Security+ Acronyms

Description

CompTIA Information Technology (Security+ ) Flashcards on Security+ Acronyms, created by Lyndsay Badding on 24/03/2023.
Lyndsay Badding
Flashcards by Lyndsay Badding, updated more than 1 year ago
Lyndsay Badding
Created by Lyndsay Badding over 1 year ago
3
0

Resource summary

Question Answer
3DES Triple Data Encryption Standard type of cryptography where block cipher algorithms are applied 3 times to each data block
AAA Authentication, Authorization, and Accounting security framework that controls access to computer resources, enforces policies, audits usage
ABAC Attribute-Based Access Control access control based on attributes associated with the subject, object, requested operations, environment conditions
ACL Access Control List set of rules to allow or deny access
AD Active Directory Windows directory service used to manage users, apps, data, etc.
AES Advanced Encryption Standard symmetric block cipher algorithm
AH Authentication Header packet header that provides origin authentication, data integrity, and replay protection it does not provide confidentiality
AIS Automated Indicator Sharing real-time exchange of machine-readable threat indicators and defensive measures
ALE Annualized Loss Expectancy SLE x ARO
AP Access Point 802.11 logical connection point
API Application Programming Interface set of definitions and protocols for building and integrating app software
APT Advanced Persistent Threat a sophisticated, sustained cyberattack threat actor remains undetected for a prolonged period of time
ARO Annualized Rate of Occurrence the number of incidents per year for a risk or threat
ARP Address Resolution Protocol contains the MAC table
ASLR Address Space Layout Randomization randomizes the location of system executables in RAM prevents buffer overflow
ASP Active Server Pages Microsoft's server-side scripting language for dynamic web pages
ATT&CK Adversarial Tactics, Techniques, & Common Knowledge globally accessible knowledge database
AUP Acceptable Use Policy set of rules user must accept before use of resources
AV AntiVirus
BASH Bourne Again SHell shell used in a text window mostly on Linux
BCP Business Continuity Planning process of creating a plan to identify major risks, preventatives, and continuity of essential processes
BGP Border Gateway Protocol language spoken by routers to determine how to send packets
BIA Business Impact Analysis identifies critical systems, functions, and processes and how quickly they need to be recovered/restored
BIOS Basic Input/Output System initializes hardware, then loads and starts the OS
BPA Business Partnership Agreement legal agreement that outlines terms, conditions, and expectations
BPDU Bridge Protocol Data Unit STP message unit to detect loops in network topologies contains info regarding ports, switches, port priority and addresses
BSSID Basic Service Set IDentifier MAC address of AP or wireless router
BYOD Bring Your Own Device
CA Certificate Authority trusted entity that issues SSL certificates
CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart
CAR Corrective Action Report indicates type of investigation or action taken to address the non-conformance or potential for non-conformance
CASB Cloud Access Security Broker software that sits between a cloud service consumer and provider enforces org security policies through risk ID and regulation compliance
CBC Cipher Block Chaining a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block
CBT Computer Based Training
CCMP Counter-mode/CBC-MAC Protocol used with AES 128-bit block ciphers 802.11i
CCTV Closed-Circuit TeleVision
CERT Computer Emergency Response Team is a registered mark by Carnegie Mellon have to apply for authorization to use this term
CFB Cipher FeedBack stream mode feedback = name for chaining when used in stream modes
CHAP Challenge Handshake Authentication Protocol used with PPP 3-way handshake uses an encrypted hash
CIO Chief Information Officer oversees people, processes and technologies within a company's IT org
CIRT Computer Incident Response Team interchangeable with CSIRT
CIS Center for Internet Security non-profit org that sets standards for cyber security
CMS Content Management System software platform that allows users to build and manage a website with limited technical knowledge and resources can be open source, prop., or SaaS
CN Common Name also known as FQDN
COOP Continuity Of Operations Planning procedures and guidance to sustain MEFs at an alternate site for up to 30 days mandated by federal directives
COPE Corporate-Owned Personally Enabled employee is able to use device as their own, but company still owns it
CP Contingency Planning
CRC Cyclic Redundancy Check integrity check using a binary solution
CRL Certificate Revocation List
CSA Cloud Security Alliance organization that defines best practices for a secure cloud computing environment
