Sec+ Acronyms + Definitions

AAA

Authentication, Authorization, and Accounting – A security framework that controls access to resources, verifies identity, and logs activity.

ACL

Access Control List – A list of rules that define permissions for accessing network resources.

AES

Advanced Encryption Standard – A symmetric encryption algorithm widely used for secure data encryption.

AH

Authentication Header – A component of IPSec that ensures integrity and authenticity of packets.

APT

Advanced Persistent Threat – A prolonged cyberattack where an attacker gains undetected access to a network.

ARP

Address Resolution Protocol – A protocol that maps IP addresses to MAC addresses.

ASLR

Address Space Layout Randomization – A security technique that randomizes memory addresses to prevent exploitation.

BCP

Business Continuity Planning – A strategy for maintaining operations during disruptions.

BIA

Business Impact Analysis – Identifies critical business functions and potential impacts of disruptions.

BIOS

Basic Input/Output System – Firmware that initializes hardware before the OS loads.

BYOD

Bring Your Own Device – A policy allowing employees to use personal devices at work.

CAC

Common Access Card – A smart card used for authentication in government networks.

CAPTCHA

Completely Automated Public Turing Test to Tell Computers and Humans Apart – A test to differentiate humans from bots.

CBC

Cipher Block Chaining – A mode of encryption that uses the previous ciphertext block for encryption.

CCMP

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol – A security protocol used in WPA2 for wireless encryption.

CCTV

Closed-Circuit Television – A video surveillance system used for security monitoring.

CHAP

Challenge Handshake Authentication Protocol – A protocol that verifies user identity through challenge-response authentication.

CIA

Confidentiality, Integrity, Availability – The core principles of cybersecurity.

CIRT

Computer Incident Response Team – A team that responds to security incidents.

CISO

Chief Information Security Officer – An executive responsible for an organization’s security strategy.

CSRF

Cross-Site Request Forgery – A web attack where an attacker tricks a user into making unauthorized requests.

CSP

Cloud Service Provider – A company that offers cloud-based services like storage, computing, and networking.

CSR

Certificate Signing Request – A request sent to a certificate authority to obtain a digital certificate.

CTF

Capture The Flag – A cybersecurity competition that challenges participants to solve security-related tasks.

CVSS

Common Vulnerability Scoring System – A standardized system for assessing the severity of security vulnerabilities.

DAC

Discretionary Access Control – A security model where owners set access permissions.

DDoS

Distributed Denial of Service – An attack that overwhelms a system with traffic.

DEP

Data Execution Prevention – A security feature that prevents code execution in certain memory areas.

DES

Data Encryption Standard – An outdated encryption algorithm replaced by AES.

DHCP

Dynamic Host Configuration Protocol – Assigns IP addresses to devices on a network.

DLP

Data Loss Prevention – A strategy to prevent unauthorized data transfers.

DMZ

Demilitarized Zone – A network segment that isolates public-facing services from an internal network.

DNS

Domain Name System – Translates domain names into IP addresses.

DoS

Denial of Service – An attack that disrupts system availability.

DRP

Disaster Recovery Plan – A plan to restore IT systems after a disaster.

DSA

Digital Signature Algorithm – A cryptographic algorithm used for digital signatures.

DSS

Digital Signature Standard – A federal standard for digital signatures.

EAP

Extensible Authentication Protocol – A framework that supports various authentication methods like passwords, biometrics, and certificates.

EDR

Endpoint Detection and Response – A security solution focused on detecting and responding to threats on devices like computers and smartphones.

EFS

Encrypting File System – A Windows feature for encrypting files on a computer.

EMS

Enterprise Mobility Suite – A suite of tools for managing mobile devices, apps, and data in an enterprise environment.

ERP

Enterprise Resource Planning – Software used to manage and automate core business processes.

FAR

False Acceptance Rate – The rate at which unauthorized users are incorrectly granted access in biometric systems.

FDE

Full Disk Encryption – The process of encrypting an entire disk to protect data at rest.

FIM

File Integrity Monitoring – A security process that checks for unauthorized changes to files.

FTP

File Transfer Protocol – A protocol for transferring files over a network.

GPO

Group Policy Object – A feature in Windows that defines user and computer configurations.

GPS

Global Positioning System – A satellite-based navigation system.

GRC

Governance, Risk, and Compliance – A framework for managing governance, risk, and compliance requirements in an organization.

HIDS

Host-Based Intrusion Detection System – A security system that monitors and analyzes the activity of a single host to detect suspicious behavior.

HMAC

Hash-Based Message Authentication Code – A mechanism for ensuring the integrity and authenticity of a message using a cryptographic hash function.

HOTP

HMAC-based One-Time Password – A one-time password algorithm based on HMAC.

HTTPS

Hypertext Transfer Protocol Secure – A secure version of HTTP that uses encryption (SSL/TLS) to protect data exchanged between a web server and client.

