CompTIA Security+: Security Acronym List
Acronym | Description |
---|---|
3DES | Triple Digital Encryption Standard |
AAA | Authentication, Authorization, and Accounting |
ABAC | Attribute-based Access Control |
ACL | Access Control List |
AES | Advanced Encryption Standard |
AES256 | Advanced Encryption Standards 256bit |
AH | Authentication Header |
AI | Artificial Intelligence |
AIS | Automated Indicator Sharing |
ALE | Annualized Loss Expectancy |
AP | Access Point |
API | Application Programming Interface |
APT | Advanced Persistent Threat |
ARO | Annualized Rate of Occurrence |
ARP | Address Resolution Protocol |
ASLR | Address Space Layout Randomization |
ASP | Active Server Page |
ATT&CK | Adversarial Tactics, Techniques, and Common Knowledge |
AUP | Acceptable Use Policy |
AV | Antivirus |
BASH | Bourne Again Shell |
BCP | Business Continuity Planning |
BGP | Border Gateway Protocol |
BIA | Business Impact Analysis |
BIOS | Basic Input/Output System |
BPA | Business Partnership Agreement |
BPDU | Bridge Protocol Data Unit |
BYOD | Bring Your Own Device |
CA | Certificate Authority |
CAC | Common Access Card |
CAPTCHA | Completely Automated Public Turing Test to |
CAR | Corrective Action Report |
CASB | Cloud Access Security Broker |
CBC | Cipher Block Chaining |
CBT | Computer-based Training |
CCMP | Counter-Mode/CBC-Mac Protocol |
CCTV | Closed-Circuit Television |
CERT | Computer Emergency Response Team |
CFB | Cipher Feedback |
CHAP | Challenge Handshake Authentication Protocol |
CIO | Chief Information Officer |
CIRT | Computer Incident Response Team |
CIS | Center for Internet Security |
CMS | Content Management System |
COOP | Continuity of Operation Planning |
COPE | Corporate Owned Personal Enabled |
CP | Contingency Planning |
CRC | Cyclical Redundancy Check |
CRL | Certificate Revocation List |
CSO | Chief Security Officer |
CSP | Cloud Service Provider |
CSR | Certificate Signing Request |
CSRF | Cross-Site Request Forgery |
CSU | Channel Service Unit |
CTM | Counter-Mode |
CTO | Chief Technology Officer |
CVE | Common Vulnerabilities and Exposures |
CVSS | Common Vulnerability Scoring System |
CYOD | Choose Your Own Device |
DAC | Discretionary Access Control |
DBA | Database Administrator |
DDoS | Distributed Denial of Service |
DEP | Data Execution Prevention |
DER | Distinguished Encoding Rules |
DES | Digital Encryption Standard |
DHCP | Dynamic Host Configuration Protocol |
DHE | Diffie-Hellman Ephemeral |
DKIM | Domain Keys Identified Mail |
DLL | Dynamic Link Library |
DLP | Data Loss Prevention |
DMARC | Domain Message Authentication Reporting and Conformance |
DMZ | Demilitarized Zone |
DNAT | Destination Network Address Transaction |
DNS | Domain Name Service (Server) |
DNSSEC | Domain Name System Security Extensions |
DoS | Denial of Service |
DPO | Data Privacy Officer |
DRP | Disaster Recovery Plan |
DSA | Digital Signature Algorithm |
DSL | Digital Subscriber Line |
EAP | Extensible Authentication Protocol |
ECB | Electronic Code Book |
ECC | Elliptic Curve Cryptography |
ECDHE | Elliptic Curve Diffie-Hellman Ephemeral |
ECDSA | Elliptic Curve Digital Signature Algorithm |
EDR | Endpoint Detection and Response |
EFS | Encrypted File System |
EOL | End of Life |
EOS | End of Service |
ERP | Enterprise Resource Planning |
ESN | Electronic Serial Number |
ESP | Encapsulated Security Payload |
FACL | File System Access Control List |
FDE | Full Disk Encryption |
FPGA | Field Programmable Gate Array |
FQDN | Fully Qualified Domain Name |
FRR | FALSE Rejection Rate |
FTP | File Transfer Protocol |
FTPS | Secured File Transfer Protocol |
GCM | Galois Counter Mode |
GDPR | General Data Protection Regulation |
GPG | Gnu Privacy Guard |
GPO | Group Policy Object |
GPS | Global Positioning System |
GPU | Graphics Processing Unit |
GRE | Generic Routing Encapsulation |
HA | High Availability |
HDD | Hard Disk Drive |
HIDS | Host-Based Intrusion Detection System |
HIPS | Host-Based Intrusion Prevention System |
HMAC | Hashed Message Authentication Code |
HOTP | HMAC based One Time Password |
HSM | Hardware Security Module |
HTML | HyperText Markup Language |
HTTP | Hypertext Transfer Protocol |
