Acronyms Used in This Book

3DESTriple Data Encryption Standard
AAAAuthentication, Authorization, and Accounting
ABACAttribute-based Access Control
ACLAccess Control List
ADActive Directory
AESAdvanced Encryption Standard
AES256Advanced Encryption Standard 256bit
AHAuthentication Header
AIArtificial Intelligence
AISAutomated Indicator Sharing
ALEAnnualized Loss Expectancy
APAccess Point
APIApplication Programming Interface
APTAdvanced Persistent Threat
AROAnnualized Rate of Occurrence
ARPAddress Resolution Protocol
ASLRAddress Space Layout Randomization
ASPActive Server Pages
ATT&CAdversarial Tactics, Techniques, and Common Knowledge
AUPAcceptable Use Policy
AVAsset Value
BASHBourne Again Shell
BACBusiness Availability Center
BCPBusiness Continuity Planning
BIABusiness Impact Analysis
BIOSBasic Input/Output System
BPABusiness Partners Agreement
BPDUBridge Protocol Data Unit
BSSIDBasic Service Set Identifier
BYODBring Your Own Device
CACertificate Authority
CACCommon Access Card
CANController Area Network
CAPTCHACompletely Automated Public Turing Test to Tell Computers and Human Apart
CARCorrective Action Report
CASBCloud Access Security Broker
CBCCipher Block Chaining
CBTComputer-Based Training
CCMPCounter-Mode/CBC-Mac Protocol
CCTVClosed-Circuit Television
CERCross-Over Error Rate
CERTComputer Emergency Response Team
CFBCipher Feedback
CHAPChallenge Handshake Authentication Protocol
CIOChief Information Officer
CIRTComputer Incident Response Team
CISCenter for Internet Security
CMSContent Management System
CNCommon Name
COOPContinuity of Operations Plan
COPECorporate Owned, Personally Enabled
CPContingency Planning
CRCCyclic Redundancy Check
CRLCertificate Revocation List
CSACloud Security Alliance
CSIRTComputer Security Incident Response Team
CSOChief Security Officer
CSPCloud Service Provider
CSRCertificate Signing Request
CSRFCross-Site Request Forgery
CSUChannel Service Unit
CTOChief Technology Officer
CVECommon Vulnerabilities and Exposures
CVSSCommon Vulnerability Scoring System
CYODChoose Your Own Device
DACDiscretionary Access Control
DBADatabase Administrator
DDoSDistributed Denial of Service
DEPData Execution Prevention
DERDistinguished Encoding Rules
DESData Encryption Standard
DFIRDigital Forensics and Investigation Response
DHCPDynamic Host Configuration Protocol
DHEData-Handling Electronics
DHEDiffie-Hellman Ephemeral
DKIMDomain Keys Identified Mail
DLLDynamic Link Library
DLPData Loss Prevention
DMARCDomain Message Authentication Reporting and Conformance
DMZDemilitarized Zone
DNATDestination Network Address Translation
DNSDomain Name Service (Server)
DNSSECDomain Name System Security Extensions
DoSDenial of Service
DPOData Protection Officer
DRPDisaster Recovery Plan
DSADigital Signature Algorithm
DSLDigital Subscriber Line
DSUData Service Unit
EAPExtensible Authentication Protocol
ECBElectronic Code Book
ECCElliptic Curve Cryptography
ECDHEElliptic Curve Diffie-Hellman Ephemeral
ECDSAElliptic Curve Digital Signature Algorithm
EDREndpoint Detection and Response
EFSEncrypted File System
EIPExtended Instruction Pointer
EMIElectromagnetic Interference
EMPElectro Magnetic Pulse
EOLEnd of Life
EOSEnd of Service
ERPEnterprise Resource Planning
ESNElectronic Serial Number
ESPEncapsulated Security Payload
EFExposure Factor
ESSIDExtended Service Set Identifier
FACLFile System Access Control List
FARFalse Acceptance Rate
FDEFull Disk Encryption
FIMFile Integrity Monitoring
FPGAField Programmable Gate Array
FRRFalse Rejection Rate
FTPFile Transfer Protocol
FTPSSecured File Transfer Protocol
GCMGalois Counter Mode
GDPRGeneral Data Protection Regulation
GPGGNU Privacy Guard
GPOGroup Policy Object
GPSGlobal Positioning System
GPUGraphic Processing Unit
GREGeneric Routing Encapsulation
HAHigh Availability
HDDHard Disk Drive
HIDSHost-Based Intrusion Detection System
HIPSHost-Based Intrusion Prevention System