IAM

Identity and Access Management – A framework for managing digital identities and controlling access to resources.

ICMP

Internet Control Message Protocol – A protocol used for sending control messages, such as error reports and diagnostics, over an IP network.

IDS

Intrusion Detection System – A system that monitors network traffic for signs of malicious activity.

IEC

International Electrotechnical Commission – An international organization that develops standards for electrical, electronic, and related technologies.

IKE

Internet Key Exchange – A protocol used to set up a security association (SA) in the IPSec protocol suite.

IoT

Internet of Things – A network of physical devices that communicate and exchange data with each other over the internet.

IPSec

Internet Protocol Security – A suite of protocols used to secure network traffic through encryption and authentication.

IPv4

Internet Protocol version 4 – The fourth version of IP, widely used for assigning IP addresses.

IPv6

Internet Protocol version 6 – The latest version of IP that uses a larger address space than IPv4.

JIT

Just In Time – A software development and manufacturing approach that minimizes inventory and delays by producing items only when they are needed.

JWT

JSON Web Token – A compact, URL-safe token used to securely transmit information between parties as a JSON object.

KDC

Key Distribution Center – A server that manages keys for secure communication in Kerberos authentication.

KPI

Key Performance Indicator – A measurable value used to assess the success of an organization or project.

LAN

Local Area Network – A network that connects devices within a limited area, such as a home or office.

LDAP

Lightweight Directory Access Protocol – A protocol used to access and manage directory services, such as contact information in an organization.

LFI

Local File Inclusion – A vulnerability that allows attackers to include files from the local server on a website, leading to potential code execution.

LKM

Loadable Kernel Module – A piece of code that can be loaded into the kernel to add functionality to an operating system.

LOLBINs

Living Off the Land Binaries – Legitimate tools or software used maliciously for an attack.

MAC

Media Access Control / Mandatory Access Control – Media Access Control: A unique identifier for network interfaces. Mandatory Access Control: A security model that restricts access to resources based on predefined policies.

MD5

Message Digest 5 – A widely used cryptographic hash function, though considered insecure due to vulnerability to collisions.

MITM

Man In The Middle – An attack where an attacker intercepts and potentially alters communications between two parties.

MSSP

Managed Security Services Provider – A company that provides outsourced monitoring and management of security systems.

MFA

Multi-Factor Authentication – A security process where users provide two or more verification factors to gain access to a resource.

MPLS

Multi-Protocol Label Switching – A method for routing data in high-performance networks using labels instead of traditional IP routing.

NAC

Network Access Control – A security approach that regulates access to a network based on predefined policies.

NAT

Network Address Translation – A method used to modify IP address information in packet headers for routing purposes.

NIDS

Network Intrusion Detection System – A system that monitors network traffic for signs of malicious activity.

NIST

National Institute of Standards and Technology – A federal agency that develops standards and guidelines for cybersecurity.

NTFS

New Technology File System – A file system used by Windows operating systems to manage files on a disk.

OAuth

Open Authorization – An open standard for access delegation that allows users to grant third-party applications access to their resources without sharing passwords.

OCSP

Online Certificate Status Protocol – A protocol used to check the revocation status of an X.509 digital certificate in real-time.

OSINT

Open Source Intelligence – Intelligence gathered from publicly available sources, such as websites, social media, and public records.

OTP

One-Time Password – A password that is valid for only one login session or transaction, used for secure authentication.

P2P

Peer-to-Peer – A decentralized network model where each participant (peer) acts as both a client and server.

PBKDF2

Password-Based Key Derivation Function 2 – A cryptographic algorithm used to derive secure keys from a password, commonly used for password hashing.

PCI-DSS

Payment Card Industry Data Security Standard – A set of security standards designed to ensure that organizations handling card payments protect cardholder data.

PEAP

Protected Extensible Authentication Protocol – A secure method of authenticating wireless clients that encapsulates EAP within a TLS tunnel.

PKI

Public Key Infrastructure – A framework for managing digital keys and certificates for secure communications.

PIV

Personal Identity Verification – A federal government ID card used for identity verification and access control.

PoLP

Principle of Least Privilege – A security concept that ensures users and systems are only granted the minimum permissions necessary for their tasks.

PT

Penetration Testing – The practice of testing a system's security by simulating attacks to identify vulnerabilities.

PSA

Public Service Announcement – A message issued to inform the public about important matters.

PTA

Privacy Threshold Assessment – A process used to determine whether a system or project collects or uses personal data that requires protection.

QoS

Quality of Service – A set of techniques used to manage network resources and prioritize traffic to ensure high-quality service.

RADIUS

Remote Authentication Dial-In User Service – A protocol for authentication, authorization, and accounting for remote network access.

RAID

Redundant Array of Independent Disks – A technology used to combine multiple disk drives into a single unit for redundancy, performance, or both.

RBAC

Role-Based Access Control – A model for restricting access to resources based on users' roles within an organization.