Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security+ Acronyms

Acronyms and abbreviations for the Security+ SY0-501 exam

AbbreviationDescriptionDetails
3DES Triple Digital Encryption Standard
AAA Authentication, Authorization and Accounting
ABAC Attribute-based Access Control
ACL Access Control List
AES Advanced Encryption Standard
AES256 Advanced Encryption Standard 256-bit
AH Authentication Header
ALE Annualized Loss Expectancy
AP Access Point
API Application Programming Interface
APT Advanced Persistent Threat
ARO Annualized Rate of Occurrence
ARP Address Resolution Protocol
ASLR Address Space Layout Randomization ASLR helps prevent exploitation of memory by randomly arranging the memory locations used by a program or process.
ASP Application Service Provider ASP is a business providing computer-based services to customers over a network; such as access to a particular software application using a standard protocol. Also known as SaaS.
AUP Acceptable Use Policy
AV (2) Antivirus or Asset Value
BAC Business Availability Center
BCP Business Continuity Plan BCP identifies critical systems and components that need to be protected. Defines how the business will continue to operate if a disaster occurs. Also known as a COOP.
BIA Business Impact Analysis
BIOS Basic Input/Output System
BPA Business Partners Agreement
BPDU Bridge Protocol Data Unit
BYOD Bring Your Own Device
CA Certificate Authority
CAC Common Access Card
CAN Controller Area Network
CAPTCHA Completely Automated Public Turing test to tell Computers and Humans Apart
CAR Corrective Action Report
CBC Cipher Block Chaining
CCMP Counter-mode CBC-MAC Protocol Counter-mode Cipher Block Chaining Message Authentication Code Protocol - Used with WPA2. Cryptographic encapsulation method that is more secure than WEP and TKIP of WPA.
CCTV Closed-circuit Television
CER (2) Cross-over Error Rate or Canonical Encoding Rules Cross-over Error Rate = Where the false acceptance rate and false rejection rate are equal. Canonical Encoding Rules = Certificate information is stored in a base-64 encoded X.509 certificate format in an ASCII file.
CERT Computer Emergency Response Team
CFB Cipher Feedback CFB is a close relative of CBC, and makes a block cipher into a self-synchronizing stream cipher. Operation is very similar; in particular, CFB decryption is almost identical to CBC encryption performed in reverse:
CHAP Challenge Handshake Authentication Protocol
CIO Chief Information Officer
CIRT Computer Incident Response Team
CMS Content Management System CMS is a software application or set of related programs that are used to create and manage digital content. Examples are: Joomla, Drupal, and Squarespace.
COOP Continuity of Operations Plan Also known as a BCP. Defines how the business will continue to operate if a disaster occurs.
COPE Corporate Owned Personally Enabled
CP Contingency Planning
CRC Cyclical Redundancy Check
CRL Certificate Revocation List
CSIRT Computer Security Incident Response Team
CSO Chief Security Officer
CSP Cloud Service Provider
CSR Certificate Signing Request A CSR is a request submitted to a CA for a digital certificate.
CSRF Cross-site Request Forgery
CSU Channel Service Unit
CTM Counter-Mode
CTO Chief Technology Officer
CTR Mode Counter Mode Counter mode is a block cipher mode that works similar to a stream cipher.
CYOD Choose Your Own Device
DAC Discretionary Access Control
DBA Database Administrator
DDoS Distributed Denial of Service
DEP Data Execution Prevention DEP is a system-level memory protection feature built into the Windows operating system. DEP marks pages of memory as non-executable. This means code cannot be run from those regions of memory. This makes it harder for buffer overruns to occur through exploitation.
DER Distinguished Encoding Rules A DER certificate is stored in a binary file format. In LDAP, DER gives exactly one way to represent any ASN.1 value as an Octet String.
DES Digital Encryption Standard
DFIR Digital Forensics and Incident Response
DHCP Dynamic Host Configuration Protocol
DHE (2) Diffie-Hellman Ephemeral or Data-Handling Electronics Diffie-Hellman Ephemeral uses temporary public keys. Data-Handling Electronics is a process that ensures research data is stored, archived or disposed of in a safe and secure manner during and after a research project.