CSIRT Computer Security Incident Response Team interchangeable with CIRT
CSO Chief Security Officer responsible for the physical security and safety of employees, facilities, and assets
CSP Cloud Service Provider
CSR Certificate Signing Request created on the server where the cert will be installed
CSRF Cross-Site Request Forgery also XSRF attack that forces users to submit a request to a web app that they are already authenticated to
CSU Channel Service Unit used to convert digital signals from a router to a network circuit such as T1 similar to a modem
CTM CounTer-Mode turns a block cipher into a stream cipher adds a counter to each block, which is also encrypted
CTO Chief Technology Officer responsible for settings security standards that dictate how the org chooses to work with or acquire tools form vendors
CVE Common Vulnerabilities and Exposures a glossary that classifies vulnerabilities
CVSS Common Vulnerability Scoring System a method used to supply a qualitative measure of severity
CYOD Choose Your Own Device
DAC Discretionary Access Control identity-based access control
DBA DataBase Administrator ensures the security of a database
DDoS Distributed Denial of Service multiple systems target a single system
DEP Data Execution Prevention built into Windows to prevent malicious code from being executed from system memory
DER Distinguished Encoding Rules key file format for cryptographic data
DES Data Encryption Standard outdated symmetric key method of data encryption block cipher that encrypts in 64-bit blocks
DHCP Dynamic Host Configuration Protocol assigns IP addresses
DHE Diffie-Hellman Ephemeral securely establishes a channel to create and share a key for symmetric key algorithms
DKIM Domain Keys Identified Mail email authentication method using a digital signature
DLL Dynamic-Link Library contains the resources an app needs to run successfully could include images and a library of executable functions
DLP Data Loss Prevention implements a set of processes, procedures, and tools to prevent the loss, misuse, or unauthorized access of sensitive info
DMARC Domain Message Authentication Reporting and Conformance email validation system that detects and prevents email spoofing
DNAT Destination Network Address Translation changes the destination address in the IP header for packets coming into the LAN
DNS Domain Name System translates FQDN to IP address
DNSSEC Domain Name System SECurity extensions suite of extensions that improve DNS security by verifying that DNS results have not been tampered with
DoS Denial of Service
DPO Data Protection Officer ensures the org processes personal data in compliance with applicable data protection rules
DRP Disaster Recovery Plan
DSA Digital Signature Algorithm cryptographic algorithm used to generate digital signatures, authenticate the sender of a digital message, and prevent tampering
DSL Digital Subscriber Line
EAP Extensible Authentication Protocol protocol that acts as a framework and transport for other authentication protocols
ECB Electronic Code Book legacy to CBC symmetric encryption scheme which replaces each block of clear text with block of ciphertext
ECC Elliptic-Curve Cryptography public key cryptographic algorithm used to perform critical security functions, including encryption, authentication, and digital signatures more secure than RSA or DSA
ECDHE Elliptic-Curve Diffie-Hellman Ephemeral key exchange algorithm that allows 2 parties to establish a shared secret over an insecure communication channel
ECDSA Elliptic-Curve Digital Signature Algorithm DSA which uses keys derived from ECC
EDR Endpoint Detection and Response an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like malware
EFS Encrypted File System provides cryptographic protection of individual files on NTFS volumes using a public-key system
EIP Extended Instruction Pointer used to track the address of the current instruction running inside the application
EOL End Of Life ending of patches, updates, and sale of equipment
EOS End Of Service ending of services and updates for server, storage, and network equipment
ERP Enterprise Resource Planning the practice of taking effective security measures to prevent infiltration inside of ERP systems ERP systems unify all different platforms and departments
ESN Electronic Serial Number used in mobile phones
ESP Encapsulating Security Payload only authenticates the IP datagram portion of the IP packet can be used with AH
ESSID Extended Service Set IDentifier a set of wireless networks that have the same SSID
FACL File system Access Control List a table that informs the OS of access privileges a user has to a system object
FDE Full Disk Encryption
FIM File Integrity Monitoring
FPGA Field Programmable Gate Array hardware circuit that a user can program to carry out logical operations
FRR False Rejection Rate (FRR = FAR) = CER
FTP File Transfer Protocol transfer files between computer systems and servers via the internet
