| CIA | Confidentiality, Integrity, Availability | The three core security properties | 1 |
| AAA | Authentication, Authorization, Accounting | Framework for access control and auditing | 1 |
| AUP | Acceptable Use Policy | Policy defining permitted use of org resources | 1 |
| CAB | Change Advisory Board | Group that reviews and approves changes | 1 |
| RFC | Request for Change | Formal proposal for a system/process change | 1 |
| CMDB | Configuration Management Database | Central repository of configuration items and relationships | 1 |
| AES | Advanced Encryption Standard | Symmetric block cipher, 128/192/256-bit keys | 1 |
| AES-256 | Advanced Encryption Standard 256-bit | AES with 256-bit key length | 1 |
| DES | Data Encryption Standard | Legacy symmetric cipher, replaced by AES | 1 |
| 3DES | Triple Data Encryption Standard | DES applied three times, being phased out | 1 |
| RSA | Rivest, Shamir, Adleman | Asymmetric encryption algorithm | 1 |
| ECC | Elliptic Curve Cryptography | Asymmetric crypto with shorter keys than RSA | 1 |
| DH | Diffie-Hellman | Key exchange protocol | 1 |
| DHE | Diffie-Hellman Ephemeral | DH with ephemeral keys for forward secrecy | 1 |
| ECDHE | Elliptic Curve Diffie-Hellman Ephemeral | Modern key exchange used in TLS 1.3 | 1 |
| ECDSA | Elliptic Curve Digital Signature Algorithm | ECC-based digital signature scheme | 1 |
| DSA | Digital Signature Algorithm | Federal standard for digital signatures | 1 |
| SHA | Secure Hash Algorithm | Family of hash functions (SHA-1, SHA-256, SHA-3) | 1 |
| MD5 | Message Digest 5 | Broken hash algorithm, do not use for security | 1 |
| HMAC | Hash-based Message Authentication Code | Combines hash with secret key for integrity + authentication | 1 |
| RIPEMD | RACE Integrity Primitives Evaluation Message Digest | European hash function alternative to SHA | 1 |
| PKI | Public Key Infrastructure | Trust framework for digital certificates | 1 |
| CA | Certificate Authority | Entity that issues and signs digital certificates | 1 |
| RA | Registration Authority | Verifies identity before CA issues certificate | 1 |
| CRL | Certificate Revocation List | Published list of revoked certificates | 1 |
| OCSP | Online Certificate Status Protocol | Real-time certificate revocation checking | 1 |
| CSR | Certificate Signing Request | Request sent to CA to obtain a signed certificate | 1 |
| SAN | Subject Alternative Name | Certificate extension for multiple domain names | 1 |
| DV | Domain Validation | Basic certificate type, proves domain ownership only | 1 |
| OV | Organization Validation | Certificate type, CA verifies the organization | 1 |
| EV | Extended Validation | Highest trust certificate type | 1 |
| SCEP | Simple Certificate Enrollment Protocol | Automates certificate issuance for network devices | 1 |
| HSM | Hardware Security Module | Dedicated hardware for cryptographic key storage | 1 |
| TPM | Trusted Platform Module | Hardware chip for secure key storage and boot integrity | 1 |
| KEK | Key Encryption Key | Key used to encrypt other keys | 1 |
| KDC | Key Distribution Center | Kerberos component distributing session keys | 1 |
| PFS | Perfect Forward Secrecy | Compromised long-term key doesn't expose past sessions | 1 |
| PBKDF2 | Password-Based Key Derivation Function 2 | Key stretching algorithm for password hashing | 1 |
| CBC | Cipher Block Chaining | Block cipher mode, each block XORed with previous ciphertext | 1 |
| GCM | Galois/Counter Mode | Authenticated encryption mode (encryption + integrity) | 1 |
| CTM | Counter Mode | Block cipher mode using incrementing counter | 1 |
| ECB | Electronic Codebook | Weakest block cipher mode, identical blocks produce identical output | 1 |
| CFB | Cipher Feedback | Block cipher mode that turns block cipher into stream cipher | 1 |
| CCMP | Counter Mode/CBC-MAC Protocol | AES-based encryption protocol for WPA2/WPA3 | 1 |
| TKIP | Temporal Key Integrity Protocol | Deprecated WPA encryption, replaced by CCMP | 1 |
| RC4 | Rivest Cipher 4 | Deprecated stream cipher, used in WEP and old TLS | 1 |
| IV | Initialization Vector | Random value ensuring unique ciphertext for identical plaintext | 1 |
| XOR | Exclusive OR | Bitwise operation fundamental to encryption | 1 |