DLL Dynamic Link Library
DLP Data Loss Prevention
DMZ Demilitarized Zone
DNAT Destination Network Address Translation DNAT is also known as port forwarding
DNS Domain Name Service (Server)
DoS Denial of Service
DRP Disaster Recovery Plan A DRP is a disaster recovery strategy describing how the company will recover with minimal lost time and money.
DSA Digital Signature Algorithm
DSL Digital Subscriber Line
DSU Data Service Unit
EAP Extensible Authentication Protocol
ECB Electronic Code Book
ECC Elliptic Curve Cryptography
ECDHE Elliptic Curve Diffie-Hellman Ephemeral Variant of Diffie-Hellman Ephemeral (DHE) that uses elliptic curve cryptography, which uses less computational power.
ECDSA Elliptic Curve Digital Signature Algorithm
EFS Encrypted File System
EMI Electromagnetic Interference
EMP Electro Magnetic Pulse
ERP Enterprise Resource Planning
ESN Electronic Serial Number The ESN is a unique identification number embedded by manufacturers on a microchip in wireless phones. The ESN is automatically transmitted to a base station when a call is made. The carrier's mobile switching office then detects the ESN and checks the validity of the call to prevent fraud.
ESP Encapsulated Security Payload
EF Exposure Factor Exposure factor is the subjective, potential percentage of loss to a specific asset if a specific threat is realized. The exposure factor is a subjective value that the person assessing risk must define.
FACL File System Access Control List
FAR FALSE Acceptance Rate
FDE Full Disk Encryption
FRR FALSE Rejection Rate
FTP File Transfer Protocol
FTPS File Transfer Protocol over SSL FTPS is different from SSH File Transfer Protocol - SFTP
GCM Galois Counter Mode GCM is a mode of operation for symmetric-key cryptographic block ciphers that has been widely adopted because of its efficiency and performance.
GPG GNU Privacy Guard GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories.
GPO Group Policy Object
GPS Global Positioning System
GPU Graphic Processing Unit
GRE Generic Routing Encapsulation
HA High Availability
HDD Hard Disk Drive
HIDS Host-based Intrusion Detection System
HIPS Host-based Intrusion Prevention System
HMAC Hashed Message Authentication Code
HOTP HMAC-based One-Time Password HMAC-based One-time Password algorithm (HOTP) is a one-time password (OTP) algorithm based on hash-based message authentication codes (HMAC). It is a cornerstone of the Initiative for Open Authentication (OAuth).
HSM Hardware Security Module
HTML Hypertext Markup Language
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol over SSL/TLS
HVAC Heating Ventilation and Air Conditioning
IaaS Infrastructure as a Service IaaS offers networking, storage, load balancing, routing and VM hosting. Offloads networking infrastructure to the cloud.
ICMP Internet Control Message Protocol
ICS Industrial Control Systems
ID Identification
IDEA International Data Encryption Algorithm
IDF Intermediate Distribution Frame
IdP Identity Provider
IDS Intrusion Detection System
IEEE Institute of Electrical and Electronics Engineers
IIS Internet Information Services IIS for Windows® Server is a flexible, secure and manageable Web server.
IKE Internet Key Exchange
IM Instant Messaging
IMAP4 Internet Message Access Protocol v4
IoT Internet of Things
IP Internet Protocol
IPSec Internet Protocol Security IPSec is an IETF standard suite of protocols between two communication points across the IP network that provide data authentication, integrity, and confidentiality. It also defines the encrypted, decrypted and authenticated packets.
IR Incident Response or Incident Report
IRC Internet Relay Chat
IRP Incident Response Plan
ISA Interconnection Security Agreement An ISA is a document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities. It includes a variety of descriptive, technical, procedural, and planning information.
ISP Internet Service Provider
ISSO Information Systems Security Officer
ITCP IT Contingency Plan ITCP describes alternate procedures for disruptions of service
IV Initialization Vector
KDC Key Distribution Center
KEK Key Encryption Key
L2TP Layer 2 Tunneling Protocol
LAN Local Area Network
LDAP Lightweight Directory Access Protocol
LEAP Lightweight Extensible Authentication Protocol
MaaS Monitoring as a Service MaaS deploys monitoring in the cloud.
