CompTIA Security+ Acronyms

3DES Triple Digital Encryption Standard

AAA Authentication, Authorization, and Accounting

ABAC Attribute-based Access Control

ACL Access Control List

AES Advanced Encryption Standard

ES256 Advanced Encryption Standards 256bit

AH Authentication Header

ALE Annualized Loss Expectancy

AP Access Point

API Application Programming Interface

APT Advanced Persistent Threat

ARO Annualized Rate of Occurrence

ARP Address Resolution Protocol

ASLR Address Space Layout Randomization

ASP Application Service Provider

AUP Acceptable Use Policy

AV Antivirus

BAC Business Availability Center

BCP Business Continuity Planning

BIA Business Impact Analysis

BIOS Basic Input/Output System

BPA Business Partners Agreement

BPDU Bridge Protocol Data Unit

BYOD Bring Your Own Device

CA Certificate Authority

CAC Common Access Card

CAN Controller Area Network

CAPTCHA Completely Automated Public Turing Test to Tell Computers and Humans Apart

CAR Corrective Action Report

CBC Cipher Block Chaining

CCMP Counter-Mode/CBC-Mac Protocol

CCTV Closed-circuit Television

CER Certificate

CERT Computer Emergency Response Team

CFB Cipher Feedback

CHAP Challenge Handshake Authentication Protocol

CIO Chief Information Officer

CIRT Computer Incident Response Team

CMS Content Management System

COOP Continuity of Operations Plan

COPE Corporate Owned, Personally Enabled

CP Contingency Planning

CRC Cyclical Redundancy Check

CRL Certificate Revocation List

CSO Chief Security Officer

CSP Cloud Service Provider

CSR Certificate Signing Request

CSRF Cross-site Request Forgery

CSU Channel Service Unit

CTM Counter-Mode

CTO Chief Technology Officer

CTR CYOD Click-through rate Choose Your Own Device

DAC Discretionary Access Control

DBA Database Administrator

DDoS Distributed Denial of Service

DEP Data Execution Prevention

DER Distinguished Encoding Rules

DES Digital Encryption Standard

DHCP Dynamic Host Configuration Protocol

DHE Data-Handling Electronics

DHE Diffie-Hellman Ephemeral

DLL Dynamic Link Library

DLP Data Loss Prevention

DMZ Demilitarized Zone

DNAT Destination Network Address Transaction

DNS Domain Name Service (Server)

