Acronyms Flashcards
3DES
Triple Data Encryption Standard
A symmetric-key block cipher that applies the Data Encryption Standard algorithm three times to each data block for increased security.
AAA
Authentication, Authorization, and Accounting
Core principles in network security and access control, where Authentication verifies users, Authorization determines their permissions, and Accounting tracks their actions for auditing purposes.
ABAC
Attribute-based Access Control
A security model where access rights are granted based on attributes associated with the user, resource, and environment, allowing for granular control over access permissions.
ACL
Access Control List
A list of permissions attached to an object that specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. In the context of network security, ACLs are commonly used to control traffic entering or leaving a network based on criteria such as IP addresses, protocols, and ports.
AD
Active Directory
A centralized database that stores and manages network resources, such as user accounts, computers, and devices, in a Windows domain network, facilitating authentication, authorization, and directory services.
AES
Advanced Encryption Standard
A widely-used symmetric encryption algorithm for securing sensitive data, commonly employed in various security protocols and applications.
AES256
Advanced Encryption Standards 256bit
Advanced Encryption Standard with a key size of 256 bits, which is a widely used symmetric encryption algorithm offering strong security for protecting sensitive data in various applications and systems.
AH
Authentication Header
A protocol used in IPsec (Internet Protocol Security) that provides authentication and integrity protection for IP packets, ensuring data origin authentication and integrity verification.
AI
Artificial Intelligence
The simulation of human intelligence processes by machines, typically computer systems, including learning, problem-solving, and decision-making.
AIS
Automated Indicator Sharing
A system for exchanging cybersecurity threat indicators and defensive measures between organizations in real-time to enhance collective defense capabilities.
ALE
Annualized Loss Expectancy
A calculation used to estimate the potential financial loss to a system or organization due to a security breach or incident over the course of a year.
AP
Access Point
A device that allows wireless devices to connect to a wired network using Wi-Fi technology.
API
Application Programming Interface
A set of protocols, tools, and definitions that allows different software applications to communicate and interact with each other.
APT
Advanced Persistent Threat
A sophisticated, prolonged cyberattack launched by skilled adversaries with the intention of gaining unauthorized access to a network or system over an extended period while remaining undetected.
ARO
Annualized Rate of Occurence
The estimated frequency at which a specific threat is expected to occur within a year, aiding in risk assessment and mitigation strategies in cybersecurity contexts
ARP
Address Resolution Protocol
A networking protocol used to map IP addresses to MAC addresses within a local network, facilitating communication between devices on the same subnet.
ASLR
Address Space Layout Randomization
A security technique that randomizes the memory addresses used by system processes, making it harder for attackers to predict the location of specific code or data.
ASP
Active Server Pages
A legacy web technology used to create dynamic web pages by embedding server-side scripts within HTML to generate content dynamically based on user interactions or database queries.
ATT&CK
Adversarial Tactics, Techniques,
and Common Knowledge
A framework used to understand and classify cyber threats and attacks, helping security professionals anticipate, prevent, and respond to various security incidents effectively.
AUP
Acceptable Use Policy
A set of rules and guidelines outlining the proper and permitted uses of an organization’s technology resources by its employees or users, typically addressing security concerns and acceptable behaviors.
AV
Antivirus
Software designed to detect, prevent, and remove malicious software, such as viruses, worms, and Trojan horses, from computer systems.
BASH
Bourne Again Shell
A command-line interpreter used in Unix-like operating systems, offering enhanced functionality over the original Bourne Shell with features like command-line editing and job control, often utilized in cybersecurity for scripting and automation tasks.
BCP
Business Continuity Planning
The development of strategies and procedures to ensure an organization can continue operating during and after a disaster or disruption, aiming to minimize downtime and maintain critical functions.
BGP
Border Gateway Protocol
A standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the internet.
BIA
Business Impact Analysis
A process used to identify and prioritize potential impacts on business operations to ensure continuity and resilience in the face of disruptions or disasters.
BIOS
Basic Input / Output System
Firmware used to perform hardware initialization during the booting process and provides runtime services for operating systems and programs.
BPA
Business Partnership Agreement
A formal document outlining terms and conditions between business entities, often concerning collaboration, sharing resources, or joint ventures, relevant to security considerations within the business environment.