web Application Security Project |
P12 | PKCS #12 |
P2P | Peer to Peer |
PaaS | Platform as a Service |
PAC | Proxy Auto Configuration |
PAM | Privileged Access Management |
PAM | Pluggable Authentication Modules |
PAP | Password Authentication Protocol |
PAT | Port Address Translation |
PBKDF | Password-Based Key Derivation Function 2 |
PBX | Private Branch Exchange |
PCAP | Packet Capture |
PCI DSS | Payment Card Industry Data Security Standard |
PDU | Power Distribution Unit |
PE | Portable Executable |
PEAP | Protected Extensible Authentication Protocol |
PED | Personal Electronic Device |
PEM | Privacy-Enhanced Electronic Mail |
PFS | Perfect Forward Secrecy |
PFX | Personal Exchange Format |
PGP | Pretty Good Privacy |
PHI | Personal Health Information |
PII | Personally Identifiable Information |
PIN | Personal Identification Number |
PIV | Personal Identity Verification |
PKCS | Public Key Cryptography Standards |
PKI | Public Key Infrastructure |
PoC | Proof of Concept |
POODLE | Padding Oracle on Downgrade Legacy Encryption |
POP | Post Office Protocol |
POTS | Plain Old Telephone System |
PPP | Point-to-Point Protocol |
PPTP | Point-to-Point Tunneling Protocol |
PSK | Pre-Shared Key |
PTZ | Pan-Tilt-Zoom |
PUP | Potentially Unwanted Program |
QA | Quality Assurance |
QoS | Quality of Service |
RA | Recovery Agent |
RA | Registration Authority |
RAD | Rapid Application Development |
RADIUS | Remote Authentication Dial-In User Server |
RAID | Redundant Array of Inexpensive Disks |
RAM | Random Access Memory |
RAS | Remote Access Server |
RAT | Remote Access Trojan |
RBAC | Role-Based Access Control |
RBAC | Rule-Based Access Control |
RC4 | Rivest Cipher Version 4 |
RCS | Rich Communication Services |
RDP | Remote Desktop Protocol |
RFC | Request for Comments |
RFID | Radio Frequency Identifier |
RIPEMD | RACE Integrity Primitives Evaluation Message Digest |
ROI | Return on Investment |
RMF | Risk Management Framework |
RPO | Recovery Point Objective |
RSA | Rivest, Shamir, & Adleman |
RTHB | Remotely Triggered Black Hole |
RTO | Recovery Time Objective |
RTOS | Real-Time Operating System |
RTP | Real-Time Transport Protocol |
S/MIME | Secure/Multipurpose Internet Mail Extensions |
SaaS | Software as a Service |
SAML | Security Assertion Markup Language |
SAN | Storage Area Network |
SAN | Subject Alternative Name |
SCADA | System Control and Data Acquisition |
SCAP | Security Content Automation Protocol |
SCEP | Simple Certificate Enrollment Protocol |
SCP | Secure Copy |
SCSI | Small Computer System Interface |
SDK | Software Development Kit |
SDLC | Software Development Life Cycle |
SDLM | Software Development Life Cycle Methodology |
SDN | Software Defined Network |
SDP | Service Delivery Platform |
SDV | Software Defined Visibility |
SED | Self-Encrypting Drive |
SHE | Structured Exception Handler |
SFTP | Secured File Transfer Protocol |
SHA | Secure Hashing Algorithm |
SHTTP | Secure Hypertext Transfer Protocol |
SIEM | Security Information and Event Management |
SIM | Subscriber Identity Module |
SIP | Session Initiation Protocol |
SLA | Service Level Agreement |
SLE | Single Loss Expectancy |
S/MIME | Secure/Multipurpose Internet Mail Extensions |
SMB | Server Message Block |
SMS | Short Message Service |
SMTP | Simple Mail Transfer Protocol |
SMTPS | Simple Mail Transfer Protocol Secure |
SNMP | Simple Network Management Protocol |
SOAP | Simple Object Access Protocol |
SOAR | Security Orchestration, Automation, Response |
SoC | System on a Chip |
SPF | Sender Policy Framework |
SPIM | SPAM over Internet Messaging |
SPoE | Single Point of Failure |
SQL | Structured Query Language |
SQLi | SQL Injection |
SRTP | Secure Real-Time Protocol |
SSD | Solid State Drive |
SSH | Secure Shell |
SSID | Service Set Identifier |
SSL | Secure Sockets Layer |
SSO | Single Sign-On |
STIX | Structured Threat Information eXpression |
STP | Shielded Twisted Pair |
TACAS+ | Terminal Access Controller Access Control System Plus |
TAXII | Trusted Automated eXchange of Intelligence Information |
TCP/IP | Transmission Control Protocol/Internet Protocol |
TGT | Ticket Granting Ticket |
TKIP | Temporal Key Integrity Protocol |
TLS | Transport Layer Security |
TOTP | Time-Based One-Time Password |
TPM | Trusted Platform Module |
TSIG | Transaction Signature |
TTP | Tactics, Techniques, and Procedures |
UAT | User Acceptance Testing |
UAV | Unmanned Aerial Vehicle |
UDP | User Datagram Protocol |
UEBA | User and Entity Behavior Analytics |
UEFI | Unified Extensible Framework Interface |
UEM | Unified Endpoint Management |
UPS | Unterruptable Power Supply |
URI | Uniform Resource Identifier |
URL | Universal Resource Locator |
USB | Universal Serial Bus |
USB OTG | USB On The Go |
UTM | Unified Threat Management |
UTP | Unshielded Twisted Pair |
VBA | Visual Basic for Applications |
VDE | Virtual Desktop Environment |
VDI | Virtual Desktop Infrastructure |
VLAN | Virtual Local Area Network |
VLSM | Variable Length Subnet Masking |
VM | Virtual Machine |
VoIP | Voice Over IP |
VPC | Virtual Private Cloud |
VPN | Virtual Private Network |
VTC | Video Teleconferencing |
WAF | Web Application Firewall |
WAP | Wireless Access Point |
WEP | Wired Equivalent Privacy |
WIDS | Wireless Intrusion Detection System |
WIPS | Wireless Intrusion Prevention System |
WORM | Wire Once Read Many |
WPA | Wi-Fi Protected Access |
WPA2 | Wi-Fi Protected Access 2 |
WPS | Wi-Fi Protected Setup |
WTLS | Wireless TLS |
XaaS | Anything as a Service |
XML | Extensible Markup Language |
XOR | Exclusive Or |
XSRF | Cross-Site Request Forgery |
XSS | Cross-Site Scripting |