HTTPS | Hypertext Transfer Protocol over SSL/TLS |
HVAC | Heating, Ventilation, Air Conditioning |
IaaS | Infrastructure as a Service |
ICMP | Internet Control Message Protocol |
ICS | Industrial Control Systems |
IDEA | International Data Encryption Algorithm |
IDF | Intermediate Distribution Frame |
IdP | Identity Provider |
IDS | Intrusion Detection System |
IEEE | Institute of Electrical and Electronics Engineers |
IKE | Internet Key Exchange |
IM | Instant Messaging |
IMAP4 | Internet Message Access Protocol v4 |
IoC | Indicators of Compromise |
IoT | Internet of Things |
IP | Internet Protocol |
IPSec | Internet Protocol Security |
IR | Incident Response |
IRC | Internet Relay Chat |
IRP | Incident Response Plan |
ISO | International Organization for Standardization |
ISP | Internet Service Provider |
ISSO | Information Systems Security Officer |
ITCP | IT Contingency Plan |
IV | Initialization Vector |
KDC | Key Distribution Center |
KEK | Key Encryption Key |
L2TP | Layer 2 Tunneling Protocol |
LAN | Local Area Network |
LDAP | Lightweight Directory Access Protocol |
LEAP | Lightweight Extensible Authentication Protocol |
MaaS | Monitoring as a Service |
MAC | Mandatory Access Control |
MAC | Media Access Control |
MAC | Message Authentication Code |
MAM | Mobile Application Management |
MAN | Metropolitan Area Network |
MBR | Master Boot Record |
MD5 | Message Digest 5 |
MDF | Main Distribution Frame |
MDM | Mobile Device Management |
MFA | Multifactor Authentication |
MFD | Multi-Function Device |
MFP | Multi-Function Printer |
MITM | Man in the Middle |
ML | Machine Learning |
MMS | Multimedia Message Service |
MOA | Memorandum of Agreement |
MOU | Memorandum of Understanding |
MPLS | Multi-Protocol Label Switching |
MSA | Measurement Systems Analysis |
MSCHAP | Microsoft Challenge Handshake Authentication Protocol |
MSP | Managed Service Provider |
MSSP | Managed Security Service Provider |
MTBF | Mean Time Between Failures |
MTTF | Mean Time to Failure |
MTTR | Mean Time to Recover |
MTU | Maximum Transmission Unit |
NAC | Network Access Control |
NAS | Network Attached Storage |
NAT | Network Address Translation |
NDA | Non-Disclosure Agreement |
NFC | Near Field Communication |
NFV | Network Functions Virtualization |
NIC | Network Interface Card |
NIDS | Network Based Intrusion Detection System |
NIPS | Network Based Intrusion Prevention System |
NIST | National Institute of Standards & Technology |
NIST RMF | NIST Risk Management Framework |
NTFS | New Technology File System |
NTLM | New Technology LAN Manager |
NTP | Network Time Protocol |
OAUTH | Open Authorization |
OCSP | Online Certificate Status Protocol |
OID | Object Identifier |
OS | Operating System |
OSI | Open Systems Interconnection |
OSINT | Open Source Intelligence |
OSPF | Open Shortest Path First |
OT | Operational Technology |
OTA | Over The Air |
OTG | On The Go |
OVAL | Open Vulnerability Assessment Language |
OWASP | Open Web Application Security Project |
P12 | PKCS #12 |
P2P | Peer to Peer |
PaaS | Platform as a Service |
PAC | Proxy Auto Configuration |
PAM | Privileged Access Management |
PAM | Pluggable Authentication Modules |
PAP | Password Authentication Protocol |
PAT | Port Address Translation |
PBKDF2 | Password Based Key Derivation Function 2 |
PBX | Private Branch Exchange |
PCAP | Packet Capture |
PCI | DSS Payment Card Industry Data Security |
PDU | Power Distribution Unit |
PEAP | Protected Extensible Authentication Protocol |
PED | Personal Electronic Device |
PEM | Privacy Enhanced Mail |
PFS | Perfect Forward Secrecy |
PFX | Personal Information Exchange |
PGP | Pretty Good Privacy |
PHI | Personal Health Information |
PII | Personally Identifiable Information |
PIV | Personal Identity Verification |
PKCS | Public Key Cryptography Standards |
PKI | Public Key Infrastructure |
POP | Post Office Protocol |
POTS | Plain Old Telephone Service |
PPP | Point-to-Point Protocol |
PPTP | Point-to-Point Tunneling Protocol |
PSK | Pre-Shared Key |
PTZ | Pan-Tilt-Zoom |
QA | Quality Assurance |
QoS | Quality of Service |
PUP | Potentially Unwanted Program |
RA | Recovery Agent |
RA | Registration Authority |
RACE | Research and Development in Advanced Communications |
