Security Plus + 701 Acronyms +
Definitions
AAA - answer Authentication, Authorization, and Accounting: AAA refers to a security
framework that encompasses Authentication, Authorization, and Accounting, commonly
used in computer systems and networks to control access and monitor activities.
ACL - answerAccess Control List:ACL is a list of rules specifying which users or system
processes are granted access to objects, as well as what operations are allowed on
given objects.
AES - answerAdvanced Encryption Standard:AES is a widely used encryption algorithm
that ensures secure communication by protecting sensitive data through advanced
cryptographic techniques.
AES-256 - answerAdvanced Encryption Standards 256-bit:AES-256 is a specific
implementation of the Advanced Encryption Standard using a 256-bit key size, providing
a high level of security.
AH - answerAuthentication Header:AH is a protocol used in IP networking to provide
connectionless integrity and data origin authentication for IP datagrams.
AI - answerArtificial Intelligence:AI refers to the development of computer systems that
can perform tasks that typically require human intelligence, such as visual perception,
speech recognition, and decision-making.
AIS - answerAutomated Indicator Sharing:AIS is a system that enables the automated
exchange of cyber threat indicators and defensive measures among organizations.
ALE - answerAnnualized Loss Expectancy:ALE is a risk management metric that
represents the expected financial loss from a security incident in a year.
AP - answerAccess Point:An Access Point is a device that allows wireless
communication devices to connect to a wired network using Wi-Fi or related standards.
API - answerApplication Programming Interface:API is a set of rules and tools for
building software applications, allowing different software systems to communicate with
each other.
APT - answerAdvanced Persistent Threat:APT is a type of cyber attack where an
unauthorized user gains access to a network and remains undetected for an extended
period, often with the goal of stealing sensitive data.
,ARO - answerAnnualized Rate of Occurrence:ARO is a risk management metric
representing the estimated frequency of a specific threat occurring in a year.
ARP - answerAddress Resolution Protocol:ARP is a protocol used to map an IP
address to a physical machine address (MAC address) on a local network.
ASLR - answerAddress Space Layout Randomization:ASLR is a security technique that
randomizes the memory addresses used by system components, making it harder for
attackers to predict target locations.
ATT&CK - answerAdversarial Tactics, Techniques, and Common Knowledge:ATT&CK
is a framework for understanding the actions and behaviors of cyber adversaries,
providing valuable insights for threat intelligence and defense strategies.
AUP - answerAcceptable Use Policy:AUP is a set of rules and guidelines outlining the
acceptable ways individuals may use computing and network resources within an
organization.
AV - answerAntivirus:Antivirus refers to software designed to detect, prevent, and
remove malicious software (malware) from computer systems.
BASH - answerBourne Again Shell:BASH is a Unix shell and command language,
commonly used as the default shell on many Linux distributions.
BCP - answerBusiness Continuity Planning:BCP is a process that outlines the
necessary steps an organization must take to ensure its critical functions continue
during and after a disaster.
BGP - answerBorder Gateway Protocol:BGP is a standardized exterior gateway
protocol used to exchange routing and reachability information among autonomous
systems on the internet.
BIA - answerBusiness Impact Analysis:BIA is a process that identifies and evaluates the
potential impact of disruptions to critical business operations.
BIOS - answerBasic Input/Output System:BIOS is a firmware used to perform hardware
initialization during the booting process and provide runtime services for operating
systems.
BPA - answerBusiness Partners Agreement:BPA is a formal agreement between
business partners that outlines the terms and conditions of their collaboration.
BPDU - answerBridge Protocol Data Unit:BPDU is a frame exchanged between bridges
(network switches) to detect loops in a network topology using the spanning tree
protocol.
, BYOD - answerBring Your Own Device:BYOD is a policy that allows employees to use
their personal devices (laptops, smartphones) for work purposes, creating challenges
for IT security.
CA - answerCertificate Authority:CA is a trusted entity that issues digital certificates,
verifying the identities of individuals, organizations, or devices.
CAPTCHA - answerCompletely Automated Public Turing Test to Tell Computers and
Humans Apart:CAPTCHA is a security measure used to distinguish between human
and automated access to websites by presenting challenges that are easy for humans
but difficult for machines to solve.
CAR - answerCorrective Action Report:CAR is a document that outlines actions taken to
correct identified non-conformities or deficiencies in a process or system.
CASB - answerCloud Access Security Broker:CASB is a security solution that helps
organizations extend their security policies to the cloud, providing visibility and control
over data in cloud applications.
CBC - answerCipher Block Chaining:CBC is a mode of operation for block ciphers,
where each block of plaintext is XORed with the previous ciphertext block before
encryption.
CCMP - answerCounter Mode/CBC-MAC Protocol:CCMP is an encryption protocol
used in Wi-Fi networks, providing confidentiality and integrity using the Counter mode
with CBC-MAC.
CCTV - answerClosed-circuit Television:CCTV is a system where video cameras
transmit signals to a specific set of monitors, used for surveillance and security
purposes.
CERT - answerComputer Emergency Response Team:CERT is a group of information
security experts responsible for protecting an organization from cyber threats and
responding to incidents.
CFB - answerCipher Feedback:CFB is a mode of operation for block ciphers, where
each ciphertext block is fed back into the encryption algorithm to encrypt the next block
of plaintext.
CHAP - answerChallenge Handshake Authentication Protocol:CHAP is a security
protocol used in Point-to-Point Protocol (PPP) for authenticating users.
CIA - answerConfidentiality, Integrity, Availability:CIA is a security model that represents
the core principles of information security: Confidentiality, Integrity, and Availability.
