Comptia sec+ SY0-701 Acronyms

with def and examples

3DES

• Utilizes three 56-bit keys

• Encrypts data with the first key, decrypts with the second key, and encrypts again with the third key

• Provides 112-bit key strength but is slower than DES

AAA

Authentication, authorization, and accounting

ACL

(access control list)-

Rule sets on network devices (firewalls, routers) to permit or deny traffic- Primarily used for network security to control data flow into and out of networks, Most specific rules at top and deny all at end 

AES 

Advanced Encryption Standard (AES): - A symmetric encryption standard that replaced DES and 3DES as the US government's encryption standard. - Supports key lengths and block sizes of 128128-bit, 192192-bit, or 256256-bit. - Widely adopted and considered the encryption standard for sensitive data.

AH

authentication header

AI

Artificial intelligence

AIS

Automated indicator sharing

ALE

(Annualized loss expectancy) Expected annual loss from a risk

ALE=SLE x ARO

AP

Access point

API

Application programming interface

APT

(Advanced persistent threat)

term that used to be used synonymously with a nation-state actor because of their long-term persistence and stealth

A prolonged and targeted cyberattack in which an intruder gains unauthorized access to a network and remains undetected for an extended period while trying to steal data or monitor network activities rather than cause immediate damage

ARO

(annualized rate occurrence)

Estimated frequency of threat occurrence within a year Provides a yearly probability

ARP

Addressed resolution protocol

ASLR

■ Address Space Layout Randomization (ASLR)

Mitigations against Buffer Overflow Attack

● Helps prevent attackers from guessing return pointer addresses

● Randomizes memory addresses used by well-known programs, making it

harder to predict the location of the attacker's code

ATT&CK 

Adversarial Tactics techniques and common knowledge 

AUP

(acceptable use policy) 

Document that outlines the do's and don'ts for users when interacting with an organization's IT systems and resources

• Defines appropriate and prohibited use of IT systems/resources

• Aims to protect organizations from legal issues and security threats

AV

antivirus, operates at layer 7, application layer

BASH

Bourne again shell

BCP

(business continuity plan )

• Ensures operations continue during and after disruptions

• Focuses on critical operation continuation and quick recovery

• Includes strategies for power outages, hardware failures, and disasters

BGP

Border Gateway Protocol

BIA

(business impact analysis)  Evaluates disruption effects

• Identifies/prioritizes critical functions

• Assesses risks & recovery needs

Key Metrics:

• RTO: Max downtime allowed; target recovery time

• RPO: Max data loss allowed (time); restore point

• MTTR: Avg repair time; shows downtime speed

• MTBF: Avg time between failures; reliability measure

BIOS

Basic input/output system

BPA

(business practice agreement)

●  Goes beyond basic contracts when two entities collaborate

• ●  Outlines partnership nature, profit-sharing, decision-making, and exit

  strategies

• ●  Defines ownership of intellectual property and revenue distribution

BPDU

Bridge protocol data unit

BYOD

(Bring Your Own Device)

• ●  Employees use personal devices for work

• ●  Cost-effective for employers

• ●  Drawbacks include reduced control over security and device management

CA

Certificate authority

• ●  Trusted third party that issues digital certificates

• ●  Certificates contain Certificate authority information and digital signature

• ●  Validates and manages certificates

CAPTCHA

Helps you tell humans apart from computers

CAR

Corrective action report

CASB

Cloud access security broker

CBC

Cipher Block Chaining (CBC):

Uses AES (Advanced Encryption Standard) with CCMP (Counter Mode with CBC-MAC) for stronger encryption and authentication.

CCMP

Counter Mode with CBC-MAC

Uses AES (Advanced Encryption Standard) with CCMP (Counter Mode with CBC-MAC) for stronger encryption and authentication.

CCTV

Cameras, physical security type

• ●  Best places to have cameras

  • ○  Data center

  • ○  Telecommunications closets

  • ○  Entrance or exit areas

• ●  Cameras should be configured to record what they’re observing

CERT

Computer emergency response team

• Group that handles computer security incidents

• Provides incident response, analysis, and coordination during cyberattacks

CFB

Cipher Feedback

CHAP

Challenge handshake authentication protocol

• Used for remote access authentication

• More secure than PAP (doesn’t send passwords in cleartext)

• Uses a challenge-response mechanism with hashing

CIA

Confidentiality integrity availability

Confidentiality- encryption 

Integrity- Hashing, Digital signatures

Availability- redundancy 

CIO

Chief Information officer 

CIRT

Computer incident response team

CMS

Content management system

COOP

Continuity of operation planning

• Ensures an organization's ability to recover from disruptive events or disasters

• Requires detailed planning and forethought

COPE

Corporate owned personally enabled

• ●  The company provides devices for employees

• ●  Greater control over security and standards

• ●  Higher initial investment

• ●  Employees may have privacy concerns or need to carry two devices

CP

Contingency planning

CRC

Cyclical redundancy check

CRL

Certificate revocation list

• ●  Maintained by CAs

• ●  List of all digital certificates that the certificate authority has already revoked
  ● Checked before validating a certificate
  

CSO

Chief security officer

• Senior executive responsible for an organization’s security

• Covers physical security + cybersecurity

• Focus: protecting people, assets, data, and infrastructure

CSP

Cloud service provider

CSR

Certificate signing request

• ●  A block of encoded text with information about the entity requesting the

  certificate

• ●  Includes the public key

• ●  Submitted to CA for certificate issuance

• ●  Private key remains secure with the requester

CSRF

cross-site request forgery

● Triggers actions on different websites without user consent

CSU

Channel service Unit

CTM

Counter mode

CTO

Chief technology officer

CVE

• (Common Vulnerabilities and Exposures)