RAD | Rapid Application Development |
RADIUS | Remote Authentication Dial-in User Server |
RAID | Redundant Array of Inexpensive Disks |
RAM | Random Access Memory |
RAS | Remote Access Server |
RAT | Remote Access Trojan |
RC4 | Rivest Cipher version 4 |
RCS | Rich Communication Services |
RFC | Request for Comments |
RFID | Radio Frequency Identifier |
RIPEMD | RACE Integrity Primitives Evaluation Message Digest |
ROI | Return on Investment |
RPO | Recovery Point Objective |
RSA | Rivest, Shamir, & Adleman |
RTBH | Remote Triggered Black Hole |
RTO | Recovery Time Objective |
RTOS | Real-Time Operating System |
RTOS | Real-Time Operating System |
RTP | Real-Time Transport Protocol |
S/MIME | Secure/Multipurpose Internet Mail Extensions |
SaaS | Software as a Service |
SAE | Simultaneous Authentication of Equals |
SAML | Security Assertions Markup Language |
SAN | Storage Area Network |
SAN | Subject Alternative Name |
SCADA | System Control and Data Acquisition |
SCAP | Security Content Automation Protocol |
SCEP | Simple Certificate Enrollment Protocol |
SDK | Software Development Kit |
SDLC | Software Development Life Cycle |
SDLM | Software Development Life-cycle Methodology |
SDN | Software Defined Networking |
SDV | Software Defined Visibility |
SED | Self-Encrypting Drives |
SEH | Structured Exception Handler |
SFTP | Secured File Transfer Protocol |
SHA | Secure Hashing Algorithm |
SHTTP | Secure Hypertext Transfer Protocol |
SIEM | Security Information and Event Management |
SIM | Subscriber Identity Module |
SIP | Session Initiation Protocol |
SLA | Service Level Agreement |
SLE | Single Loss Expectancy |
S/MIME | Secure/Multipurpose Internet Mail Exchanger |
SMS | Short Message Service |
SMTP | Simple Mail Transfer Protocol |
SMTPS | Simple Mail Transfer Protocol Secure |
SNMP | Simple Network Management Protocol |
SOAP | Simple Object Access Protocol |
SOAR | Security Orchestration, Automation, Response |
SoC | System on Chip |
SOC | Security Operations Center |
SPF | Sender Policy Framework |
SPIM | Spam over Internet Messaging |
SQL | Structured Query Language |
SQLi | SQL Injection |
SRTP | Secure Real-Time Protocol |
SSAE SOC 2 Type I/II | Statement on Standards for Attestation Engagements Security Operations Center 2 |
SSD | Solid State Drive |
SSH | Secure Shell |
SSL | Secure Sockets Layer |
SSO | Single Sign On |
STIX | Structured Threat Information eXchange |
STP | Shielded Twisted Pair |
SWG | Secure Web Gateway |
TACACS+ | Terminal Access Controller Access Control System |
TAXII | Trusted Automated eXchange of Indicator Information |
TCP/IP | Transmission Control Protocol/Internet Protocol |
TGT | Ticket Granting Ticket |
TKIP | Temporal Key Integrity Protocol |
TLS | Transport Layer Security |
TOTP | Time-based One Time Password |
TPM | Trusted Platform Module |
TSIG | Transaction Signature |
TTP | Tactics, Techniques, and Procedures |
UAT | User Acceptance Testing |
UAV | Unmanned Aerial Vehicle |
UDP | User Datagram Protocol |
UEFI | Unified Extensible Firmware Interface |
UEM | Unified Endpoint Management |
UPS | Uninterruptable Power Supply |
URI | Uniform Resource Identifier |
URL | Universal Resource Locator |
USB | Universal Serial Bus |
USB | OTG USB On The Go |
UTM | Unified Threat Management |
UTP | Unshielded Twisted Pair |
VBA | Visual Basic |
VDE | Virtual Desktop Environment |
VDI | Virtual Desktop Infrastructure |
VLAN | Virtual Local Area Network |
VLSM | Variable Length Subnet Masking |
VM | Virtual Machine |
VoIP | Voice over IP |
VPC | Virtual Private Cloud |
VPN | Virtual Private Network |
VTC | Video Teleconferencing |
WAF | Web Application Firewall |
WAP | Wireless Access Point |
WEP | Wired Equivalent Privacy |
WIDS | Wireless Intrusion Detection System |
WIPS | Wireless Intrusion Prevention System |
WORM | Write Once Read Many |
WPA | WiFi Protected Access |
WPS | WiFi Protected Setup |
WTLS | Wireless TLS |
XaaS | Anything as a Service |
XML | Extensible Markup Language |
XOR | Exclusive Or |
XSRF | Cross-Site Request Forgery |
XSS | Cross-Site Scripting |
CompTIA Security+ SY0-601
Below are posts that work through the topics listed in the CompTIA Security+ Certification Exam Objectives.