click below
click below
Normal Size Small Size show me how
Security+ Organiz
Security+ Flash Cards - Organizational Terms
Term | Definition | Explanation |
---|---|---|
ASP | Application Service Provider | ASP is a business providing computer-based services to customers over a network; such as access to a particular software application using a standard protocol. Also known as SaaS. |
AUP | Acceptable Use Policy | |
AV (2) | Asset Value | |
BAC | Business Availability Center | |
BPA | Business Partners Agreement | |
BYOD | Bring Your Own Device | |
CAC | Common Access Card | |
CAR | Corrective Action Report | |
CERT | Computer Emergency Response Team | |
CIO | Chief Information Officer | |
COPE | Corporate Owned Personally Enabled | |
CSIRT | Computer Security Incident Response Team | |
CSO | Chief Security Officer | |
CSP | Cloud Service Provider | |
CTO | Chief Technology Officer | |
CYOD | Choose Your Own Device | |
DBA | Database Administrator | |
DHE (2) | Data-Handling Electronics | "Data-Handling Electronics is a process that ensures research data is stored, archived or disposed of in a safe and secure manner during and after a research project." |
ERP | Enterprise Resource Planning | |
HVAC | Heating Ventilation and Air Conditioning | |
IaaS | Infrastructure as a Service | "IaaS offers networking, storage, load balancing, routing and VM hosting. Offloads networking infrastructure to the cloud." |
IEEE | Institute of Electrical and Electronics Engineers | |
ISA | Interconnection Security Agreement | "An ISA is a document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities. It includes a variety of descriptive, technical, procedural, and planning information." |
ISSO | Information Systems Security Officer | |
MaaS | Monitoring as a Service | MaaS deploys monitoring in the cloud. |
MDM | Mobile Device Management | |
MOA | Memorandum of Agreement | |
MOU | Memorandum of Understanding | |
MSP | Managed Service Provider | |
NDA | Non-disclosure Agreement | |
NIST | National Institute of Standards & Technology | |
PaaS | Platform as a Service | PaaS provides applications in a virtual environment without the customer bearing the burden of the physical platform costs. VDEs and VDIs are usually part of PaaS. |
PHI | Protected Health Information | PHI is any information in the medical record or designated record set that can be used to identify an individual |
PII | Personally Identifiable Information | |
PIV | Personal Identity Verification | A personal identity verification (PIV) card is a United States Federal smart card that contains the necessary data for the cardholder to be granted to Federal facilities and information systems and assure appropriate levels of security for all applicable Federal applications. |
RAD | Rapid Application Development | "RAD is a form of Agile software development methodology. Unlike Waterfall methods, RAD emphasizes working software and user feedback over strict planning and requirements recording. In other words, RAD is less talk, more action, and lots of testing." |
ROI | Return on Investment | |
SaaS | Software as a Service | SaaS provides users access to applications via a third party. Applications can run in a web browser or could use screen sharing or remote desktop to provide access to the applications. |
SCAP | Security Content Automation Protocol | "SCAP is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization" |
SLA | Service Level Agreement | |
UTM | Unified Threat Management | |
SOX | Sarbanes-Oxley | Governs the disclosure of financial and accounting information. Cracks down on corporate fraud. Enacted 2002. |
HIPAA | Health Insurance Portability and Accounting Act | Governs the disclosure and protection of health information. Enacted 1996. |
GLB | Gramm-Leach-Bliley Act | Regulates the collection and disclosure of private financial information; financial institutions must protect such information; and prohibits pretexting. Enacted 1999. |
HAVA | Help America Vote Act | Governs the security and integrity of personal information related to electronic voting systems. Enacted 2002. |