CompTia Security+ Acronyms

AAA

Authentication, Authorization, Accounting (AAA) are the steps in user validation for a system

ACL

Access Control List (ACL) defines permissions for users or systems based on criteria such as IP address or user identity

Ex: a firewall ACL blocking traffic from suspicious IPs

AES

Advanced Encryption Standard (AES) uses symmetric keys to protect data by transforming it into an unreadable format

AH

Authentication Header (AH) provides data integrity for IP packets by ensuring the data hasn’t been altered by verifying the sender’s identity. Does NOT encrypt the content

Ex: AH is used in secure VPN connections to validate packet authenticity

AI

Artificial Intelligence (AI) is the simulation of human intelligence in machines

AIS

Automated Indicator Sharing (AIS) is a system that enables the automated exchange of cyber threat indicators, IP addresses, file hashes, etc, between organizations and government entities

ALE

Annualized Loss Expectancy (ALE) is a risk management metric used to calculate the financial loss an organization could face due to a risk over a given year. Formula is Annual Rate of Occurrence (ARO) * Single Loss Expectancy (SLE)

AP

Access Point (AP) is a device allowing wireless devices to connect to a wired network using Wi-Fi.

API

Application Programming Interface (API) is a set of rules and protocols that allow different software applications to communicate with each other

APT

Advanced Persistent Threat (APT) refers to a prolonged cyberattack where the attacker gains access to the network and remains undetected for an extended period of time

ARO

Annualized Rate of Occurrence (ARO) is a risk management metric that estimates how often a specific risk or threat is expected to occur in a year which helps calculate ALE
Ex: If a network outage is expected to happen 3 times per year, the ARO would be 3

ARP

Address Resolution Protocol (ARP) is a network protocol used to map a device’s IP address to its physical MAC address on a local network.

ASLR

Address Space Layout Randomization (ASLR) is a security technique used to randomize the memory addresses used by system and application processes to protect against buffer overflow attacks.

ATT&CK

Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a comprehensive knowledge base used by cybersecurity professionals to describe the actions and behaviors of cyber adversaries.

AUP

Acceptable Use Policy (AUP) is a set of rules and guidelines created by an organization to define acceptable and unacceptable behavior when using its network, devices, or online services

AV

Antivirus (AV) is software designed to counteract the effects of malware

BASH

Bourne Again Shell (BASH) a command-line interface and scripting language for Unix-based operating systems such as Linux and mac.

BCP

Business Continuity Planning (BCP) is a strategy and set of procedures designed to ensure that an organization can continue operating during and after a security incident

BIA

Business Impact Analysis (BIA) is a process used to identify and evaluate the potential effects of disruptions to an organization’s critical operations

BIOS

Basic Input/Output System (BIOS) is firmware embedded in a computer’s motherboard that initializes hardware components during the boot-up process and provides an interface between the operating system and the hardware.

BPA

Business Partners Agreement (BPA) is a formal contract between two or more organizations that outlines the terms and conditions of their business relationship

BPDU

Bridge Protocol Data Unit (BPDU) is used by the Spanning Tree Protocol to help network switches communicate and decide the best paths for data to travel, preventing network loops by determining the root bridge and other important topology details

CA

Certificate Authority (CA) is an organization or entity that issues digital certificates to verify the ownership of public keys

CAPTCHA

Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA). (its in the name bro)

CAR

Corrective Action Report (CAR) is a document used to identify and resolve issues within a process, system, or product

CASB

Cloud Access Security Broker (CASB) is a security solution that sits between users and cloud service providers to monitor and enforce security policies

CBC

Cipher Block Chaining (CBC) encrypts data in fixed-size blocks, where each block is XORed with the ciphertext of the previous block before being encrypted.

CCMP

Counter Mode/CBC-MAC Protocol (CCMP) is the mandatory encryption mechanism for WPA2 wireless security. It is based on the AES algorithm

CCTV

Closed-circuit Television (CCTV) is a video surveillance system using cameras to transmit video signals to a specific set of monitors or recording devices

CERT

Computer Emergency Response Team (CERT) is a group of experts responsible for handling and responding to cybersecurity incidents specific to a broad group

CIA

Confidentiality Integrity Availability

CIO

Chief Information Officer (CIO) is an executive responsible for overseeing and managing an organization’s information technology (IT) strategy and operations

CIRT

Computer Incident Response Team (CIRT) is a group of experts responsible for handling and responding to security incidents specific to a select group

CMS

Content Management System (CMS) is a software application that allows users to create, manage, and modify digital content on a website without requiring specialized technical knowledge. Wix is an example

COOP

Continuity of Operation Planning (COOP) is a strategy that ensures an organization can continue its critical functions during and after a disaster or disruption.

