knowt logoKnowt
0.0(0)
study
Generate Practice test
study
Chat with Kai
study
undefined Flashcards
0 Cards0.0(0)
Explore Top Notes
1.1 Rhythm, Meter, and Tempo
noteNote
studied byStudied by 32 people
5.0(1)
RE Revision: Eschatology: MA's Last Judgement
noteNote
studied byStudied by 2 people
5.0(1)
Chapter 17: Managing Business Finances
noteNote
studied byStudied by 35 people
5.0(2)
Chapter 9 & 10: Photosynthesis/Cellular Respiration >
noteNote
studied byStudied by 68 people
5.0(1)
Unit 7: Natural Selection
noteNote
studied byStudied by 12448 people
4.7(74)
Every Social Movement to Know for AP United States History
noteNote
studied byStudied by 5 people
5.0(1)
Home
Home
Last saved 25 days ago

Sec+ Acronyms + Definitions

ABCDEFGHIJKLMNOPQRSTUVWXZ

A

  • AAA (Authentication, Authorization, and Accounting) – A security framework that controls access to resources, verifies identity, and logs activity.

  • ACL (Access Control List) – A list of rules that define permissions for accessing network resources.

  • AES (Advanced Encryption Standard) – A symmetric encryption algorithm widely used for secure data encryption.

  • AH (Authentication Header) – A component of IPSec that ensures integrity and authenticity of packets.

  • APT (Advanced Persistent Threat) – A prolonged cyberattack where an attacker gains undetected access to a network.

  • ARP (Address Resolution Protocol) – A protocol that maps IP addresses to MAC addresses.

  • ASLR (Address Space Layout Randomization) – A security technique that randomizes memory addresses to prevent exploitation.

B

  • BCP (Business Continuity Planning) – A strategy for maintaining operations during disruptions.

  • BIA (Business Impact Analysis) – Identifies critical business functions and potential impacts of disruptions.

  • BIOS (Basic Input/Output System) – Firmware that initializes hardware before the OS loads.

  • BYOD (Bring Your Own Device) – A policy allowing employees to use personal devices at work.

C

  • CAC (Common Access Card) – A smart card used for authentication in government networks.

  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) – A test to differentiate humans from bots.

  • CBC (Cipher Block Chaining) – A mode of encryption that uses the previous ciphertext block for encryption.

  • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) – A security protocol used in WPA2 for wireless encryption.

  • CCTV (Closed-Circuit Television) – A video surveillance system used for security monitoring.

  • CHAP (Challenge Handshake Authentication Protocol) – A protocol that verifies user identity through challenge-response authentication.

  • CIA (Confidentiality, Integrity, Availability) – The core principles of cybersecurity.

  • CIRT (Computer Incident Response Team) – A team that responds to security incidents.

  • CISO (Chief Information Security Officer) – An executive responsible for an organization’s security strategy.

  • CSRF (Cross-Site Request Forgery) – A web attack where an attacker tricks a user into making unauthorized requests.

  • CSP (Cloud Service Provider) – A company that offers cloud-based services like storage, computing, and networking.

  • CSR (Certificate Signing Request) – A request sent to a certificate authority to obtain a digital certificate.

  • CTF (Capture The Flag) – A cybersecurity competition that challenges participants to solve security-related tasks.

  • CVSS (Common Vulnerability Scoring System) – A standardized system for assessing the severity of security vulnerabilities.

D

  • DAC (Discretionary Access Control) – A security model where owners set access permissions.

  • DDoS (Distributed Denial of Service) – An attack that overwhelms a system with traffic.

  • DEP (Data Execution Prevention) – A security feature that prevents code execution in certain memory areas.

  • DES (Data Encryption Standard) – An outdated encryption algorithm replaced by AES.

  • DHCP (Dynamic Host Configuration Protocol) – Assigns IP addresses to devices on a network.

  • DLP (Data Loss Prevention) – A strategy to prevent unauthorized data transfers.

