Security+ Acronyms and Definitions

AAA (Authentication, Authorization, and Accounting)

a security framework that ensures only authorized individuals are able to access resources.

ABAC (Attribute Based Access Control)

evaluates attributes to determine the access.

ACL (Access Control List)

list of rules that specifies which users or systems are granted or denied access to a particular object or system resource.

AES (Advanced Encryption Standard)

a specification for the encryption of electronic data established by the U.S National Institute of Standards and Technology (NIST) in 2001. AES is widely used today as it is a much stronger than DES and 3DES despite being harder to implement.

AIS (Automated Indicator Sharing)

service provided by CISA that enables real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private sector organizations.

APT (Advanced Persistent Threat)

a type of cyber attack in which an unauthorized user gains access to a system or network and remains undetected for an extended period of time.

ARP (Address Resolution Protocol)

a protocol used to map an IP address to a physical MAC address.

ASLR (Address Space Layout Randomization)

a technique used to prevent attackers from exploiting vulnerabilities in software by randomizing the location of key data areas in memory.

BCP (Business Continuity Planning)

detailed strategy and set of systems for ensuring an organization’s ability to prevent or rapidly recover from a significant disruption to its operations. The plan is essentially a playbook for how any type of organization—such as a private-sector company, a government agency or a school will continue its day-to-day business during a disaster scenario or otherwise abnormal conditions.

BDPU Guard (Bridge Protocol Data Units)

a feature that defends the layer 2 Spanning Tree Protocol (STP) topology, the data link layer of the network, against Bridge Protocol Data Units (BPDU)

BIA (Business Impact Analysis)

a method to identify the operational and financial impacts resulting from the disruption of business functions and processes.

BIOS (Basic Input/Output System)

software stored on a small memory chip, also known as firmware. Found on the motherboard. Instructs the computer on how to perform basic functions like booting and keyboard control; it is also used to identify and configure the hardware in a computer such as the hard drive, CPU, memory, and related equipment. Finally, it manages data flow between the computer's operating system (OS) and attached devices.

BLOB (Binary Large Object Storage)

used by cloud providers as a database for large amounts of text or binary data.

BPA (Business Partnership Agreement)

agreement between 2 companies that are doing business together in which it is confirmed how much each company should contribute as well as their responsibility and how the profit will be split.

BYOD (Bring Your Own Device)

a policy that allows employees to use their personal devices, such as smartphones or laptops, to access company resources.

CA (Certificate Authority)

trusted entity that issues digital certificates used to verify the identities of individuals, organizations, websites or devices.

CAC (Common Access Card)

smart card about the size of a credit card. It is the standard identification for Active Duty United States Defense personnel.

CASB (Cloud Access Security Broker)

software/hardware that sits between users and their cloud service to enforce security policies.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart)

a challenge-response test used to distinguish between human and automated users.

CER (Certificate)

security files provided and generated by an Certificate Authority. These files help a browser to verify if a website is secure and save to enter, verifying its authenticity. These security certificates are usually installed on a web server.

CER (Crossover Error Rate)

point where FAR (False Accept Rate) and FRR (False Reject Rate) are equal in a biometric system, indicating the overall accuracy of the system.

CHAP (Challenge Handshake Authentication Protocol)

challenge-response identity authentication protocol. It depends on a combination of security credentials and a “shared secret” between the requestor (client) and the authenticator (server), and it does not expose a password.

CIA (Confidentiality, Integrity, and Availability)

the three core principles of information security.

CIRT (Computer Incident Response Team)

a team responsible for responding to and mitigating cyber security incidents.

COPE (Corporate-Owned, Personally-Enabled)

a policy that allows employees to use company-owned devices for personal use.

CRC (Cyclic Redundancy Check)

a mathematical algorithm used to detect errors in data transmission. It involves dividing a data message by a polynomial constant and appending the remainder at the end of a frame or block.

CRL (Certificate Revocation List)

a list of digital certificates that have been revoked by the Certificate Authority (CA) before their scheduled expiration date, the first phase of checking if a certificate is valid.

CSA (Cloud Security Alliance)

non-profit organization that provides different resources to help Cloud Security Providers (CSPs).

CSRF / XSRF (Cross-Site Request Forgery)

is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform.

CSO (Chief Security Officer)

a senior-level executive responsible for overseeing an organization's security program.

CSP (cloud service provider)

is a third-party company that provides scalable computing resources that businesses can access on demand over a network, including cloud-based compute, storage, platform, and application services.

CSR (Certificate Signing Request)

a request made by a user or device to a certificate authority for a digital certificate.