MAC (3) Mandatory Access Control or Media Access Control or Message Authentication Code
MAN Metropolitan Area Network
MBR Master Boot Record
MD5 Message Digest 5
MDF Main Distribution Frame
MDM Mobile Device Management
MFA Multi-Factor Authentication
MFD Multi-Function Device
MITM Man-in-the-Middle
MMS Multimedia Message Service
MOA Memorandum of Agreement
MOU Memorandum of Understanding
MPLS Multi-Protocol Label Switching
MSCHAP Microsoft Challenge Handshake Authentication Protocol
MSP Managed Service Provider
MTBF Mean Time Between Failures
MTTF Mean Time to Failure
MTTR (2) Mean Time to Recover or Mean Time to Repair
MTU Maximum Transmission Unit
NAC Network Access Control
NAT Network Address Translation
NDA Non-disclosure Agreement
NFC Near Field Communication
NGAC Next Generation Access Control
NIDS Network-based Intrusion Detection System
NIPS Network-based Intrusion Prevention System
NIST National Institute of Standards & Technology
NTFS New Technology File System
NTLM New Technology LAN Manager
NTP Network Time Protocol
OAUTH Open Authorization OAuth is an open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications without sharing the initial logon credential.
OCSP Online Certificate Status Protocol OCSP is used to determine the state of an identified certificate. The OCSP client and the OCSP responder exchange information about whether a certificate is valid or revoked.
OID Object Identifier
OS Operating System
OTA Over The Air
OVAL Open Vulnerability and Assessment Language Protocol to standardize the transfer of security content information across the entire spectrum of security tools and services.
PKCS #12 Public Key Cryptography Standards #12 Defines a file format commonly used to store private keys with accompanying public key certificates, protected with a password-based symmetric key. -- .p12 and .pfx are file extensions
P2P Peer to Peer
PaaS Platform as a Service PaaS provides applications in a virtual environment without the customer bearing the burden of the physical platform costs. VDEs and VDIs are usually part of PaaS.
PAC Proxy Auto Configuration A PAC file defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL.
PAM Pluggable Authentication Modules A mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API).
PAP Password Authentication Protocol
PAT Port Address Translation
PBKDF2 Password-based Key Derivation Function 2 PBKDF2 applies a pseudorandom function to the input password along with a salt and repeats the process to produce a derived key, which can be used as a cryptographic key in subsequent operations. a/k/a key stretching
PBX Private Branch Exchange
PCAP Packet Capture .pcap is the Wireshark filename extension for packet captures.
PEAP Protected Extensible Authentication Protocol PEAP encapsulates the Extensible Authentication Protocol (EAP) within an encrypted and authenticated Transport Layer Security (TLS) tunnel.
PED Portable Electronic Device Examples of PEDs are: Examples are laptop computers, tablets, e-readers, smartphones, MP3 players, drones and electronic toys.
PEM Privacy-Enhanced Mail Privacy-Enhanced Mail (PEM) is an Internet standard that provides for secure exchange of electronic mail. PEM employs a range of cryptographic techniques to allow for confidentiality, sender authentication, and message integrity.
PFS Perfect Forward Secrecy
PFX Personal Information Exchange Binary format to store a server certificate, intermediate certificates and private key in one file. Used to import and export certs and private keys. -- .p12 and .pfx are filename extensions.
PGP Pretty Good Privacy
PHI Protected Health Information PHI is any information in the medical record or designated record set that can be used to identify an individual
PII Personally Identifiable Information
PIV Personal Identity Verification A personal identity verification (PIV) card is a United States Federal smart card that contains the necessary data for the cardholder to be granted to Federal facilities and information systems and assure appropriate levels of security for all applicable Federal applications.
PKI Public Key Infrastructure
POODLE Padding Oracle On Downgrade Legacy Encryption POODLE is a man-in-the-middle exploit found in 2014 which takes advantage of Internet and security software clients' backward compatibility to SSL 3.0.