COPE

Corporate Owned, Personally Enabled (COPE) is a mobile device management policy where an organization provides employees with company-owned devices that they are allowed to use for both business and personal purposes

CP

Contingency Planning (CP) is the process of developing strategies and procedures to ensure that an organization can continue operating during and after specific, unexpected disruptions

CRC

Cyclical Redundancy Check (CRC) is an error-detecting code used to ensure the integrity of data during transmission or storage

CRL

Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the CA before their expiration date.

CSO

Chief Security Officer (CSO) is an executive responsible for overseeing and managing an organization’s security policies

CSP

Cloud Service Provider is a company or organization that offers cloud computing services

CSR

Certificate Signing Request (CSR) is a block of encoded text sent to a CA when applying for an SSL/TLS certificate

CSRF

Cross-site Request Forgery (CSRF) is a type of attack where a malicious actor tricks a user into making an unwanted request to a web application that the user is authenticated on.

CSU

Channel Service Unit (CSU) is a device used in telecommunication networks to connect a customer’s equipment to a digital circuit, typically a leased line or a digital subscriber line

CTM

Counter Mode (CTM) is a mode of operation for block ciphers in cryptography that turns a block cipher into a stream cipher

Ex: when using AES in CTM mode, a counter is incremented for each block of data, and the encrypted counter value is XORed with the plaintext to produce the ciphertext.

CTO

Chief Technology Officer (CTO) is an executive responsible for overseeing the technology strategy and operations within an organization

CVE

Common Vulnerability Enumeration (CVE) is a system that provides a standardized way of identifying and naming publicly known cybersecurity vulnerabilities and exposures

CVSS

Common Vulnerability Scoring System (CVSS) is a standardized framework used to assess the severity of security vulnerabilities in software or systems

CYOD

Choose Your Own Device (CYOD) is a policy where employees are allowed to select their own devices from a pre-approved list provided by the organization

DAC

Discretionary Access Control (DAC) is a type of access control policy where the owner of a resource has the discretion to decide who can access it and what actions they can perform. DAC can allow users to grant or revoke permissions to other groups, typically based on identity or role.

DBA

Database Administrator (DBA) is a professional responsible for managing, maintaining, and securing databases within an organization

DDOS

Distributed Denial of Service (DDOS) is a cyberattack in which multiple compromised systems are used to flood a target with massive amounts of traffic, overwhelming its resources

DEP

Data Execution Prevention (DEP) is a security feature that prevents code from being executed in certain regions of memory that are not designated for executable code.

DES

Digital Encryption Standard (DES) is a symmetric-key encryption algorithm that was widely used for securing data. It is deemed weak now due to advances in computational power for brute-force attacks

DHCP

Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to automatically assign IP addresses and other network configuration settings to devices on a network

DHE

Diffie-Hellman Ephemeral (DHE) is a key exchange algorithm used in cryptography to securely exchange cryptographic keys over a public channel by ensuring the generated keys are temporary and only used for a single session (as in the session ID)

DKIM

Domain Keys Identified Mail (DKIM) is an email authentication method that allows the sender to attach a cryptographic signature to an email message, which recipients can use to verify that the email came from the claimed domain and has not been tampered with during transmission

DLL

Dynamic Link Library (DLL) is a type of file that contains code and data that can be used by multiple programs simultaineously

DLP

Data Loss Prevention (DLP) is a set of technologies, policies, and practices designed to prevent sensitive data from being accessed, leaked, or misused by unauthorized users or systems.

DMARC

Domain Message Authentication Reporting and Conformance (DMARC) is an email authentication protocol that helps protect against email spoofing and phishing

DNAT

Destination Network Address Translation (DNAT) is a type of network address translation used to modify the destination IP address of packets as they pass through a router or firewall

DNS

Domain Name System (DNS) is a system that translates human-readable domain names into machine readable IP addresses that computers use to identify each other on a network

DOS

Denial of Service (DOS) is a type of cyberattack aimed at disrupting the availability of a system

DPO

Data Privacy Officer (DPO) is a role within an organization responsible for ensuring compliance with data protection laws and regulations, particularly with safeguarding personal data

DRP

Disaster Recovery Plan (DRP) is a set of procedures and policies designed to ensure that an organization can quickly recover an compromised systems in the event of a security incident

DSA

Digital Signature Algorithm (DSA) is a cryptographic algorithm used to generate digital signatures for the verification of digital documents, messages, or transactions

DSL

Digital Subscriber Line (DSL) is a high-speed internet connection technology that transmits data over traditional copper telephone lines

EAP

Extensible Authentication Protocol (EAP) is an authentication framework used in computer networks, allowing for multiple types of authentication methods such as with 802.1X authentication. It is commonly used in wireless networks.