DoS Denial of Service

DRP Disaster Recovery Plan

DSA Digital Signature Algorithm

DSL Digital Subscriber Line

DSU Data Service Unit

EAP Extensible Authentication Protocol

ECB Electronic Code Book

ECC Elliptic Curve Cryptography

ECDHE Elliptic Curve Diffie-Hellman Ephemeral

ECDSA Elliptic Curve Digital Signature Algorithm

EFS Encrypted File System

EMI Electromagnetic Interference

EMP Electro Magnetic Pulse

ERP Enterprise Resource Planning

ESN Electronic Serial Number

ESP Encapsulated Security Payload

FACL File System Access Control List

FDE Full Disk Encryption

FRR False Rejection Rate

FTP File Transfer Protocol

FTPS Secured File Transfer Protocol

GCM Galois Counter Mode

GPG Gnu Privacy Guard

GPO Group Policy Object

GPS Global Positioning System

GPU Graphic Processing Unit

GRE Generic Routing Encapsulation

HA High Availability

HDD Hard Disk Drive

HIDS Host-based Intrusion Detection System

HIPS Host-based Intrusion Prevention System

HMAC Hashed Message Authentication Code

HOTP HMAC-based One-Time Password

HSM Hardware Security Module

HTML Hypertext Markup Language

HTTP Hypertext Transfer Protocol

HTTPS Hypertext Transfer Protocol over SSL/TLS

HVAC Heating, Ventilation and Air Conditioning

IaaS Infrastructure as a Service

ICMP Internet Control Message Protocol

ICS Industrial Control Systems

ID Identification

IDEA International Data Encryption Algorithm

IDF Intermediate Distribution Frame

IdP Identity Provider

IDS Intrusion Detection System

IEEE Institute of Electrical and Electronic Engineers

IKE Internet Key Exchange

IM Instant Messaging

IMAP4 Internet Message Access Protocol v4

IoT Internet of Things

IP Internet Protocol

IPSec Internet Protocol Security

IR Incident Response

IR Infrared

IRC Internet Relay Chat

IRP Incident Response Plan

ISA Interconnection Security Agreement

ISP Internet Service Provider

ISSO Information Systems Security Officer

ITCP IT Contingency Plan

IV Initialization Vector

KDC Key Distribution Center

KEK Key Encryption Key

L2TP Layer 2 Tunneling Protocol

LAN Local Area Network

LDAP Lightweight Directory Access Protocol

LEAP Lightweight Extensible Authentication Protocol

MaaS Monitoring as a Service

MAC Mandatory Access Control

MAC Media Access Control

MAC Message Authentication Code

MAN Metropolitan Area Network

MBR Master Boot Record

MD5 Message Digest 5

MDF Main Distribution Frame

MFD Multi-function Device

MITM Man-in-the-Middle

MMS Multimedia Message Service

MOA Memorandum of Agreement

MOU Memorandum of Understanding

MPLS Multi-protocol Label Switching

MSCHAP Microsoft Challenge Handshake Authentication Protocol

MSP Managed Service Provider

MTBF Mean Time Between Failures

MTTF Mean Time to Failure

MTTR Mean Time to Recover or Mean Time to Repair

MTU Maximum Transmission Unit

NAC Network Access Control

NAT Network Address Translation

NDA Non-disclosure Agreement

NFC Near Field Communication

NIDS Network-based Intrusion Detection System

NIPS Network-based Intrusion Prevention System

NIST National Institute of Standards & Technology

NTFS New Technology File System

NTLM New Technology

LAN Manager

NTP Network Time Protocol

OAUTH Open Authorization

OCSP Online Certificate Status Protocol

OID Object Identifier

OS Operating System

OTA Over The Air OVAL Open Vulnerability Assessment Language

P12 PKCS #12 P2P Peer to Peer PaaS Platform as a Service PAC Proxy Auto Configuration

PAM Pluggable Authentication Modules

PAP Password Authentication Protocol

PAT Port Address Translation

PBKDF2 Password-based Key Derivation Function 2

PBX Private Branch Exchange

PCAP Packet Capture

PEAP Protected Extensible Authentication Protocol

PED Personal Electronic Device

PEM Privacy-enhanced Electronic Mail

PFS Perfect Forward Secrecy

PFX Personal Exchange Format

PGP Pretty Good Privacy

PHI Personal Health Information

PII Personally Identifiable Information

PIV Personal Identity Verification

PKI Public Key Infrastructure

POP Post Office Protocol

POTS Plain Old Telephone Service

PPP Point-to-Point Protocol

PPTP Point-to-Point Tunneling Protocol

PSK Pre-shared Key

PTZ Pan-Tilt-Zoom

RA Recovery Agent

RA Registration Authority

RAD Rapid Application Development

RADIUS Remote Authentication Dial-in User Server

RAID Redundant Array of Inexpensive Disks

RAS Remote Access Server

RAT Remote Access Trojan

RBAC Role-based Access Control

RBAC Rule-based Access Control

RC4 Rivest Cipher version 4

RFID Radio Frequency Identifier

RIPEMD RACE Integrity Primitives Evaluation Message Digest

ROI Return on Investment

RPO Recovery Point Objective

RSA Rivest, Shamir, & Adleman

RTBH Remotely Triggered Black Hole

RTO Recovery Time Objective

RTOS Real-time Operating System

RTP Real-time Transport Protocol

S/MIME Secure/Multipurpose Internet Mail Extensions

SaaS Software as a Service

SAML Security Assertions Markup Language

SAN Storage Area Network

SAN Subject Alternative Name

SCADA System Control and Data Acquisition

SCAP Security Content Automation Protocol

SCEP Simple Certificate Enrollment Protocol

SCSI Small Computer System Interface

SDK Software Development Kit

SDLC Software Development Life Cycle

SDLM Software Development Life Cycle Methodology

SDN Software Defined Network

SED Self-encrypting Drive

SEH Structured Exception Handler

SFTP Secured File Transfer Protocol

SHA Secure Hashing Algorithm

SHTTP Secure Hypertext Transfer Protocol

SIEM Security Information and Event Management

SIM Subscriber Identity Module

SLA Service Level Agreement

SLE Single Loss Expectancy

SMS Short Message Service

SMTP Simple Mail Transfer Protocol

SMTPS Simple Mail Transfer Protocol Secure

SNMP Simple Network Management Protocol

SOAP Simple Object Access Protocol

SoC System on Chip

SPIM Spam over Internet Messaging

SQL Structured Query Language

SRTP Secure Real-Time Protocol

SSD Solid State Drive SSH Secure Shell

SSL Secure Sockets Layer

SSO Single Sign-on

STP Shielded Twisted Pair

TACACS+ Terminal Access Controller Access Control System Plus

TCP/IP Transmission Control Protocol/Internet Protocol

TGT Ticket Granting Ticket

TKIP Temporal Key Integrity Protocol

TLS Transport Layer Security

TOTP Time-based One-time Password

TPM Trusted Platform Module

TSIG Transaction Signature

UAT User Acceptance Testing

UAV Unmanned Aerial Vehicle

UDP User Datagram Protocol

UEFI Unified Extensible Firmware Interface

UPS Uninterruptable Power Supply

URI Uniform Resource Identifier

URL Universal Resource Locator

USB Universal Serial Bus


UTM Unified Threat Management

UTP Unshielded Twisted Pair

VDE Virtual Desktop Environment

VDI Virtual Desktop Infrastructure

VLAN Virtual Local Area Network

VLSM Variable Length Subnet Masking

VM Virtual Machine

VoIP Voice over IP

VPN Virtual Private Network

VTC Video Teleconferencing

WAF Web Application Firewall

WAP Wireless Access Point

WEP Wired Equivalent Privacy

WIDS Wireless Intrusion Detection System

WIPS Wireless Intrusion Prevention System

WORM Write Once Read Many

WPA WiFi Protected Access

WPA2 WiFi Protected Access 2

WPS WiFi Protected Setup

WTLS Wireless TLS

XML Extensible Markup Language

XOR Exclusive Or XSRF Cross-site Request Forgery

XSS Cross-site Scripting

Looking for practice tests and online courses? Visit

Leave a Reply

%d bloggers like this: