Sec+ Acronyms

AAA

Authentication, Authorization, and Accounting

ACL

Access Control List

AES

Advanced Encryption Standard

AH

Authentication Header (IPSec)

APT

Advanced Persistent Threat

ARP

Address Resolution Protocol

ASLR

Address Space Layout Randomization

BCP

Business Continuity Planning

BIA

Business Impact Analysis

BIOS

Basic Input/Output System

BYOD

Bring Your Own Device

CAC

Common Access Card

CAPTCHA

Completely Automated Public Turing Test to Tell Computers and Humans Apart

CBC

Cipher Block Chaining

CCMP

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol

CCTV

Closed-Circuit Television

CHAP

Challenge Handshake Authentication Protocol

CIA

Confidentiality, Integrity, Availability

CIRT

Computer Incident Response Team

CISO

Chief Information Security Officer

CSRF

Cross-Site Request Forgery

CSP

Cloud Service Provider

CSR

Certificate Signing Request

CTF

Capture The Flag (Security Challenges)

CVSS

Common Vulnerability Scoring System

DAC

Discretionary Access Control

DDoS

Distributed Denial of Service

DEP

Data Execution Prevention

DES

Data Encryption Standard

DHCP

Dynamic Host Configuration Protocol

DLP

Data Loss Prevention

DMZ

Demilitarized Zone

DNS

Domain Name System

DoS

Denial of Service

DRP

Disaster Recovery Plan

DSA

Digital Signature Algorithm

DSS

Digital Signature Standard

EAP

Extensible Authentication Protocol

EDR

Endpoint Detection and Response

EFS

Encrypting File System

EMS

Enterprise Mobility Suite

ERP

Enterprise Resource Planning

FAR

False Acceptance Rate

FDE

Full Disk Encryption

FIM

File Integrity Monitoring

FTP

File Transfer Protocol

GPO

Group Policy Object

GPS

Global Positioning System

GRC

Governance, Risk, and Compliance

HIDS

Host-Based Intrusion Detection System

HMAC

Hash-Based Message Authentication Code

HOTP

HMAC-based One-Time Password

HTTPS

Hypertext Transfer Protocol Secure

IAM

Identity and Access Management

ICMP

Internet Control Message Protocol

IDS

Intrusion Detection System

IEC

International Electrotechnical Commission

IKE

Internet Key Exchange

IoT

Internet of Things

IPSec

Internet Protocol Security

IPv4

Internet Protocol version 4

IPv6

Internet Protocol version 6

JIT

Just In Time

JWT

JSON Web Token

KDC

Key Distribution Center

KPI

Key Performance Indicator

LAN

Local Area Network

LDAP

Lightweight Directory Access Protocol

LFI

Local File Inclusion

LKM

Loadable Kernel Module

LOLBINs

Living Off the Land Binaries

MAC

Media Access Control / Mandatory Access Control

MD5

Message Digest 5

MITM

Man In The Middle

MSSP

Managed Security Services Provider

MFA

Multi-Factor Authentication

MPLS

Multi-Protocol Label Switching

NAC

Network Access Control

NAT

Network Address Translation

NIDS

Network Intrusion Detection System

NIST

National Institute of Standards and Technology

NTFS

New Technology File System

OAuth

Open Authorization

OCSP

Online Certificate Status Protocol

OSINT

Open Source Intelligence

OTP

One-Time Password

P2P

Peer-to-Peer

PBKDF2

Password-Based Key Derivation Function 2

PCI-DSS

Payment Card Industry Data Security Standard

PEAP

Protected Extensible Authentication Protocol

PKI

Public Key Infrastructure

PIV

Personal Identity Verification

PoLP

Principle of Least Privilege

PT

Penetration Testing

PSA

Public Service Announcement

PTA

Privacy Threshold Assessment

QoS

Quality of Service

RADIUS

Remote Authentication Dial-In User Service

RAID

Redundant Array of Independent Disks

RBAC

Role-Based Access Control