Definitions
AAA - answer Authentication, Authorization, and Accounting: AAA refers to a security
framework that encompasses Authentication, Authorization, and Accounting, commonly
used in computer systems and networks to control access and monitor activities.
ACL - answerAccess Control List:ACL is a list of rules specifying which users or system
processes are granted access to objects, as well as what operations are allowed on
given objects.
AES - answerAdvanced Encryption Standard:AES is a widely used encryption algorithm
that ensures secure communication by protecting sensitive data through advanced
cryptographic techniques.
AES-256 - answerAdvanced Encryption Standards 256-bit:AES-256 is a specific
implementation of the Advanced Encryption Standard using a 256-bit key size, providing
a high level of security.
AH - answerAuthentication Header:AH is a protocol used in IP networking to provide
connectionless integrity and data origin authentication for IP datagrams.
AI - answerArtificial Intelligence:AI refers to the development of computer systems that
can perform tasks that typically require human intelligence, such as visual perception,
speech recognition, and decision-making.
AIS - answerAutomated Indicator Sharing:AIS is a system that enables the automated
exchange of cyber threat indicators and defensive measures among organizations.
ALE - answerAnnualized Loss Expectancy:ALE is a risk management metric that
represents the expected financial loss from a security incident in a year.
AP - answerAccess Point:An Access Point is a device that allows wireless
communication devices to connect to a wired network using Wi-Fi or related standards.
API - answerApplication Programming Interface:API is a set of rules and tools for
building software applications, allowing different software systems to communicate with
each other.
APT - answerAdvanced Persistent Threat:APT is a type of cyber attack where an
unauthorized user gains access to a network and remains undetected for an extended
period, often with the goal of stealing sensitive data.
,ARO - answerAnnualized Rate of Occurrence:ARO is a risk management metric
representing the estimated frequency of a specific threat occurring in a year.
ARP - answerAddress Resolution Protocol:ARP is a protocol used to map an IP
address to a physical machine address (MAC address) on a local network.
ASLR - answerAddress Space Layout Randomization:ASLR is a security technique that
randomizes the memory addresses used by system components, making it harder for
attackers to predict target locations.
ATT&CK - answerAdversarial Tactics, Techniques, and Common Knowledge:ATT&CK
is a framework for understanding the actions and behaviors of cyber adversaries,
providing valuable insights for threat intelligence and defense strategies.
AUP - answerAcceptable Use Policy:AUP is a set of rules and guidelines outlining the
acceptable ways individuals may use computing and network resources within an
organization.
AV - answerAntivirus:Antivirus refers to software designed to detect, prevent, and
remove malicious software (malware) from computer systems.
BASH - answerBourne Again Shell:BASH is a Unix shell and command language,
commonly used as the default shell on many Linux distributions.
BCP - answerBusiness Continuity Planning:BCP is a process that outlines the
necessary steps an organization must take to ensure its critical functions continue
during and after a disaster.
BGP - answerBorder Gateway Protocol:BGP is a standardized exterior gateway
protocol used to exchange routing and reachability information among autonomous
systems on the internet.
BIA - answerBusiness Impact Analysis:BIA is a process that identifies and evaluates the
potential impact of disruptions to critical business operations.
BIOS - answerBasic Input/Output System:BIOS is a firmware used to perform hardware
initialization during the booting process and provide runtime services for operating
systems.
BPA - answerBusiness Partners Agreement:BPA is a formal agreement between
business partners that outlines the terms and conditions of their collaboration.
BPDU - answerBridge Protocol Data Unit:BPDU is a frame exchanged between bridges
(network switches) to detect loops in a network topology using the spanning tree
protocol.
, BYOD - answerBring Your Own Device:BYOD is a policy that allows employees to use
their personal devices (laptops, smartphones) for work purposes, creating challenges
for IT security.
CA - answerCertificate Authority:CA is a trusted entity that issues digital certificates,
verifying the identities of individuals, organizations, or devices.
CAPTCHA - answerCompletely Automated Public Turing Test to Tell Computers and
Humans Apart:CAPTCHA is a security measure used to distinguish between human
and automated access to websites by presenting challenges that are easy for humans
but difficult for machines to solve.
CAR - answerCorrective Action Report:CAR is a document that outlines actions taken to
correct identified non-conformities or deficiencies in a process or system.
CASB - answerCloud Access Security Broker:CASB is a security solution that helps
organizations extend their security policies to the cloud, providing visibility and control
over data in cloud applications.
CBC - answerCipher Block Chaining:CBC is a mode of operation for block ciphers,
where each block of plaintext is XORed with the previous ciphertext block before
encryption.
CCMP - answerCounter Mode/CBC-MAC Protocol:CCMP is an encryption protocol
used in Wi-Fi networks, providing confidentiality and integrity using the Counter mode
with CBC-MAC.
CCTV - answerClosed-circuit Television:CCTV is a system where video cameras
transmit signals to a specific set of monitors, used for surveillance and security
purposes.
CERT - answerComputer Emergency Response Team:CERT is a group of information
security experts responsible for protecting an organization from cyber threats and
responding to incidents.
CFB - answerCipher Feedback:CFB is a mode of operation for block ciphers, where
each ciphertext block is fed back into the encryption algorithm to encrypt the next block
of plaintext.
CHAP - answerChallenge Handshake Authentication Protocol:CHAP is a security
protocol used in Point-to-Point Protocol (PPP) for authenticating users.
CIA - answerConfidentiality, Integrity, Availability:CIA is a security model that represents
the core principles of information security: Confidentiality, Integrity, and Availability.
