Topic 4 Acronyms

Cybersecurity & Encryption

• AES - Advanced Encryption Standard

• APT - Advanced Persistent Threat

• CVE - Common Vulnerabilities and Exposures

• CVSS - Common Vulnerabilities Scoring System

• CWE - Common Weakness Enumeration

• CWSS - Common Weakness Scoring System

• DES - Data Encryption Standard

• ECC - Elliptic Curve Cryptosystem

• HAS - Hash Algorithm Standard

• HSM - Hard Security Module

• IDEA - International Data Encryption Algorithm

• MD5 - Message Digest Algorithm 5

• NSA - National Security Agency

• PKI - Public Key Infrastructure

• PBE - Password-Based Encryption

• RSA - Rivest, Shamir, Adleman

• SHA - Secure Hash Algorithm

• SSL - Secure Socket Layer

Access Control & Authentication

• ACL - Access Control List

• AS - Authentication Server

• CA - Certification Authority

• CRL - Certificate Revocation List

• DAC - Discretionary Access Control

• DLP - Data Loss Prevention

• FIDO - Fast Online Identity Alliance

• MAC - Mandatory Access Control

• OCSP - Online Certificate Status Protocol

• OID - Object Identifier

• OTP - One-Time Password

• PAA - Policy Approval Authority

• PCA - Policy Certification Authority

• RA - Registration Authority

• RBAC - Role-Based Access Control

• RSN - Robust Security Network

• SA - Security Association

• SL - Security Label

• SPD - Security Policy Database

• SPI - Security Parameter Index

• STA - Security Threat Analysis

• TCG - Trusted Computing Group

• TPM - Trusted Platform Module

• U2F - Universal 2nd Factor

• UAF - Universal Authentication Framework

Regulatory & Compliance

• DPO - Data Protection Officer

• EU - European Union

• GDPR - General Data Protection Regulation

• ISMS - Information Security Management System

Threat Detection & Risk Management

• DOS - Denial of Service

• FDS - Fraud Detection System

• IDS - Intrusion Detection System

• SAD - Security Association Database

Networking & Secure Communications

• AH - Authentication Header

• ESP - Encapsulating Security Payload

• IKE - Internet Key Exchange

• NTP - Network Time Protocol

• NNTP - Network News Transfer Protocol

• RADIUS - Remote Authentication Dial-In User Services

• SFTP - Secure File Transfer Protocol

• VPN - Virtual Private Network

Software Development & Privacy

• PIMS - Personal Information Security Management

• PPDM - Privacy Preserving Data Mining

• SLDC - Software Development Life Cycle

Security & Web Vulnerabilities

• CSRF - Cross-Site Request Forgery

• XSS - Cross-Site Scripting

• XXE - XML External Entities