  • DMZ (Demilitarized Zone) – A network segment that isolates public-facing services from an internal network.

  • DNS (Domain Name System) – Translates domain names into IP addresses.

  • DoS (Denial of Service) – An attack that disrupts system availability.

  • DRP (Disaster Recovery Plan) – A plan to restore IT systems after a disaster.

  • DSA (Digital Signature Algorithm) – A cryptographic algorithm used for digital signatures.

  • DSS (Digital Signature Standard) – A federal standard for digital signatures.

This is just the first part—let me know if you want me to continue with the rest or format it differently!

4o

You said:

keep going

ChatGPT said:

Gotcha! Here's the rest of the definitions:

E

  • EAP (Extensible Authentication Protocol) – A framework that supports various authentication methods like passwords, biometrics, and certificates.

  • EDR (Endpoint Detection and Response) – A security solution focused on detecting and responding to threats on devices like computers and smartphones.

  • EFS (Encrypting File System) – A Windows feature for encrypting files on a computer.

  • EMS (Enterprise Mobility Suite) – A suite of tools for managing mobile devices, apps, and data in an enterprise environment.

  • ERP (Enterprise Resource Planning) – Software used to manage and automate core business processes.

F

  • FAR (False Acceptance Rate) – The rate at which unauthorized users are incorrectly granted access in biometric systems.

  • FDE (Full Disk Encryption) – The process of encrypting an entire disk to protect data at rest.

  • FIM (File Integrity Monitoring) – A security process that checks for unauthorized changes to files.

  • FTP (File Transfer Protocol) – A protocol for transferring files over a network.

G

  • GPO (Group Policy Object) – A feature in Windows that defines user and computer configurations.

  • GPS (Global Positioning System) – A satellite-based navigation system.

  • GRC (Governance, Risk, and Compliance) – A framework for managing governance, risk, and compliance requirements in an organization.

H

  • HIDS (Host-Based Intrusion Detection System) – A security system that monitors and analyzes the activity of a single host to detect suspicious behavior.

  • HMAC (Hash-Based Message Authentication Code) – A mechanism for ensuring the integrity and authenticity of a message using a cryptographic hash function.

  • HOTP (HMAC-based One-Time Password) – A one-time password algorithm based on HMAC.

  • HTTPS (Hypertext Transfer Protocol Secure) – A secure version of HTTP that uses encryption (SSL/TLS) to protect data exchanged between a web server and client.

I

  • IAM (Identity and Access Management) – A framework for managing digital identities and controlling access to resources.

  • ICMP (Internet Control Message Protocol) – A protocol used for sending control messages, such as error reports and diagnostics, over an IP network.

  • IDS (Intrusion Detection System) – A system that monitors network traffic for signs of malicious activity.

  • IEC (International Electrotechnical Commission) – An international organization that develops standards for electrical, electronic, and related technologies.

  • IKE (Internet Key Exchange) – A protocol used to set up a security association (SA) in the IPSec protocol suite.

  • IoT (Internet of Things) – A network of physical devices that communicate and exchange data with each other over the internet.

  • IPSec (Internet Protocol Security) – A suite of protocols used to secure network traffic through encryption and authentication.

  • IPv4 (Internet Protocol version 4) – The fourth version of IP, widely used for assigning IP addresses.

  • IPv6 (Internet Protocol version 6) – The latest version of IP that uses a larger address space than IPv4.

J

  • JIT (Just In Time) – A software development and manufacturing approach that minimizes inventory and delays by producing items only when they are needed.

  • JWT (JSON Web Token) – A compact, URL-safe token used to securely transmit information between parties as a JSON object.

K

  • KDC (Key Distribution Center) – A server that manages keys for secure communication in Kerberos authentication.

  • KPI (Key Performance Indicator) – A measurable value used to assess the success of an organization or project.

L

  • LAN (Local Area Network) – A network that connects devices within a limited area, such as a home or office.