HMACHashed Message Authentication Code
HOTPHMAC-based One-Time Password
HSMHardware Security Module
HSMaaSHardware Security Module as a Service
HTMLHypertext Markup Language
HTTPHypertext Transfer Protocol
HTTPSHypertext Transfer Protocol Secure
HVACHeating, Ventilation and Air Conditioning
IaaSInfrastructure as a Service
ICMPInternet Control Message Protocol
ICSIndustrial Control Systems
IDEAInternational Data Encryption Algorithm
IDFIntermediate Distribution Frame
IdPIdentity Provider
IDSIntrusion Detection System
IEEEInstitute of Electrical and Electronic Engineers
IISInternet Information System
IKEInternet Key Exchange
IMInstant Messaging
IMAP4Internet Message Access Protocol V4
IoCIndicators of Compromise
IoTInternet of Things
IPInternet Protocol
IPSIntrusion Prevention System
IPSecInternet Protocol Security
IRIncident Response
IRCInternet Relay Chat
IRPIncident Response Plan
ISAInterconnection Security Agreement
ISFWInternal Segmentation Firewall
ISOInternational Organization for Standardization
ISPInternet Service Provider
ISSOInformation Systems Security Officer
ITCPIT Contingency Plan
IVInitialization Vector
KDCKey Distribution Center
KEKKey Encryption Key
L2TPLayer 2 Tunneling Protocol
LANLocal Area Network
LDAPLightweight Directory Access Protocol
LEAPLightweight Extensible Authentication Protocol
MaaSMonitoring as a Service
MACMandatory Access Control
MACMedia Access Control
MACMessage Authentication Code
MAMMobile Application Network
MANMetropolitan Area Network
MBRMaster Boot Record
MD5Message Digest 5
MDFMain Distribution Frame
MDMMobile Device Management
MFAMulti-Factor Authentication
MFDMulti-Function Device
MFPMulti-Function Printer
MLMachine Learning
MMSMultimedia Message Service
MOAMemorandum of Agreement
MOUMemorandum of Understanding
MPLSMulti-Protocol Label Switching
MSAMeasurement Systems Analysis
MSCHAPMicrosoft Challenge Handshake Authentication Protocol
MSPManaged Service Provider
MSSPManaged Security Service Provider
MTBFMean Time Between Failures
MTTFMean Time to Failure
MTTRMean Time to Recover or Mean Time to Repair
MTUMaximum Transmission Unit
NACNetwork Access Control
NASNetwork Attached Storage
NATNetwork Address Translation
NDANon-Disclosure Agreement
NFCNear Field Communication
NFVNetwork Function Virtualization
NGACNext Generation Access Control
NGFWNext Generation Firewall
NG-SWGNext Generation Secure Web Gateway
NICNetwork Interface Card
NIDSNetwork-Based Intrusion Detection System
NIPSNetwork-Based Intrusion Prevention System
NISTNational Institute of Standards & Technology
NOCNetwork Operations Center
NTFSNew Technology File System
NTLMNew Technology LAN Manager
NTPNetwork Time Protocol
OAUTHOpen Authorization
OCSPOnline Certificate Status Protocol
OIDObject Identifier
OSOperating System
OSIOpen Systems Interconnection
OSINTOpen Source Intelligence
OSPFOpen Shortest Path First
OTOperational Technology
OTAOver The Air
OTGOn The Go
OVALOpen Vulnerability Assessment Language
OWASPOpen Web Application Security Project
P12PKCS #12
P2PPeer to Peer
PaaSPlatform as a Service
PACProxy Auto Configuration
PAMPrivileged Access Management
PAMPluggable Authentication Modules
PAPPassword Authentication Protocol
PATPort Address Translation
PBKDFPassword-Based Key Derivation Function 2
PBXPrivate Branch Exchange
PCAPPacket Capture
PCI DSSPayment Card Industry Data Security Standard
PDUPower Distribution Unit
PEPortable Executable
PEAPProtected Extensible Authentication Protocol
PEDPersonal Electronic Device
PEMPrivacy-Enhanced Electronic Mail
PFSPerfect Forward Secrecy
PFXPersonal Exchange Format
PGPPretty Good Privacy
PHIPersonal Health Information
PIIPersonally Identifiable Information
PINPersonal Identification Number
PIVPersonal Identity Verification
PKCSPublic Key Cryptography Standards
PKIPublic Key Infrastructure
PoCProof of Concept
POODLEPadding Oracle on Downgrade Legacy Encryption
POPPost Office Protocol