ECB

Electronic Code Book (ECB) is a mode of operation for block ciphers in cryptography. In ECB mode, the data is divided into fixed-size blocks, and each block is encrypted independently using the same key which is fast but also opens many more security vulnerabilities

ECC

Elliptic Curve Cryptography (ECC) is a symmetric type of public key cryptography based on the algebraic structure of elliptic curves over finite fields. Works best in environments with limited resources.

ECDHE

Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) is an encryption algorithm used for secure key exchange in cryptographic protocols, such as TLS and allows two parties to establish a shared secret over an insecure channel without actually sending the secret itself

ECDSA

Elliptic Curve Digital Signature Algorithm (ECDSA) is a public key encryption algorithm used for digital signatures, based on elliptic curve cryptography, providing a way to verify the authenticity and integrity of a message or document

EFS

Encrypted File System (EFS) is a feature in Microsoft Windows that provides file-level encryption to protect sensitive data stored on a computer

ESN

Electronic Serial Number (ESN) is a unique identifier assigned to mobile devices by the manufacturer

ESP

Encapsulated Security Payload (ESP) is a protocol used in IPsec to provide confidentiality, authentication, and integrity for data transmitted over a network

FACL

File Access Control List (FACL) is a security feature that defines permission for files or directories specifying who can access the resources and what kind of actions they can perform

FDE

Full Disk Encryption (FDE) is a security method that encrypts all the data on a hard drive or storage device, ensuring that the entire disk is protected

Ex: BitLocker (Windows) and FileVault (macOs)

FPGA

Field Programmable Gate Array (FPGA) is a type of integrated circuit (IC) that can be programmed or configure after manufacturing to perform specific tasks

FRR

False Rejection Rate (FRR) is a metric used in biometric systems to measure the percentage of legitimate users who are incorrectly rejected by the system

FTPS

File Transfer Protocol Secure (FTPS) is an extension of the standard FTP protocol that adds support for encryption and secure connections by using SSL/TLS to encrypt data during transfer which ensures that both the control and data channels are secured

GCM

Galois Counter Mode (GCM) is a mode of operation for symmetric key cryptographic block ciphers that combines the counter mode (CTR) for encryption with a Galois mode, providing both data confidentiality and data integrity

GDPR

General Data Protection Regulation (GDPR) is a comprehensive data privacy and protection law enacted by the EU to strengthen and unify data protection for all individuals within the EU

GPG

Gnu Privacy Guard (GPG) is an open-source encryption tool used for securing communications, data, and files.

GPO

Group Policy Object (GPO) is a feature of Microsoft Windows operating systems used to manage and configure settings for users and computers in an Active Directory environment

GPS

Global Positioning System (GPS) is a satellite based navigation system that provides location and time information anywhere on Earth.

GPU

Graphics Processing Unit (bro you know this)

GRE

Generic Routing Encapsulation (GRE) is a tunneling protocol that allows for the transportation of data packets from one network over another network by creating a “virtual tunnel” between two endpoints

HA

High Availability (bro you know this)

HDD

Hard Disk Drive (bro you know this)

HIDS

Host-based Intrusion Detection System (HIDS) monitors a single device for suspicious activities or policy violations by analyzing logs, file changes, and system behavior

HIPS

Host-based Intrusion Prevention System is a security solution installed on individual devices that not only detects suspicious activities like a HIDS but also actively prevents potential threats by blocking malicious actions in real time

HOTP

HOTP (HMAC-based One-time Password) is a one-time password algorithm that generates unique, time-independent passwords based on a counter and a shared secret key. Each password is valid until it is used.

HSM

Hardware Security Module (HSM) is a physical device designed to manage, store, and protect cryptographic keys and perform encryption and decryption operations on large servers rather than an individual device

HTML

Hypertext Markup Language (bro you know this)

HTTP

Hypertext Transfer Protocol (HTTP) is a protocol used for transferring data between a web browser and a web server. Sends requests and receives responses in plaintext. Secure version using SSL/TLS is HTTPS (Hypertext Transfer Protocol Secure)

HVAC

Heating, Ventilation Air Conditioning (bro you know this)

Iaas

Infrastructure as a Service (IaaS) is a cloud computing model that provides virtualized computing resources over the internet without the need for on-premises hardware

IaC

Infrastructure as Code (IaC) is a practice in cloud computing where infrastructure is managed and provisioned using code, rather than manual processes

IAM

Identity and Access Management (IAM) is a framework that manages the identities of users and devices within an organization and controls their access to resources, ensuring that only authorized entities can access specific data or systems

ICMP

Internet Control Message Protocol (ICMP) is a network protocol used to send error messages and operational information about network communication.