  • LDAP (Lightweight Directory Access Protocol) – A protocol used to access and manage directory services, such as contact information in an organization.

  • LFI (Local File Inclusion) – A vulnerability that allows attackers to include files from the local server on a website, leading to potential code execution.

  • LKM (Loadable Kernel Module) – A piece of code that can be loaded into the kernel to add functionality to an operating system.

  • LOLBINs (Living Off the Land Binaries) – Legitimate tools or software used maliciously for an attack.

M

  • MAC (Media Access Control / Mandatory Access Control)

    1. Media Access Control: A unique identifier for network interfaces.

    2. Mandatory Access Control: A security model that restricts access to resources based on predefined policies.

  • MD5 (Message Digest 5) – A widely used cryptographic hash function, though considered insecure due to vulnerability to collisions.

  • MITM (Man In The Middle) – An attack where an attacker intercepts and potentially alters communications between two parties.

  • MSSP (Managed Security Services Provider) – A company that provides outsourced monitoring and management of security systems.

  • MFA (Multi-Factor Authentication) – A security process where users provide two or more verification factors to gain access to a resource.

  • MPLS (Multi-Protocol Label Switching) – A method for routing data in high-performance networks using labels instead of traditional IP routing.

N

  • NAC (Network Access Control) – A security approach that regulates access to a network based on predefined policies.

  • NAT (Network Address Translation) – A method used to modify IP address information in packet headers for routing purposes.

  • NIDS (Network Intrusion Detection System) – A system that monitors network traffic for signs of malicious activity.

  • NIST (National Institute of Standards and Technology) – A federal agency that develops standards and guidelines for cybersecurity.

  • NTFS (New Technology File System) – A file system used by Windows operating systems to manage files on a disk.

That’s all the way through "N." You want me to keep going from "O" forward, or is this good for now?

4o mini

You said:

go to z

ChatGPT said:

Alright, here’s the rest of the list, all the way to Z:

O

  • OAuth (Open Authorization) – An open standard for access delegation that allows users to grant third-party applications access to their resources without sharing passwords.

  • OCSP (Online Certificate Status Protocol) – A protocol used to check the revocation status of an X.509 digital certificate in real-time.

  • OSINT (Open Source Intelligence) – Intelligence gathered from publicly available sources, such as websites, social media, and public records.

  • OTP (One-Time Password) – A password that is valid for only one login session or transaction, used for secure authentication.

P

  • P2P (Peer-to-Peer) – A decentralized network model where each participant (peer) acts as both a client and server.

  • PBKDF2 (Password-Based Key Derivation Function 2) – A cryptographic algorithm used to derive secure keys from a password, commonly used for password hashing.

  • PCI-DSS (Payment Card Industry Data Security Standard) – A set of security standards designed to ensure that organizations handling card payments protect cardholder data.

  • PEAP (Protected Extensible Authentication Protocol) – A secure method of authenticating wireless clients that encapsulates EAP within a TLS tunnel.

  • PKI (Public Key Infrastructure) – A framework for managing digital keys and certificates for secure communications.

  • PIV (Personal Identity Verification) – A federal government ID card used for identity verification and access control.

  • PoLP (Principle of Least Privilege) – A security concept that ensures users and systems are only granted the minimum permissions necessary for their tasks.

  • PT (Penetration Testing) – The practice of testing a system's security by simulating attacks to identify vulnerabilities.

  • PSA (Public Service Announcement) – A message issued to inform the public about important matters.

  • PTA (Privacy Threshold Assessment) – A process used to determine whether a system or project collects or uses personal data that requires protection.

Q

  • QoS (Quality of Service) – A set of techniques used to manage network resources and prioritize traffic to ensure high-quality service.

R

  • RADIUS (Remote Authentication Dial-In User Service) – A protocol for authentication, authorization, and accounting for remote network access.

  • RAID (Redundant Array of Independent Disks) – A technology used to combine multiple disk drives into a single unit for redundancy, performance, or both.