| ROT13 | Rotate by 13 Places | Simple Caesar cipher substitution (not encryption) | 1 |
| PSK | Pre-Shared Key | Symmetric key shared before communication begins | 1 |
| PKCS | Public Key Cryptography Standards | Set of standards for PKI implementations | 1 |
| PEM | Privacy Enhanced Mail | Base64-encoded certificate/key file format | 1 |
| DER | Distinguished Encoding Rules | Binary certificate file format | 1 |
| PFX | Personal Information Exchange | Certificate file format bundling cert + private key | 1 |
| P12 | PKCS #12 | Certificate archive format (same as PFX) | 1 |
| P7B | PKCS #7 | Certificate chain format without private key | 1 |
| CER | Certificate File | DER or Base64-encoded certificate file extension | 1 |
| FDE | Full Disk Encryption | Encrypts entire storage volume at rest | 1 |
| SED | Self-Encrypting Drive | Storage device with built-in hardware encryption | 1 |
| EFS | Encrypting File System | Windows file-level encryption (NTFS) | 1 |
| SAE | Simultaneous Authentication of Equals | WPA3 key exchange replacing PSK 4-way handshake | 1 |
| APT | Advanced Persistent Threat | Sophisticated, long-term targeted attack (usually nation-state) | 2 |
| IOC | Indicator of Compromise | Evidence that a security breach has occurred | 2 |
| IOA | Indicator of Attack | Evidence that an attack is in progress | 2 |
| TTP | Tactics, Techniques, and Procedures | Describes threat actor behavior patterns | 2 |
| ATT&CK | Adversarial Tactics, Techniques & Common Knowledge | MITRE framework cataloging attack techniques | 2 |
| CVE | Common Vulnerabilities and Exposures | Standard identifier for known vulnerabilities | 2 |
| CVSS | Common Vulnerability Scoring System | Standard severity rating 0.0-10.0 | 2 |
| CPE | Common Platform Enumeration | Standard naming for IT products/platforms | 2 |
| RAT | Remote Access Trojan | Malware providing remote control of a system | 2 |
| PUP | Potentially Unwanted Program | Software that may be undesirable (adware, toolbars) | 2 |
| C2 | Command and Control | Infrastructure attackers use to manage compromised systems | 2 |
| DDoS | Distributed Denial of Service | Attack overwhelming target from multiple sources | 2 |
| DoS | Denial of Service | Attack making a resource unavailable | 2 |
| MITM | Man-in-the-Middle | Attacker intercepts communication between two parties | 2 |
| XSS | Cross-Site Scripting | Injection of malicious scripts into web pages | 2 |
| CSRF | Cross-Site Request Forgery | Tricking users into submitting unintended requests | 2 |
| XSRF | Cross-Site Request Forgery | Alternate abbreviation for CSRF | 2 |
| SQLi | SQL Injection | Injecting malicious SQL into database queries | 2 |
| XXE | XML External Entity | Exploiting XML parsers to access files or perform SSRF | 2 |
| SSRF | Server-Side Request Forgery | Tricking server into making requests to internal resources | 2 |
| TOCTOU | Time of Check, Time of Use | Race condition between security check and action | 2 |
| TOC | Time of Check | Moment when a security check is performed | 2 |
| TOU | Time of Use | Moment when the checked resource is actually used | 2 |
| DLL | Dynamic Link Library | Shared library on Windows, target for injection attacks | 2 |
| SEH | Structured Exception Handler | Windows error handling mechanism exploited in buffer overflows | 2 |
| ASLR | Address Space Layout Randomization | Memory protection against buffer overflow exploitation | 2 |
| DEP | Data Execution Prevention | Prevents code execution from data memory regions | 2 |
| NX | No Execute | CPU-level memory protection (hardware DEP) | 2 |
| ROP | Return-Oriented Programming | Exploitation technique chaining existing code snippets | 2 |
| BEC | Business Email Compromise | Impersonating executives to authorize fraudulent transfers | 2 |
| SPIM | Spam over Instant Messaging | Unsolicited messages via IM platforms | 2 |
| OSINT | Open Source Intelligence | Intelligence gathered from publicly available sources | 2 |
| VLAN | Virtual Local Area Network | Logical network segmentation at Layer 2 | 2 |
| ACL | Access Control List | Rules defining permitted/denied access | 2 |
| ACE | Access Control Entry | Single permission rule within an ACL | 2 |
| FACL | File System Access Control List | ACL applied to file system objects | 2 |