POP Post Office Protocol
POTS Plain Old Telephone Service
PPP Point-to-Point Protocol
PPTP Point-to-Point Tunneling Protocol
PSK Pre-shared Key
PTZ Pan-Tilt-Zoom
RA (2) Recovery Agent or Registration Authority A Recovery Agent is someone who is permitted to decrypt another user's data in case of emergency. A Registration Authority authenticates the entity making the request for a digital certificate. Sometimes called a subordinate CA.
RAD Rapid Application Development RAD is a form of Agile software development methodology. Unlike Waterfall methods, RAD emphasizes working software and user feedback over strict planning and requirements recording. In other words, RAD is less talk, more action, and lots of testing.
RADIUS Remote Authentication Dial-in User Server
RAID Redundant Array of Independent Drives (Disks)
RAS Remote Access Server
RAT Remote Access Trojan
RBAC Role-based Access Control or Rule-based Access Control
RC4 Rivest Cipher version 4
RDP Remote Desktop Protocol
RFID Radio Frequency Identifier
RIPEMD RACE Integrity Primitives Evaluation Message Digest RACE = Research and development in Advanced Communications technologies in Europe
ROI Return on Investment
RMF Risk Management Framework
RPO Recovery Point Objective
RSA Rivest, Shamir and Adelman
RTBH Remotely Triggered Black Hole Routing technique to drop undesirable traffic (into a black hole) before it enters the protected network.
RTO Recovery Time Objective
RTOS Real-time Operating System
RTP Real-time Transport Protocol
S/MIME Secure/Multipurpose Internet Mail Extensions
SaaS Software as a Service SaaS provides users access to applications via a third party. Applications can run in a web browser or could use screen sharing or remote desktop to provide access to the applications.
SAML Security Assertions Markup Language SAML is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. Primarily used for web browser single sign-on
SAN (2) Storage Area Network or Subject Alternative Name A storage area network is a computer network which provides access to consolidated, block-level data storage. A Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate. Alternative names include: Email addresses, IP addresses, URLs, and DNS names
SCADA System Control and Data Acquisition A SCADA system refers to the computer and software responsible for communicating with the field connection controllers, like PLCs and HMI software running on operator workstations.
SCAP Security Content Automation Protocol SCAP is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization
SCEP Simple Certificate Enrollment Protocol SCEP allows you to securely issue certificates to large numbers of network devices using an automatic enrollment technique.
SCP Secure Copy SCP uses Secure Shell (SSH) for data transfer and authentication. SCP runs over TCP port 22 by default.
SCSI Small Computer System Interface
SDK Software Development Kit
SDLC Software Development Life Cycle
SDLM Software Development Life Cycle Methodology
SDN Software Defined Network
SED Self-encrypting Drive
SEH Structured Exception Handling Structured exception handling is a mechanism for handling both hardware and software exceptions. Structured exception handling enables the programmer to have complete control over the handling of exceptions and provides support for debuggers.
SFTP SSH File Transfer Protocol SFTP is different from FTP over SSL (FTPS)
SHA Secure Hashing Algorithm
SHTTP Secure Hypertext Transfer Protocol
SIEM Security Information and Event Management
SIM Subscriber Identity Module
SLA Service Level Agreement
SLE Single Loss Expectancy
SMB Server Message Block
SMS Short Message Service
SMTP Simple Mail Transfer Protocol
SMTPS Simple Mail Transfer Protocol Secure
SNMP Simple Network Management Protocol
SOAP Simple Object Access Protocol SOAP allows processes running on disparate operating systems (such as Windows and Linux) to communicate using Extensible Markup Language (XML).
SoC System on a Chip Integrates a CPU, graphics, RAM and data storage on an integrated circuit board. A smartwatch and a Raspberry Pi are examples.
SPF Sender Policy Framework Email authentication method designed to detect the forging of sender addresses during the delivery of the email.
SPIM Spam over Internet Messaging
SPoF Single Point of Failure
SQL Structured Query Language
SRTP Secure Real-Time Transport Protocol Provides confidentiality, message authentication, and replay protection to the RTP traffic and to the control traffic for RTP, the Real-time Transport Control Protocol (RTCP).