  • RBAC (Role-Based Access Control) – A model for restricting access to resources based on users' roles within an organization.

  • RFID (Radio Frequency Identification) – A technology used to automatically identify and track objects using radio waves.

  • RPO (Recovery Point Objective) – The maximum acceptable amount of data loss measured in time.

  • RTO (Recovery Time Objective) – The maximum acceptable amount of downtime for a system or application after a disaster.

S

  • SAML (Security Assertion Markup Language) – An XML-based standard used for exchanging authentication and authorization data between parties.

  • SCADA (Supervisory Control and Data Acquisition) – A system used to monitor and control industrial processes, such as manufacturing and power generation.

  • SHA (Secure Hash Algorithm) – A family of cryptographic hash functions designed by NIST to provide secure data hashing.

  • SIEM (Security Information and Event Management) – A system that collects and analyzes security-related data from various sources to detect and respond to incidents.

  • SIM (Subscriber Identity Module) – A small card used in mobile devices that stores the subscriber's identity and authentication data.

  • SLA (Service Level Agreement) – A contract that defines the level of service a provider will deliver to a customer.

  • SOW (Statement of Work) – A document that outlines the scope, deliverables, and timeline for a project.

  • MOU (Memorandum of Understanding) – A document that outlines the terms and conditions of an agreement between parties.

  • MOA (Memorandum of Agreement) – A formal document that outlines an agreement between two or more parties.

  • BPA (Business Partnership Agreement) – A contract that governs the terms of a business relationship between two or more parties.

  • NDA (Non-Disclosure Agreement) – A legal agreement that prevents parties from disclosing confidential information.

T

  • TACACS+ (Terminal Access Controller Access-Control System Plus) – A protocol used for centralized authentication, authorization, and accounting in network access systems.

  • TOTP (Time-Based One-Time Password) – A one-time password that is valid only for a short period, typically used in two-factor authentication.

  • TLS (Transport Layer Security) – A cryptographic protocol used to secure communication over a computer network.

  • TPM (Trusted Platform Module) – A hardware-based security feature that provides encryption and secure storage of cryptographic keys.

  • TTPs (Tactics, Techniques, and Procedures) – A framework used to describe the behavior and methods of attackers in cybersecurity.

U

  • UEBA (User and Entity Behavior Analytics) – A security technology that uses machine learning to detect unusual behavior patterns in users and entities.

  • UDP (User Datagram Protocol) – A connectionless protocol used for transmitting data in real-time applications, such as video streaming and VoIP.

  • UPS (Uninterruptible Power Supply) – A device that provides backup power to critical systems during power outages.

  • URL (Uniform Resource Locator) – The address used to access resources on the internet.

V

  • VLAN (Virtual Local Area Network) – A logical network created within a physical network to segment traffic for security or performance reasons.

  • VPN (Virtual Private Network) – A secure network connection that allows remote access to an internal network over the internet.

  • VPC (Virtual Private Cloud) – A private network within a public cloud, allowing users to isolate and secure resources.

  • VRRP (Virtual Router Redundancy Protocol) – A protocol that provides high availability for routers by assigning a virtual IP address to a group of routers.

W

  • WAF (Web Application Firewall) – A security system that monitors and filters HTTP traffic to and from a web application.

  • WAN (Wide Area Network) – A network that covers a large geographic area, often used to connect multiple local networks.

  • WEP (Wired Equivalent Privacy) – An outdated wireless security protocol for Wi-Fi networks, vulnerable to attacks.

  • WPA (Wi-Fi Protected Access) – A security protocol designed to secure wireless networks, more secure than WEP.

X

  • XSS (Cross-Site Scripting) – A vulnerability that allows attackers to inject malicious scripts into web pages viewed by users.

  • XML (Extensible Markup Language) – A flexible text-based format used to store and transport data in a structured manner.

