click below
click below
Normal Size Small Size show me how
Acronym
CISSP acronyms
Question | Answer |
---|---|
ISO/IEC | International Standards Organization and International Electrotechnical Commision |
ISMS | Information Security Management System |
TOGAF | The Open Group Architecture Framework |
DoDAF | Department of Defense Architecture Framework |
MODAF | Ministry of Defense Architecture Framework |
SABSA | Sherwood Applied Business Security Architecture |
COBIT | Control Objectives for Information and related Technology |
ITIL | Information Technology Infrastructure Library |
CMMI | Capability Maturity Model Integration |
COSO | Committee Of Sponsoring Organizations |
OCTAVE | Operationally Critical Threat, Asset and Vulnerability Evaluation |
FERPA | Family Education Rights and Privacy Act |
GLBA | Graham, Leach, Bailey |
HIPAA | Health Insurance and Portability Accoutability Act |
HITECH | Health Insurance Technology for Economic and Clinical Health Act |
STRIDE | Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege...approach to threat modeling that was introduced in 1999 at Microsoft |
PASTA | Process for Attack Simulation and Threat Analysis ... methodology intended to provide an attacker-centric view of the application and infrastructure from which defenders can develop an asset-centric mitigation strategy. |
VAST | Visual, Agile, and Simple Threat modeling...principle of this methodology is the necessity of scaling the threat modeling process across the infrastructure and entire SDLC, and integrating it seamlessly into an Agile software development methodology. |
PASS | Pull, Aim, Squeeze, and Sweep |
EULA | End User License Agreement |
WS-Authorization | Web Services Authorization |
DREAD | Disaster, Reproducibility, Exploitability, Affected Users, and Discoverability |
CRM | Customer Relationship Management |