GCM Galois/Counter Mode mode of operation for AES algorithm symmetric-key cryptographic block ciphers
GDPR General Data Protection Regulation an EU law that governs the way we can use, process, and store personal data (PII)
GPG GNU Privacy Guard software replacement for PGP security tool for encrypting files
GPO Group Policy Object collection of settings that define what a system will look like and how it will behave for a defined group of computers or users
GPS Global Positioning System
GPU Graphics Processing Unit
GRE Generic Routing Encapsulation tunneling protocol used to transport multicast, broadcast, and non-IP packets like IPX
HA High Availability 99.9% 8h 45m 57s 99.99% 52m 35.7s 99.999% 5m 15.6s 99.9999% 31.6s 99.99999% 3.2s
HDD Hard Disk Drive non-volatile memory has moving parts to write data
HIDS Host-based Intrusion Detection System monitor the system and detect anomalies
HIPS Host-based Intrusion Prevention System behavioral analysis and network filtering to monitor running processes, files and registry keys prevents unknown malicious attacks
HMAC Hash-based Message Authentication Code cryptographic authentication technique that uses a hash function and a secret key
HOTP HMAC-based One-Time-Password
HSM Hardware Security Module device that generates and stores cryptographic keys, and digital signatures encrypts and decrypts data
HSMaaS Hardware Security Module as a Service
HTML HyperText Markup Language language used to create webpages
HTTP HyperText Transfer Protocol how resources are exchanged between client devices and servers over the internet
HVAC Heating, Ventilation, Air Conditioning referring to the monitoring system attached to these functions
IaaS Infrastructure as a Service pay-as-you-go services for using virtual equipment like servers, storage, network devices, VMs
IAM Identity and Access Management framework of policies, processes, and technologies that enable orgs to manage digital identities and control user access to critical corporate info
ICMP Internet Control Message Protocol used to troubleshoot and report error conditions transfers info about other protocols
ICS Industrial Control Systems
IDEA International Data Encryption Algorithm block cipher that operates on 64-bit plaintext and 128-bit key reversible
IDF Intermediate Distribution Frame a remote room or closet connected to MDF houses hubs and patch panels
IdP Identity Provider a service that stores and verifies user identity
IDS Intrusion Detection System monitoring system that detects suspicious activities and generates alerts when they are detected
IEEE Institute of Electrical and Electronics Engineers sets standards for many industries publishes journals, magazines, and conference proceedings
IKE Internet Key Exchange IPSec-based tunneling protocol that provides a secure VPN communication channel
IM Instant Messaging
IMAP4 Internet Message Access Protocol version 4 how you view your email enables the use of folders
IoC Indicators of Compromise clues and evidence of a security breach
IoT Internet of Things devices embedded with sensors, software, and other technologies for the purpose of exchanging data with other devices and systems over the internet
IP Internet Protocol communication standard used to uniquely identify systems on a computer network or across the internet
IPS Intrusion Prevention System hardware or software network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it
IPSec Internet Protocol Security suite of protocols between 2 communication points across the network that provide data CIA defines the encrypted, decrypted and authenticated packets
IR Incident Response
IRC Internet Relay Chat text-based chat system for IM
IRP Incident Response Plan
ISA Interconnection Security Agreement specifies the technical and security requirements of interconnection between organizations
ISFW Internal Segmentation FireWall meant to protect network if an attacker breaches the perimeter can be placed anywhere inside network
ISO International Organization for Standardization provides a security framework that orgs can tailor to specific security risks
ISP Internet Service Provider
ISSO Information Systems Security Officer maintains the appropriate security posture for an information system or program
ITCP IT Contingency Plan
IV Initialization Vector arbitrary number used with a secret key for data encryption to foil cyber attacks IV = nonce
KDC Key Distribution Center an authentication server that performs the initial authentication and issues TGTs for users Kerberos is a KDC
KEK Key Encryption Key key that encrypts other key stored in DES key storage for local use organization retains the KEK
L2TP Layer 2 Tunneling Protocol an extension of PPTP used by ISPs to enable VPNs
LAN Local Area Network
LDAP Lightweight Directory Access Protocol makes it possible for apps to query user info rapidly designed to maintain and access directories services within a network