Z

  • ZTA (Zero Trust Architecture) – A security model that assumes no device or user can be trusted by default, requiring strict verification for access to any network resource


knowt logoKnowt
0.0(0)
study
Chat with Kai
study
undefined Flashcards
0 Cards0.0(0)
Explore Top Notes
1.1 Rhythm, Meter, and Tempo
noteNote
studied byStudied by 32 people
5.0(1)
RE Revision: Eschatology: MA's Last Judgement
noteNote
studied byStudied by 2 people
5.0(1)
Chapter 17: Managing Business Finances
noteNote
studied byStudied by 35 people
5.0(2)
Chapter 9 & 10: Photosynthesis/Cellular Respiration >
noteNote
studied byStudied by 68 people
5.0(1)
Unit 7: Natural Selection
noteNote
studied byStudied by 12448 people
4.7(74)
Every Social Movement to Know for AP United States History
noteNote
studied byStudied by 5 people
5.0(1)
robot
knowt logo

Sec+ Acronyms + Definitions

A

  • AAA (Authentication, Authorization, and Accounting) – A security framework that controls access to resources, verifies identity, and logs activity.

  • ACL (Access Control List) – A list of rules that define permissions for accessing network resources.

  • AES (Advanced Encryption Standard) – A symmetric encryption algorithm widely used for secure data encryption.

  • AH (Authentication Header) – A component of IPSec that ensures integrity and authenticity of packets.

  • APT (Advanced Persistent Threat) – A prolonged cyberattack where an attacker gains undetected access to a network.

  • ARP (Address Resolution Protocol) – A protocol that maps IP addresses to MAC addresses.

  • ASLR (Address Space Layout Randomization) – A security technique that randomizes memory addresses to prevent exploitation.

B

  • BCP (Business Continuity Planning) – A strategy for maintaining operations during disruptions.

  • BIA (Business Impact Analysis) – Identifies critical business functions and potential impacts of disruptions.

  • BIOS (Basic Input/Output System) – Firmware that initializes hardware before the OS loads.

  • BYOD (Bring Your Own Device) – A policy allowing employees to use personal devices at work.

C

  • CAC (Common Access Card) – A smart card used for authentication in government networks.

  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) – A test to differentiate humans from bots.

  • CBC (Cipher Block Chaining) – A mode of encryption that uses the previous ciphertext block for encryption.

  • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) – A security protocol used in WPA2 for wireless encryption.

  • CCTV (Closed-Circuit Television) – A video surveillance system used for security monitoring.

  • CHAP (Challenge Handshake Authentication Protocol) – A protocol that verifies user identity through challenge-response authentication.

  • CIA (Confidentiality, Integrity, Availability) – The core principles of cybersecurity.

  • CIRT (Computer Incident Response Team) – A team that responds to security incidents.

  • CISO (Chief Information Security Officer) – An executive responsible for an organization’s security strategy.

  • CSRF (Cross-Site Request Forgery) – A web attack where an attacker tricks a user into making unauthorized requests.

  • CSP (Cloud Service Provider) – A company that offers cloud-based services like storage, computing, and networking.

  • CSR (Certificate Signing Request) – A request sent to a certificate authority to obtain a digital certificate.

  • CTF (Capture The Flag) – A cybersecurity competition that challenges participants to solve security-related tasks.

  • CVSS (Common Vulnerability Scoring System) – A standardized system for assessing the severity of security vulnerabilities.

D

  • DAC (Discretionary Access Control) – A security model where owners set access permissions.

  • DDoS (Distributed Denial of Service) – An attack that overwhelms a system with traffic.

  • DEP (Data Execution Prevention) – A security feature that prevents code execution in certain memory areas.

  • DES (Data Encryption Standard) – An outdated encryption algorithm replaced by AES.

  • DHCP (Dynamic Host Configuration Protocol) – Assigns IP addresses to devices on a network.

  • DLP (Data Loss Prevention) – A strategy to prevent unauthorized data transfers.

  • DMZ (Demilitarized Zone) – A network segment that isolates public-facing services from an internal network.