CSV (Comma Separated Values)

a file format used to store data in a table-like format, with each row separated by a comma.

CVE (Common Vulnerabilities and Exposure)

list of vulnerabilities created and shared by the MITRE ATT&CK framework

CVSS (Common Vulnerabilities Scoring System)

ranking of vulnerabilities and their severity.

CYOD (Choose Your Own Device)

company has set of devices that employees can choose to use for work.

DAC (Discretionary Access Control)

restricting access to objects based on the identity of subject.

DDoS (Distributed Denial of Service)

a type of cyber attack in which multiple systems are used to flood a target server or network with traffic, causing it to become unavailable.

DES (Data Encryption Standard)

is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) that was widely used in the past but is now considered insecure.

DHCP (Dynamic Host Configuration Protocol)

a protocol used to automatically assign IP addresses and other network settings to devices on a network.

DMZ (Demilitarized Zone)

a network segment that is isolated from the internal network and is used to provide public-facing services, such as web servers or email servers.

DNS (Domain Name System)

a system that translates domain names into IP addresses.

DoS (Denial of Service)

a type of cyber attack in which a server or network is overwhelmed with traffic, causing it to become unavailable.

DPO (Data Protection Officer)

makes sure that the organization is correctly protecting individuals personal data according to current legislation.

DRP (Disaster Recovery Plan)

preparing for any type of disaster that could occur.

EAP (Extensible Authentication Protocol)

architectural framework that provides extensibility for authentication methods for commonly used protected network access technologies such as IEEE 802.1X-based wired access and Point-to-Point Protocol (PPP).

EFS (Encrypting File System)

a feature in Windows that allows files and folders to be encrypted using a user's public key. Allows you to easily encrypt and decrypt files on your Windows New Technology File System (NTFS) drives. Once you’ve encrypted files with this tool, other people won’t be able to access them unless they have your password.

EMI (Electromagnetic Interference)

interference caused by electromagnetic waves, which can disrupt the functioning of electronic devices.

EMP (Electromagnetic Pulse)

a burst of electromagnetic radiation that can cause damage to electronic devices.

ESP (Encapsulating Security Payload)

an individual protocol in Internet Protocol Security (IPSec). Responsible for the CIA triad of security (Confidentiality, Integrity, Availability), which is considered significant only when encryption is carried along with them. Securing all payload/ packets/ content in IPv4 and IPv6 is the responsibility of ...

FAR (False Acceptance Rate)

metric used to measure the likelihood of granting access to an unauthorized user.

FDE (Full Disk Encryption)

security technique that encrypts all data stored on a disk or storage device, including the operating system, applications, and user data.

FISMA (Federal Information Security Management Act)

requires federal agencies to develop, document, and implement an agency

FRR (False Rejection Rate)

metric used to measure the likelihood of denying access to an authorized user.

FTP (File Transfer Protocol)

a protocol used to transfer files between computers over a network. Uses Port 21.

GDPR (General Data Protection Regulation)

regulation in European Union (EU) law on data protection and privacy for individuals within the EU and the European Economic Area (EEA). It came into effect on May 25, 2018 and is enforced by the EU Data Protection Authorities.

GPS (Global Positioning System)

a system of satellites used to determine the location of a device.

GRE (Generic Routing Encapsulation)

a protocol used to encapsulate one type of packet within another.

GBAC (Group Based Access Control)

gives access to a group of individuals to the resources that they need.

HMAC (Hash-based Message Authentication Code)

is a cryptographic authentication technique that uses a hash function and a secret key. You can achieve authentication and verify that data is correct and authentic with shared secrets, as opposed to approaches that use signatures and asymmetric cryptography.

HIDS (Host Intrusion Detection System)

an application that is monitoring a computer or network for suspicious activities.

HIPAA (Health Insurance Portability And Accountability Act)

federal law that was enacted in 1996 to protect the privacy and security of patients' personal health information (PHI).

HOTP (HMAC-based One-Time Password)

algorithm used to generate one-time passwords that are used for authentication purposes.

HSM (Hardware Security Module)

type of specialized hardware device designed to securely store and manage digital keys and perform cryptographic operations. It can be used to store encryption keys, digital certificates, and other sensitive data.

HSTS (HTTP Strict Transport Security)

web security policy mechanism used to protect against protocol downgrade attacks and cookie hijacking.

HTML (Hypertext Markup Language)

is the standard markup language for creating Web pages.

HTTP (Hypertext Transfer Protocol)

The foundation of the World Wide Web, and is used to load webpages using hypertext links. An application layer protocol designed to transfer information between networked devices and runs on top of other layers of the network protocol stack. A typical flow involves a client machine making a request to a server, which then sends a response message. Uses port 80.