SSD Solid State Drive
SSH Secure Shell
SSID Service Set Identifier
SSL Secure Sockets Layer
SSO Single Sign-on
STP (2) Shielded Twisted Pair or Spanning-Tree Protocol
TACACS+ Terminal Access Controller Access Control System Plus
TCP/IP Transmission Control Protocol/Internet Protocol
TGT Ticket Granting Ticket
TKIP Temporal Key Integrity Protocol
TLS Transport Layer Security
TOTP Time-based One-time Password
TPM Trusted Platform Module
TSIG Transaction Signature
UAT User Acceptance Testing
UAV Unmanned Aerial Vehicle
UDP User Datagram Protocol
UEFI Unified Extensible Firmware Interface
UPS Uninterruptable Power Supply
URI Uniform Resource Identifier An URL is a specific type of URI, but they basically mean the same thing.
URL Universal Resource Locator
USB Universal Serial Bus
USB OTG USB On The Go
UTM Unified Threat Management
UTP Unshielded Twisted Pair
VDE Virtual Desktop Environment
VDI Virtual Desktop Infrastructure
VLAN Virtual Local Area Network
VLSM Variable Length Subnet Masking
VM Virtual Machine
VoIP Voice over IP
VPN Virtual Private Network
VTC Video Teleconferencing
WAF Web Application Firewall A WAF is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers.
WAP Wireless Access Point
WEP Wired Equivalent Privacy
WIDS Wireless Intrusion Detection System
WIPS Wireless Intrusion Prevention System
WORM Write Once Read Many
WPA WiFi Protected Access
WPA2 WiFi Protected Access 2
WPS WiFi Protected Setup
WTLS Wireless TLS
XML Extensible Markup Language
XOR Exclusive Or
XSRF Cross-site Request Forgery
XSS Cross-site Scripting
PKCS Public Key Cryptography Standards Public-key cryptography standards devised and published by RSA Security LLC, starting in the early 1990s.
RCE Remote Code Execution a/k/a Arbitrary Code Execution - executing commands on a remote computer via a vulnerability.
RAID 0 Striping Data striped across multiple disks. No redundancy.
RAID 1 Mirroring Data copied to two or more disks.
RAID 6 Striping with dual parity Data is striped across multiple disks. Two sets of parity info is striped across each disk.
RAID 1+0 Stripe of Mirrors Minimum of four disks. Contains at least two RAID 1 mirrors that are also striped.
REST API REpresentational State Transfer Web services that conform to the REST architectural style, called RESTful Web services (RWS), provide interoperability between computer systems on the Internet. OpenID works with OAuth and supports REST.
Type 1 Authentication Something you know
Type 2 Authentication Something you have
Type 3 Authentication Something you are
RAID 5 Striping with parity Data is striped across multiple disks. Parity info is also striped across each disk.
GPT GUID Partition Table Replacement for MBR. Necessary for partitions larger than 2 TB. GUID = Globally Unique IDentifier.
GUID Globally Unique IDentifier 128-bit distinctive reference number
SOX Sarbanes-Oxley Governs the disclosure of financial and accounting information. Cracks down on corporate fraud. Enacted 2002.
HIPAA Health Insurance Portability and Accounting Act Governs the disclosure and protection of health information. Enacted 1996.
GLB Gramm-Leach-Bliley Act Regulates the collection and disclosure of private financial information; financial institutions must protect such information; and prohibits pretexting. Enacted 1999.
HAVA Help America Vote Act Governs the security and integrity of personal information related to electronic voting systems. Enacted 2002.
SPI Stateful Packet Inspection The firewall monitors active communications passing through it to decide which packets are permitted or denied.
ANT Adaptive Network Topology Wireless technology generally used for fitness and health sensors that can spend long periods in low-power mode and activate briefly during reception and transmission.
DAMP Database Activity Monitoring and Prevention Provides privileged user and application access monitoring that is independent of native database logging and audit functions and can block unauthorized activities.
PIA Privacy Impact Assessment Often included in a BIA, the PIA identifies and mitigates privacy risks.