  • DNS (Domain Name System) – Translates domain names into IP addresses.

  • DoS (Denial of Service) – An attack that disrupts system availability.

  • DRP (Disaster Recovery Plan) – A plan to restore IT systems after a disaster.

  • DSA (Digital Signature Algorithm) – A cryptographic algorithm used for digital signatures.

  • DSS (Digital Signature Standard) – A federal standard for digital signatures.

This is just the first part—let me know if you want me to continue with the rest or format it differently! 🔥

4o

You said:

keep going

ChatGPT said:

Gotcha! Here's the rest of the definitions:

E

  • EAP (Extensible Authentication Protocol) – A framework that supports various authentication methods like passwords, biometrics, and certificates.

  • EDR (Endpoint Detection and Response) – A security solution focused on detecting and responding to threats on devices like computers and smartphones.

  • EFS (Encrypting File System) – A Windows feature for encrypting files on a computer.

  • EMS (Enterprise Mobility Suite) – A suite of tools for managing mobile devices, apps, and data in an enterprise environment.

  • ERP (Enterprise Resource Planning) – Software used to manage and automate core business processes.

F

  • FAR (False Acceptance Rate) – The rate at which unauthorized users are incorrectly granted access in biometric systems.

  • FDE (Full Disk Encryption) – The process of encrypting an entire disk to protect data at rest.

  • FIM (File Integrity Monitoring) – A security process that checks for unauthorized changes to files.

  • FTP (File Transfer Protocol) – A protocol for transferring files over a network.

G

  • GPO (Group Policy Object) – A feature in Windows that defines user and computer configurations.

  • GPS (Global Positioning System) – A satellite-based navigation system.

  • GRC (Governance, Risk, and Compliance) – A framework for managing governance, risk, and compliance requirements in an organization.

H

  • HIDS (Host-Based Intrusion Detection System) – A security system that monitors and analyzes the activity of a single host to detect suspicious behavior.

  • HMAC (Hash-Based Message Authentication Code) – A mechanism for ensuring the integrity and authenticity of a message using a cryptographic hash function.

  • HOTP (HMAC-based One-Time Password) – A one-time password algorithm based on HMAC.

  • HTTPS (Hypertext Transfer Protocol Secure) – A secure version of HTTP that uses encryption (SSL/TLS) to protect data exchanged between a web server and client.

I

  • IAM (Identity and Access Management) – A framework for managing digital identities and controlling access to resources.

  • ICMP (Internet Control Message Protocol) – A protocol used for sending control messages, such as error reports and diagnostics, over an IP network.

  • IDS (Intrusion Detection System) – A system that monitors network traffic for signs of malicious activity.

  • IEC (International Electrotechnical Commission) – An international organization that develops standards for electrical, electronic, and related technologies.

  • IKE (Internet Key Exchange) – A protocol used to set up a security association (SA) in the IPSec protocol suite.

  • IoT (Internet of Things) – A network of physical devices that communicate and exchange data with each other over the internet.

  • IPSec (Internet Protocol Security) – A suite of protocols used to secure network traffic through encryption and authentication.

  • IPv4 (Internet Protocol version 4) – The fourth version of IP, widely used for assigning IP addresses.

  • IPv6 (Internet Protocol version 6) – The latest version of IP that uses a larger address space than IPv4.

J

  • JIT (Just In Time) – A software development and manufacturing approach that minimizes inventory and delays by producing items only when they are needed.

  • JWT (JSON Web Token) – A compact, URL-safe token used to securely transmit information between parties as a JSON object.

K

  • KDC (Key Distribution Center) – A server that manages keys for secure communication in Kerberos authentication.

  • KPI (Key Performance Indicator) – A measurable value used to assess the success of an organization or project.

L

  • LAN (Local Area Network) – A network that connects devices within a limited area, such as a home or office.

  • LDAP (Lightweight Directory Access Protocol) – A protocol used to access and manage directory services, such as contact information in an organization.