POTSPlain Old Telephone System
PPPPoint-to-Point Protocol
PPTPPoint-to-Point Tunneling Protocol
PSKPre-Shared Key
PUPPotentially Unwanted Program
QAQuality Assurance
QoSQuality of Service
RARecovery Agent
RARegistration Authority
RADRapid Application Development
RADIUSRemote Authentication Dial-In User Server
RAIDRedundant Array of Inexpensive Disks
RAMRandom Access Memory
RASRemote Access Server
RATRemote Access Trojan
RBACRole-Based Access Control
RBACRule-Based Access Control
RC4Rivest Cipher Version 4
RCSRich Communication Services
RDPRemote Desktop Protocol
RFCRequest for Comments
RFIDRadio Frequency Identifier
RIPEMDRACE Integrity Primitives Evaluation Message Digest
ROIReturn on Investment
RMFRisk Management Framework
RPORecovery Point Objective
RSARivest, Shamir, & Adleman
RTHBRemotely Triggered Black Hole
RTORecovery Time Objective
RTOSReal-Time Operating System
RTPReal-Time Transport Protocol
S/MIMESecure/Multipurpose Internet Mail Extensions
SaaSSoftware as a Service
SAMLSecurity Assertion Markup Language
SANStorage Area Network
SANSubject Alternative Name
SCADASystem Control and Data Acquisition
SCAPSecurity Content Automation Protocol
SCEPSimple Certificate Enrollment Protocol
SCPSecure Copy
SCSISmall Computer System Interface
SDKSoftware Development Kit
SDLCSoftware Development Life Cycle
SDLMSoftware Development Life Cycle Methodology
SDNSoftware Defined Network
SDPService Delivery Platform
SDVSoftware Defined Visibility
SEDSelf-Encrypting Drive
SHEStructured Exception Handler
SFTPSecured File Transfer Protocol
SHASecure Hashing Algorithm
SHTTPSecure Hypertext Transfer Protocol
SIEMSecurity Information and Event Management
SIMSubscriber Identity Module
SIPSession Initiation Protocol
SLAService Level Agreement
SLESingle Loss Expectancy
S/MIMESecure/Multipurpose Internet Mail Extensions
SMBServer Message Block
SMSShort Message Service
SMTPSimple Mail Transfer Protocol
SMTPSSimple Mail Transfer Protocol Secure
SNMPSimple Network Management Protocol
SOAPSimple Object Access Protocol
SOARSecurity Orchestration, Automation, Response
SoCSystem on a Chip
SPFSender Policy Framework
SPIMSPAM over Internet Messaging
SPoESingle Point of Failure
SQLStructured Query Language
SQLiSQL Injection
SRTPSecure Real-Time Protocol
SSDSolid State Drive
SSHSecure Shell
SSIDService Set Identifier
SSLSecure Sockets Layer
SSOSingle Sign-On
STIXStructured Threat Information eXpression
STPShielded Twisted Pair
TACAS+Terminal Access Controller Access Control System Plus
TAXIITrusted Automated eXchange of Intelligence Information
TCP/IPTransmission Control Protocol/Internet Protocol
TGTTicket Granting Ticket
TKIPTemporal Key Integrity Protocol
TLSTransport Layer Security
TOTPTime-Based One-Time Password
TPMTrusted Platform Module
TSIGTransaction Signature
TTPTactics, Techniques, and Procedures
UATUser Acceptance Testing
UAVUnmanned Aerial Vehicle
UDPUser Datagram Protocol
UEBAUser and Entity Behavior Analytics
UEFIUnified Extensible Framework Interface
UEMUnified Endpoint Management
UPSUnterruptable Power Supply
URIUniform Resource Identifier
URLUniversal Resource Locator
USBUniversal Serial Bus
UTMUnified Threat Management
UTPUnshielded Twisted Pair
VBAVisual Basic for Applications
VDEVirtual Desktop Environment
VDIVirtual Desktop Infrastructure
VLANVirtual Local Area Network
VLSMVariable Length Subnet Masking
VMVirtual Machine
VoIPVoice Over IP
VPCVirtual Private Cloud
VPNVirtual Private Network
VTCVideo Teleconferencing
WAFWeb Application Firewall
WAPWireless Access Point
WEPWired Equivalent Privacy
WIDSWireless Intrusion Detection System
WIPSWireless Intrusion Prevention System
WORMWire Once Read Many
WPAWi-Fi Protected Access
WPA2Wi-Fi Protected Access 2
WPSWi-Fi Protected Setup
WTLSWireless TLS
XaaSAnything as a Service
XMLExtensible Markup Language
XORExclusive Or
XSRFCross-Site Request Forgery
XSSCross-Site Scripting