CompTIA Security+ SY0-701 Acronym List Review

A comprehensive set of flashcards covering essential acronyms and their definitions from the CompTIA Security+ SY0-701 exam objectives.

2FA

Two-factor Authentication

3DES

Triple Data Encryption Standard: Is an encryption standard that applies the DES cipher algorithm three times to each data block for more effective key length.

AAA

Authentication, Authorization, and Accounting

ACL

Access Control List

AES

Advanced Encryption Standard: A highly trusted encryption algorithm used to secure data by converting it into an unreadable format without the proper key. It is developed by the National Institute of Standards and Technology (NIST) in 2001.

AH

Authentication Header: An IPsec protocol that ensures data integrity and origin authentication for network packets without encryption. It adds a cryptographic hash to packets, protecting them from tampering and replay attacks.

AI

Artificial Intelligence

ALE

Annualized Loss Expectancy: A quantitative risk assessment metric calculating the expected yearly financial loss from a specific threat, defined as ALE = SLE (Single Loss Expectancy) × ARO (Annual Rate of Occurrence).

AP

Access Point

API

Application Programming Interface: A set of rules and protocols that enables different software applications to communicate and exchange data with each other.

APT

Advanced Persistent Threat

ARO

Annualized Rate of Occurrence: A key metric in quantitative risk assessment that measures the estimated frequency a specific threat or loss event will occur within a single year.

ARP

Address Resolution Protocol: A fundamental network layer 2 protocol that maps dynamic IP addresses to physical Machine Access Control (MAC) addresses, enabling devices to communicate on a local area network (LAN).

ASLR

Address Space Layout Randomization: A security technique that randomizes the memory locations of key data areas—stack, heap, and libraries—each time a program runs.

ATT&CK

Adversarial Tactics, Techniques, and Common Knowledge: A globally accessible, comprehensive knowledge base of cyber adversary behavior based on real-world observations.

AUP

Acceptable Use Policy

AV

Antivirus

BASH

Bourne Again Shell: A widely used Unix shell and command-line interpreter (created in 1989 for the GNU Project) that serves as the default interface for interacting with Linux and macOS operating systems.

BCP

Business Continuity Planning: A proactive, documented strategy outlining how an organization will maintain essential functions during and after disruptions like cyber-attacks, natural disasters, or pandemics.

BGP

Border Gateway Protocol: The standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the internet.

BIA

Business Impact Analysis: A systematic process that identifies and evaluates the potential effects of disruptions to critical business operations, such as natural disasters, cyberattacks, or supply chain failures.

BIOS

Basic Input/Output System

BYOD

Bring Your Own Device

CA

Certificate Authority: A trusted, third-party entity within a Public Key Infrastructure (PKI) that issues, signs, and manages digital certificates. These certificates validate the identity of websites, users, or devices, enabling encrypted HTTPS connections and preventing malicious interceptions.

CAPTCHA

Completely Automated Public Turing Test to Tell Computers and Humans Apart

CAR

Corrective Action Report: A formal document used to identify, analyze, and eliminate the root causes of non-conformities, defects, or undesirable incidents to prevent their recurrence.

CASB

Cloud Access Security Broker: A security policy enforcement point placed between cloud users and cloud service providers to secure data, manage risk, and ensure compliance.

CBC

Cipher Block Chaining: A symmetric block cipher mode of operation that enhances security by XORing each plaintext block with the previous ciphertext block before encryption.

CCTV

Closed-circuit Television

CERT

Computer Emergency Response Team

CFB

Cipher Feedback

CHAP

Challenge Handshake Authentication Protocol: A secure, three-way handshake method used by servers to verify the identity of a client (peer) without sending passwords in plain text.

CIA

Confidentiality, Integrity, Availability

CIO

Chief Information Officer

CIRT

Computer Incident Response Team

CMS

Content Management System: Software that enables users to create, manage, edit, and publish digital content on websites without requiring advanced coding or technical knowledge.

COBO

Corporate-owned, Business-only: Companies provide and manage their own devices for business purposes.

COOP

Continuity of Operation Planning

COPE

Corporate Owned, Personally Enabled: A device management model where companies provide smartphones or laptops for work, allowing employees limited personal use.

CP

Contingency Planning

CRC

Cyclical Redundancy Check

CRL

Certificate Revocation List

CSO

Chief Security Officer

CSP

Cloud Service Provider

CSRF

Cross-site Request Forgery: A web security vulnerability where an attacker tricks an authenticated user's browser into performing unwanted, unauthorized actions on a trusted website without their consent. It exploits automatic cookie submission to change state (e.g., passwords, funds).

CSU

Channel Service Unit: A digital interface device that connects a customer’s terminal equipment (e.g., routers) to a digital telephone line, such as a T1 or E1 line.

CTO

Chief Technology Officer

CVE

Common Vulnerability Enumeration: A community-driven MITRE Corporation maintained taxonomy that categorizes software and hardware security flaws.

CVSS

Common Vulnerability Scoring System: Ranks risks from None (0.0) to Critical (9.0–10.0), aiding in patch prioritization. The scale typically uses Low (0.1–3.9), Medium (4.0–6.9), and High (7.0–8.9) categories.

DAC

Discretionary Access Control: An access security policy where the owner of a resource (file, directory, or object) has full authority to determine who can access it and what privileges (read, write, execute) they have.

DDoS

Distributed Denial of Service

DEP

Data Execution Prevention: A system-level security feature in Windows (since XP SP2) that prevents malicious code from running in designated non-executable memory regions, such as the stack or heap.

DES

Digital Encryption Standard: A retired, symmetric-key block cipher developed by IBM in the early 1970s and adopted in 1977 to protect unclassified government data.

DHCP

Dynamic Host Configuration Protocol

DHE

Diffie-Hellman Ephemeral

DKIM

DomainKeys Identified Mail

DLL

Dynamic Link Library

DLP

Data Loss Prevention

DMARC

Domain Message Authentication Reporting and Conformance

DNS

Domain Name System

DNSSEC

Domain Name System Security Extensions

DoS

Denial of Service

DPO

Data Privacy Officer

DRP

Disaster Recovery Plan

DSA

Digital Signature Algorithm

DSL

Digital Subscriber Line

EAP

Extensible Authentication Protocol

ECB

Electronic Code Book

ECC

Elliptic Curve Cryptography

ECDHE

Elliptic Curve Diffie-Hellman Ephemeral

ECDSA

Elliptic Curve Digital Signature Algorithm

EDR

Endpoint Detection and Response

EFS

Encrypted File System

ERP

Enterprise Resource Planning

GPG

Gnu Privacy Guard

GPO

Group Policy Object

GPS

Global Positioning System

GPU

Graphics Processing Unit

GRE

Generic Routing Encapsulation

HA

High Availability

HIDS

Host-based Intrusion Detection System

HIPS

Host-based Intrusion Prevention System

HMAC

Hashed Message Authentication Code

HOTP

HMAC-based One-time Password

HSM

Hardware Security Module

HTTP

Hypertext Transfer Protocol

HTTPS

Hypertext Transfer Protocol Secure

IAS

Infrastructure as a Service

IoT

Internet of Things

IP

Internet Protocol

ISO

International Standards Organization

ISP

Internet Service Provider

MD5

Message Digest 5

MDF

Main Distribution Frame

MDM

Mobile Device Management

MFA

Multifactor Authentication

MFD

Multifunction Device

MFP

Multifunction Printer

ML

Machine Learning

MMS

Multimedia Message Service