  • LFI (Local File Inclusion) – A vulnerability that allows attackers to include files from the local server on a website, leading to potential code execution.

  • LKM (Loadable Kernel Module) – A piece of code that can be loaded into the kernel to add functionality to an operating system.

  • LOLBINs (Living Off the Land Binaries) – Legitimate tools or software used maliciously for an attack.

M

  • MAC (Media Access Control / Mandatory Access Control)

    1. Media Access Control: A unique identifier for network interfaces.

    2. Mandatory Access Control: A security model that restricts access to resources based on predefined policies.

  • MD5 (Message Digest 5) – A widely used cryptographic hash function, though considered insecure due to vulnerability to collisions.

  • MITM (Man In The Middle) – An attack where an attacker intercepts and potentially alters communications between two parties.

  • MSSP (Managed Security Services Provider) – A company that provides outsourced monitoring and management of security systems.

  • MFA (Multi-Factor Authentication) – A security process where users provide two or more verification factors to gain access to a resource.

  • MPLS (Multi-Protocol Label Switching) – A method for routing data in high-performance networks using labels instead of traditional IP routing.

N

  • NAC (Network Access Control) – A security approach that regulates access to a network based on predefined policies.

  • NAT (Network Address Translation) – A method used to modify IP address information in packet headers for routing purposes.

  • NIDS (Network Intrusion Detection System) – A system that monitors network traffic for signs of malicious activity.

  • NIST (National Institute of Standards and Technology) – A federal agency that develops standards and guidelines for cybersecurity.

  • NTFS (New Technology File System) – A file system used by Windows operating systems to manage files on a disk.

That’s all the way through "N." You want me to keep going from "O" forward, or is this good for now?

4o mini

You said:

go to z

ChatGPT said:

Alright, here’s the rest of the list, all the way to Z:

O

  • OAuth (Open Authorization) – An open standard for access delegation that allows users to grant third-party applications access to their resources without sharing passwords.

  • OCSP (Online Certificate Status Protocol) – A protocol used to check the revocation status of an X.509 digital certificate in real-time.

  • OSINT (Open Source Intelligence) – Intelligence gathered from publicly available sources, such as websites, social media, and public records.

  • OTP (One-Time Password) – A password that is valid for only one login session or transaction, used for secure authentication.

P

  • P2P (Peer-to-Peer) – A decentralized network model where each participant (peer) acts as both a client and server.

  • PBKDF2 (Password-Based Key Derivation Function 2) – A cryptographic algorithm used to derive secure keys from a password, commonly used for password hashing.

  • PCI-DSS (Payment Card Industry Data Security Standard) – A set of security standards designed to ensure that organizations handling card payments protect cardholder data.

  • PEAP (Protected Extensible Authentication Protocol) – A secure method of authenticating wireless clients that encapsulates EAP within a TLS tunnel.

  • PKI (Public Key Infrastructure) – A framework for managing digital keys and certificates for secure communications.

  • PIV (Personal Identity Verification) – A federal government ID card used for identity verification and access control.

  • PoLP (Principle of Least Privilege) – A security concept that ensures users and systems are only granted the minimum permissions necessary for their tasks.

  • PT (Penetration Testing) – The practice of testing a system's security by simulating attacks to identify vulnerabilities.

  • PSA (Public Service Announcement) – A message issued to inform the public about important matters.

  • PTA (Privacy Threshold Assessment) – A process used to determine whether a system or project collects or uses personal data that requires protection.

Q

  • QoS (Quality of Service) – A set of techniques used to manage network resources and prioritize traffic to ensure high-quality service.

R

  • RADIUS (Remote Authentication Dial-In User Service) – A protocol for authentication, authorization, and accounting for remote network access.

  • RAID (Redundant Array of Independent Disks) – A technology used to combine multiple disk drives into a single unit for redundancy, performance, or both.