LEAP Lightweight Extensible Authentication Protocol Cisco proprietary version of EAP encrypts data using WEP keys uses username and password for authentication
MaaS Monitoring as a Service
MAC Media Access Control
MAM Mobile Application Management
MAN Metropolitan Area Network
MBR Master Boot Record
MD5 Message Digest 5 cryptographic hash algorithm used to generate 128-bit digest from a string of any length provides the means for digital signature verification
MDF Main Distribution Frame demarcation point that interconnects public and private lines in a building
MDM Mobile Device Management
MFA MultiFactor Authentication
MFD MultiFunction Device device that can print, copy, scan, and fax usually larger in size with more features than a MFP
MFP MultiFunction Printer print, copy, scan, and fax
ML Machine Learning
MMS Multimedia Message Service extension of SMS
MOA Memorandum Of Agreement a written formal understanding of an agreement establishes a legal conditional agreement
MOU Memorandum Of Understanding common=cause agreement, not legally binding used to demonstrate the orgs have consulted and coordinated
MPLS MultiProtocol Label Switching networking technology that routes traffic using the shortest path based on labels
MSA Measurement Systems Analysis a tool used to determine a selected measurement systems' accuracy
MS-CHAP Microsoft Challenge Handshake Authentication Protocol challenge and response authentication method that PPP servers use to verify the identity of a remote user
MSP Managed Service Provider delivers services via ongoing and regular support and active administration on customers' premises, MSP's data center, or third party data center
MSSP Managed Security Service Provider offers network security services to an organization
MTBF Mean Time Between Failures what is broken is repaired (total hrs of operation)/(# of failures)
MTTF Mean Time To Failure what is broken is replaced (total hrs of operation)/(total # assets)
MTTR Mean Time To Repair (total reactive maintenance time)/(# of reactive maintenance actions) [during a given time period]
MTU Maximum Transmission Unit a measurement in bytes of the largest data packets that an internet connected device can accept
NAC Network Access Control the process of restricting unauthorized users and devices from gaining access to a corporate or private network
NAS Network-Attached Storage a file-dedicated storage device that makes data continuously available for employees to collaborate effectively over a network
NAT Network Address Translation translating private IP addresses to public, and vice versa
NDA Non-Disclosure Agreement
NFC Near Field Communication technology that enables 2 devices to exchange data when in close proximity
NFV Network Function Virtualization the replacement of network appliance hardware with VMs
NGFW Next-Generation FireWall operates on all 7 layers of OSI model stateful inspection of network traffic
NG-SWG Next Generation Secure Web Gateway cloud-based security solution similar to a firewall, but used with a firewall inspects apps, not packets
NIC Network Interface Card
NIDS Network-based Intrusion Detection System monitors and detects malicious activity on a network
NIPS Network-based Intrusion Prevention System monitors, detects, and prevents malicious activity on a network
NIST National Institute of Standards and Technology helps businesses better understand, manage, and reduce their cybersecurity risk and protect networks and data
NOC Network Operations Center responsible for maintaining a company's computer system's technical infrastructure
NTFS New Technology File System Windows process used for storing, organizing, and finding files on a hard disk efficiently
NTLM New Technology LAN Manager challenge-response authentication protocol used to authenticate a client to a resource on an AD domain
NTP Network Time Protocol used to synchronize with computer clock time sources in a network
OCSP Online Certificate Status Protocol alternative to CRL to check the validity of a certificate
OID Object IDentifier a globally unique identifier of a data object
OS Operating System
OSI Open Systems Interconnection model of layers 1-7
OSINT Open Source INTelligence
OSPF Open Shortest Path First
OT Operational Technology use of hardware and software to monitor and control physical processes, devices, and infrastructure
OTA Over-The-Air refers to the distribution of information wirelessly
Show full summary Hide full summary

Similar

CCNA Security 210-260 IINS - Exam 3
Mike M
Application of technology in learning
Jeff Wall
Innovative Uses of Technology
John Marttila
Ch1 - The nature of IT Projects
mauricio5509
The Internet
Gee_0599
CCNA Answers – CCNA Exam
Abdul Demir
SQL Quiz
R M
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
System Analysis
R A
Flash Cards Networks
JJ Pro Wrestler
EDUC260- Multimodal Literacies for a Digital Age
angelwoo2002