| AAA |
Authentication, Authorization, and Accounting. Centralized authentication that records those that login for billing and audit purposes. |
| ABAC |
Attribute-based Access Control. Access control method that relies on an attribute that is unique to the person. |
| ACL |
Access Control List. A list of those allowed or denied access with the relevant permissions. |
| AD |
Active Directory. A directory service created by Microsoft that authenticated and authorized users in a Windows Domain Environment. |
| AES |
Advanced Encryption Standard. A symmetric encryption standard that works in blocks of 128, 192, or 256 bit. |
| Agile |
A software development model that focuses on flexibility, speed, and customer satisfaction. |
| AH |
Authentication Header. An IPSec protocol that provides integrity of an IPSec packet using SHA1 or MD5. |
| AI |
Artificial Intelligence. Developing a computer system so that it can think like a human when making decisions. |
| Airgap |
Network isolation where the host has no network connections. |
| AIS |
Automated Indicator Sharing. Department of Homeland Security threat intelligence feed. |
| ALE |
Annualized Loss Expectancy. Projected annual loss calculated using the formula SLE x ARO. |
| AP |
Access Point. Connects wireless devices to a wireless network. |
| API |
Application Programming Interface. Enables software developers to connect applications to an operating system. |
| APT |
Advanced Persistent Threat. An attacker who is well-funded, well-organized, and sophisticated. |
| ARO |
Annualized Rate of Occurrence. The number of times a loss will be incurred in a year. |
| ARP |
Address Resolution Protocol. A protocol that maps IP addresses to MAC addresses. |
| ARP Poisoning |
Redirects an IP Address to a MAC address that was not the intended target. |
| ATT&CK |
Adversarial Tactics, Techniques, and Common Knowledge. A database maintained by MITRE listing the security threats, with their tactics and techniques. |
| AUP |
Acceptable Use Policy. Informs individuals of what actions they are allowed to conduct themselves whilst using computer systems. |
| AV |
Antivirus. A solution to prevent a computer being attacked by a virus. |
| BASH |
Bourne Again Shell. This is a command shell and scripting language for automating tasks in Linux. |
| BCP |
Business Continuity Planning. A plan for moving a business forward following a disaster. |
| Botnet |
An infected host that will allow attackers to launch remote attacks. |
| BPA |
Business Partnership Agreement. An agreement between two entities that lays down the contribution of each, how they will operate, and who will make the decisions. |
| BPDU Guard |
Bridge Protocol Data Unit Guard. Prevents attacks on the Spanning Tree Protocol. |
| BSSID |
Basic Service Set Identifier. Lists the MAC Address of the Wireless Access Point to which a client is connected. |
| Brute Force |
A password attack that uses every available combination. |
| Buffer Overflow |
A data attack where a larger amount of data than allowed is inserted into an application, resulting in data overflow into the adjacent memory and memory corruption. |
| Bug Bounty |
A scheme to reward those finding software flaws in a company’s web servers. |
| BYOD |
Bring Your Own Device. A scheme allowing employees to use their personal devices in the workplace. |
| CA |
Certificate Authority. The top server used to sign certificates in a PKI environment. |
| CAC |
Common Access Card. A smart card used by the US military. |
| CAPTCHA |
An image or text where a human types in the text or selects certain pictures to confirm that they are not bots. |
| Captive Portal |
Controls access to a wireless network, asking for additional identity before allowing access to the internal network. It can be used for billing purposes. |
| Capture the Flag |
Exercise wherein users complete training and move up a level each time. When they finish all levels, they have captured the flag. Improves a skill set. |
| Card Cloning |
Copying a credit card or an access card. Also known as skimming. |
| CASB |
Cloud Access Security Broker. Enterprise management software that manages and pushed policies and updates out to cloud clients. It can control access. |
| CBC |
Cipher Block Chaining. An encryption method that starts off with an IV or XOR. The output of one encryption sequence is the input to the next block. |
| CBT |
Computer-based Training. Interactive training carried out on a computer. |
| CCMP |
Counter-Mode/CBC-MAC Protocol. Strongest wireless protocol that uses AES up to 128 bits. |
| CCTV |
Closed-Circuit Television. It records video footage of events happening in the foreground. |
| Chain of Custody |
A record of who has handled the evidence from collection to court. |
| CER |
Crossover Error Rate. A biometric measurement where the FAR=FRR. A low CER is used when purchasing a new biometric system |
| CHAP |
A legacy authentication protocol that uses one way encryption of the password. |
| CIO |
Chief Information Officer. A top-level executive responsible for management and usability of computer systems. |
| CIS |
Center for Internet Security. A not-for-profit organization that publishes what most critical security controls. |
| CMS |
Content Management System. A computer system used to manage digital content. |
| CSIRT |
Computer Security Incident Response Team. A team that responds to cyber security attacks. |
| CN |
Common Name. An x500 object relating to a host. Used as a subject identifier in a digital signature. |
| Code Signing |
This is where a digital signature is used to confirm that the code is the original. |
| Cold Site |
A disaster recovery site without equipment or data. |
| Collector |
An appliance that collects log files, such as a syslog server. |
| Compensating Control |
A secondary control that replaces a primary control, should it fail. |
| Continuous Integration |
Multiple developers merge the code they produced. |
| COOP |
Continuity of Operations Planning. A business continuity process used by the US government |
| COPE |
Corporate-owned Personally Enabled. Business owned device that can be lent for personal use to an employee. |
| Corrective Control |
Actions taken to get a company back up and running following an event. |
| CP |
Contingency Planning. Used for getting a business back to an operational state following a disaster. |
| CRL |
Certificate Revocation List. A list of certificates that have been revoked due to expiry or compromise. |
| CSA |
Cloud Security Alliance. Raising awareness of the best practice to security your cloud environment |
| CSP |
Cloud Service Provider. Provides cloud services. |
| CSR |
Certificate Signing Request. Official method of new certificate application. |
| CSRF |
Cross-Site Request Forgery. Forces a logged-in user to click on a link and invoke an action to a web server. |
| CVE |
Common Vulnerabilities and Exposures. A list of vulnerabilities produced by MITRE that can be used by security teams. |
| CVSS |
Common Vulnerability Scoring System. Provides a score against a vulnerability to show the severity. Critical event will score between 9.0-10.0. |
| CYOD |
Choose Your Own Device. A selection of company-owned device that an employee will choose from. |