  • RBAC (Role-Based Access Control) – A model for restricting access to resources based on users' roles within an organization.

  • RFID (Radio Frequency Identification) – A technology used to automatically identify and track objects using radio waves.

  • RPO (Recovery Point Objective) – The maximum acceptable amount of data loss measured in time.

  • RTO (Recovery Time Objective) – The maximum acceptable amount of downtime for a system or application after a disaster.

S

  • SAML (Security Assertion Markup Language) – An XML-based standard used for exchanging authentication and authorization data between parties.

  • SCADA (Supervisory Control and Data Acquisition) – A system used to monitor and control industrial processes, such as manufacturing and power generation.

  • SHA (Secure Hash Algorithm) – A family of cryptographic hash functions designed by NIST to provide secure data hashing.

  • SIEM (Security Information and Event Management) – A system that collects and analyzes security-related data from various sources to detect and respond to incidents.

  • SIM (Subscriber Identity Module) – A small card used in mobile devices that stores the subscriber's identity and authentication data.

  • SLA (Service Level Agreement) – A contract that defines the level of service a provider will deliver to a customer.

  • SOW (Statement of Work) – A document that outlines the scope, deliverables, and timeline for a project.

  • MOU (Memorandum of Understanding) – A document that outlines the terms and conditions of an agreement between parties.

  • MOA (Memorandum of Agreement) – A formal document that outlines an agreement between two or more parties.

  • BPA (Business Partnership Agreement) – A contract that governs the terms of a business relationship between two or more parties.

  • NDA (Non-Disclosure Agreement) – A legal agreement that prevents parties from disclosing confidential information.

T

  • TACACS+ (Terminal Access Controller Access-Control System Plus) – A protocol used for centralized authentication, authorization, and accounting in network access systems.

  • TOTP (Time-Based One-Time Password) – A one-time password that is valid only for a short period, typically used in two-factor authentication.

  • TLS (Transport Layer Security) – A cryptographic protocol used to secure communication over a computer network.

  • TPM (Trusted Platform Module) – A hardware-based security feature that provides encryption and secure storage of cryptographic keys.

  • TTPs (Tactics, Techniques, and Procedures) – A framework used to describe the behavior and methods of attackers in cybersecurity.

U

  • UEBA (User and Entity Behavior Analytics) – A security technology that uses machine learning to detect unusual behavior patterns in users and entities.

  • UDP (User Datagram Protocol) – A connectionless protocol used for transmitting data in real-time applications, such as video streaming and VoIP.

  • UPS (Uninterruptible Power Supply) – A device that provides backup power to critical systems during power outages.

  • URL (Uniform Resource Locator) – The address used to access resources on the internet.

V

  • VLAN (Virtual Local Area Network) – A logical network created within a physical network to segment traffic for security or performance reasons.

  • VPN (Virtual Private Network) – A secure network connection that allows remote access to an internal network over the internet.

  • VPC (Virtual Private Cloud) – A private network within a public cloud, allowing users to isolate and secure resources.

  • VRRP (Virtual Router Redundancy Protocol) – A protocol that provides high availability for routers by assigning a virtual IP address to a group of routers.

W

  • WAF (Web Application Firewall) – A security system that monitors and filters HTTP traffic to and from a web application.

  • WAN (Wide Area Network) – A network that covers a large geographic area, often used to connect multiple local networks.

  • WEP (Wired Equivalent Privacy) – An outdated wireless security protocol for Wi-Fi networks, vulnerable to attacks.

  • WPA (Wi-Fi Protected Access) – A security protocol designed to secure wireless networks, more secure than WEP.

X

  • XSS (Cross-Site Scripting) – A vulnerability that allows attackers to inject malicious scripts into web pages viewed by users.

  • XML (Extensible Markup Language) – A flexible text-based format used to store and transport data in a structured manner.

Z

  • ZTA (Zero Trust Architecture) – A security model that assumes no device or user can be trusted by default, requiring strict verification for access to any network resource