HTTPS (Hypertext Transfer Protocol Secure)

a secure version of HTTP that uses encryption to protect data in transit. uses port 443.

IaaS (Infrastructure as a Service)

a cloud computing model in which infrastructure resources, such as servers and storage, are provided by a third-party provider.

IAM (Identity and Access Management)

a cybersecurity practice that enables IT administrators to restrict access to organizational resources so that only the people who need access have access.

ICMP (Internet Control Message Protocol)

a network layer protocol used by network devices to diagnose network communication. Mainly used to determine whether or not data is reaching its intended destination in a timely manner.

IDS (Intrusion Detection System)

a monitoring system that detects suspicious activities and generates alerts when they are detected. Based upon these alerts, a security operations center (SOC) analyst or incident responder can investigate the issue and take the appropriate actions to remediate the threat.

IPS (Intrusion Prevention System)

a network security technology that goes beyond the capabilities of an IDS (Intrusion Detection System) by actively preventing identified threats from being carried out. Monitors network traffic, just like an IDS, but it can also take action to prevent attacks.

IEEE (Institute of Electrical and Electronics Engineers)

the world's largest technical professional society - promoting the development and application of electrotechnology and allied sciences for the benefit of humanity, the advancement of the profession, and the well-being of their members.

IKE (Internet Key Exchange)

a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).

IMAP4 (Internet Message Access Protocol v4)

an Internet standard protocol used by email clients to retrieve email messages from a mail server over a Transmission Control Protocol/Internet Protocol (TCP/IP) connection. Uses port 143.

IoT (Internet Of Things Devices)

physical devices that are connected to the internet and that can exchange data with each other.

IP (Internet Protocol)

a protocol, or set of rules, for routing and addressing packets of data so that they can travel across networks and arrive at the correct destination.

IPv4 (Internet Protocol version 4)

a 32-bit address that is usually represented in dotted decimal notation, with a decimal value representing each of the four octets (bytes) that make up the address.

IPv6 (Internet Protocol version 6)

a network protocol that serves as the successor to IPv4. The purpose being to provide a larger address space for the internet as the number of connected devices continues to grow. One of the main differences between them is the size of the address space. IPv4 uses 32-bit addresses, allowing for approximately 4.3 billion unique addresses. In contrast, this uses 128-bit addresses, which allows for an almost unlimited number of unique addresses.

ISA (Interconnection Security Agreement)

a document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities.

ISO (International Organization for Standardization)

an international standard-setting organization.

ISP (Internet Service Provider)

a company that provides Internet access to customers.

JSON (JavaScript Object Notation)

a lightweight data interchange format.

LDAP (Lightweight Directory Access Protocol)

is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network - whether on the public internet or a corporate intranet. A "lightweight" version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network. It’s considered lightweight because it uses a smaller amount of code than other protocols.

MAC (Media Access Control)

a unique identifier assigned to a network interface controller (NIC).

MAC (Mandatory Access Control)

limiting access to resources based on the sensitivity of information.

MCSP (Managed Cloud Service Provider)

a type of cloud computing service in which a third-party provider manages and delivers cloud computing resources and services to customers over the internet.

MFA (Multi-Factor Authentication)

a security feature that requires multiple forms of authentication to access a resource.

MITB (Man In The Browser)

an attack that injects malicious software (malware) into a victim's web browser. The malware typically exploits vulnerabilities in the browser or its plugins to intercept and manipulate data exchanged between the browser and the websites the user visits.

MITM (Man-in-the-Middle)

A type of cyber attack in which an attacker intercepts communications between two parties in order to either steal or change the data in transit.

MSSP (Managed Security Service Provider)

provides managed security services to customers, typically on a subscription basis.

MTBF (Mean Time Between Failures)

average amount of time between system failure which shows how reliable a system is.

MTTD (Mean Time To Detect)

average time it takes for an organization to detect a security incident or breach after it occurs.

MTTR (Mean Time To Repair)

average time that it takes to fix a system.

NAC (Network Access Control)

a system used to control access to a network based on the identity of the user or device.

NAT (Network Address Translation)

a technique used to map private Internet Protocol (IP) addresses to public IP addresses.

NDA (Non Disclosure Agreement)

contract that prevents any side of the business to give away the secrets to others.

NFC (Near Field Communication)

short-range wireless communication technology that enables data exchange between devices that are within close proximity to each other, typically within a few centimeters.

NIDS (Network Intrusion Detection System)

a system used to detect unauthorized activity on a network.