  • ●  System that provides a standardized way to uniquely identify and

    reference known vulnerabilities in software and hardware

  • ●  Provides solutions and mitigation strategies

  • ●  Help assess security and prioritize vulnerability fixes

CVSS

Common Vulnerability Scoring System

• Used to provide a numerical score reflecting the severity of a vulnerability (0 to 10)

• Scores are used to categorize vulnerabilities as none, low, medium, high, or critical

• Scores assist in prioritizing remediation efforts but do not account for existing mitigations

CYOD

• (Choose Your Own Device)

  • ●  Employees select devices from a company-approved list

  • ●  Balance between employee choice and organizational control

  • ●  Similar drawbacks to COPE in terms of initial cost and potential privacy

    concerns

DAC

• Discretionary Access Control

  • ●  Resource owners specify which users can access their resources

  • ●  Access control based on user identity, profile, or role

  • ●  Allows resource owners to grant access to specific users

DBA

Database administrator

DDOS

Distributed Denial of Service Attacks

● Attempting to overwhelm the victim's systems or networks so that they cannot be accessed by the organization's legitimate users

different IPs going all to the same secs apart IP to overwhelm server

DEP

Data execution prevention 

DES

• Data Encryption Standard)

• Symmetric encryption 

  • Uses a 64-bit key (56 effective bits due to parity)

  • Encrypts data in 64-bit blocks through 16 rounds of transposition and

    substitution

  • Widely used from the 1970s to the early 2000s

DHCP

Dynamic Host Configuration Protocol

• Automatically assigns IP addresses, subnet masks, default gateways, and DNS info to devices on a network

• Runs on UDP ports 67 (server) and 68 (client)

DHE

Diffie-Hellman 

Symmetric Encryption 

• ●  Used for key exchange and secure key distribution

• ●  Vulnerable to man-in-the-middle attacks, requires authentication

• ●  Commonly used in VPN tunnel establishment (IPSec)

DKIM

• DomainKeys Identified Mail

  • ●  Allows the receiver to verify the source and integrity of an email by adding a digital signature to the email headers

  • ●  Benefits

    • ○  Email authentication

    • ○  Protection against email spoofing

    • ○  Improved email deliverability

    • ○  Enhanced reputation score

DLL

Dynamic link library

DLP

Data Loss Prevention
■ Strategy to prevent sensitive information from leaving an organization

DMARC

(Domain-based Message Authentication, Reporting and Conformance)

• ●  DMARC detects and prevents email spoofing by setting policies for email

  sending and handling failures

DNAT

destination network address translation

DNS

Domain name server

DOS

denial of service

Used to describe an attack that attempts to make a computer or server’s resources unavailable

Same IP to Same IP only first part of the three way handshake 

DPO

Data privacy officer 

DRP

disaster recovery plan

• ●  Focuses on plans and processes for disaster response

• ●  Subset of the BC Plan

• ●  Focuses on faster recovery after disasters

• ●  Addresses specific events like hurricanes, fires, or floods

DSA

Digital signature algorithm

DSL

Digital subscriber line

EAP

• (Extensible Authentication Protocol)

  • ●  Authentication framework supporting multiple methods

EAP-TTLS 

(Extensible Authentication Protocol-Tunneled Transport Layer Security)

• ●  Extends TLS support across platforms

• ●  Requires server-side certificates for security

EAP-FAST 

(Extensible Authentication Protocol-Flexible Authentication via SecureTunneling)

● Developed by Cisco Systems for secure re-authentication

● Uses a Protected Access Credential and TLS tunnel

ECB

Electronic code book

ECC

Elliptic Curve Cryptography

Asymmetric encryption 

• ●  Efficient and secure, uses algebraic structure of elliptical curves

• ●  Commonly used in mobile devices and low-power computing

• ●  Six times more efficient than RSA for equivalent security

• ●  Variants include

• ○  ECDH (Elliptic Curve Diffie-Hellman)

• ○  ECDHE (Elliptic Curve Diffie-Hellman Ephemeral)

• ○  ECDSA (Elliptic Curve Digital Signature Algorithm)

EDR

Endpoint detection response

• ●  Continuous monitoring of endpoint devices

• ●  Identifying, investigating, and preventing cyber threats

EFS

encrypted file system

ERP

enterprise resource planning

ESN

Electronic serial number

ESP

Encapsulated security payload

FACL

File system access control

FDE

Full disk encryption

Encrypts the entire hard drive

FIM

File integrity management 

• Validates the integrity of operating system and application software files by

  comparing their current state with a known, good baseline

• Identifies changes to

  • ●  Binary files

  • ●  System and Application Files

  • ●  Configuration and Parameter Files

• Monitors critical system files for changes using agents and hash digests, triggering alerts when unauthorized changes occur

FPGA

Field Programmable Gate Array

FRR

False rejection rate

○ Denies access to an authorized user.

Increasing sensitivity can increase FRR

FTP

FTP (File Transfer Protocol) - TCP

port 21

FTPS

• File Transfer Protocol Secure

• Extension of FTP that adds encryption via SSL/TLS

• Secures authentication and data transfers

GCM

Galois counter mode

An encryption mode for block ciphers (like AES)

GDPR

general data protection regulation

• Protects EU citizens' data within EU and EEA borders

• Compliance required regardless of data location

• Non-compliance leads to significant fines

GPG

Gnu privacy guard

GPO

Group policy object

Used to harden the operating system and establish secure baselines

GPS

Used to find location

GPU

Specialized processor for handling graphics and parallel computations

GRE

Generic routing encapsulation

HA

High availability

●  Achieved through load balancing, clustering, redundancy, and multi-cloud

strategies

HDD

Hard Disk drive

HIDS

Host based intrusion Detection system

Looks at suspicious network traffic going to or from a single or endpoint

HIPS

Host based intrusion prevention system