| OWASP | Open Web Application Security Project | Nonprofit producing web security resources (Top 10) | 2 |
| CAPTCHA | Completely Automated Public Turing Test to Tell Computers and Humans Apart | Challenge to verify human interaction | 2 |
| AI | Artificial Intelligence | Machine systems performing tasks requiring human intelligence | 2 |
| ML | Machine Learning | AI subset using data patterns for prediction | 2 |
| IaaS | Infrastructure as a Service | Cloud: provider manages hardware, you manage OS and up | 3 |
| PaaS | Platform as a Service | Cloud: provider manages through runtime, you manage apps | 3 |
| SaaS | Software as a Service | Cloud: provider manages everything, you configure | 3 |
| XaaS | Anything as a Service | Catch-all for cloud service models | 3 |
| SECaaS | Security as a Service | Cloud-delivered security services | 3 |
| DaaS | Desktop as a Service | Cloud-hosted virtual desktops | 3 |
| MaaS | Monitoring as a Service | Cloud-delivered monitoring capabilities | 3 |
| IaC | Infrastructure as Code | Defining infrastructure through configuration files | 3 |
| SDN | Software-Defined Networking | Separating network control plane from data plane | 3 |
| SDV | Software-Defined Visibility | Programmable network traffic visibility | 3 |
| SASE | Secure Access Service Edge | Combines SD-WAN with cloud-delivered security | 3 |
| SD-WAN | Software-Defined Wide Area Network | Centrally managed WAN with dynamic routing | 3 |
| VPN | Virtual Private Network | Encrypted tunnel over public networks | 3 |
| IPSec | Internet Protocol Security | Network-layer VPN protocol suite | 3 |
| IKE | Internet Key Exchange | Protocol for establishing IPSec security associations | 3 |
| ESP | Encapsulating Security Payload | IPSec protocol providing encryption + integrity | 3 |
| AH | Authentication Header | IPSec protocol providing integrity (no encryption) | 3 |
| L2TP | Layer 2 Tunneling Protocol | VPN tunneling protocol, often paired with IPSec | 3 |
| PPTP | Point-to-Point Tunneling Protocol | Legacy VPN protocol, considered insecure | 3 |
| PPP | Point-to-Point Protocol | Data link layer protocol for direct connections | 3 |
| GRE | Generic Routing Encapsulation | Tunneling protocol encapsulating various network protocols | 3 |
| TLS | Transport Layer Security | Encryption protocol for data in transit (HTTPS) | 3 |
| SSL | Secure Sockets Layer | Deprecated predecessor to TLS | 3 |
| SHTTP | Secure Hypertext Transfer Protocol | Application-layer HTTP security (rarely used, superseded by HTTPS) | 3 |
| SSH | Secure Shell | Encrypted remote administration protocol | 3 |
| SCP | Secure Copy Protocol | File copy over SSH | 3 |
| SFTP | SSH File Transfer Protocol | Secure file transfer over SSH | 3 |
| FTPS | FTP Secure | FTP with TLS encryption | 3 |
| SRTP | Secure Real-Time Transport Protocol | Encrypted voice/video streaming | 3 |
| SMTPS | Simple Mail Transfer Protocol Secure | SMTP encrypted with TLS | 3 |
| LDAPS | Lightweight Directory Access Protocol over SSL | LDAP encrypted with TLS | 3 |
| SNMPv3 | Simple Network Management Protocol version 3 | SNMP with encryption and authentication | 3 |
| DMZ | Demilitarized Zone | Network segment for public-facing services | 3 |
| WAF | Web Application Firewall | Layer 7 firewall protecting web applications | 3 |
| NGFW | Next-Generation Firewall | Stateful firewall with app awareness and DPI | 3 |
| UTM | Unified Threat Management | All-in-one security appliance (firewall + AV + IDS + more) | 3 |
| IDS | Intrusion Detection System | Monitors and alerts on suspicious activity (passive) | 3 |
| IPS | Intrusion Prevention System | Detects and blocks suspicious activity (inline) | 3 |
| NIDS | Network Intrusion Detection System | IDS monitoring network traffic | 3 |
| NIPS | Network Intrusion Prevention System | IPS monitoring and blocking network threats inline | 3 |
| HIDS | Host Intrusion Detection System | IDS monitoring activity on individual hosts | 3 |
| HIPS | Host Intrusion Prevention System | IPS blocking threats on individual hosts | 3 |
| DLP | Data Loss Prevention | Prevents unauthorized data exfiltration | 3 |
| DRM | Digital Rights Management | Controls on content usage (copy, print, forward) | 3 |
| IRM | Information Rights Management | Enterprise DRM for documents and email | 3 |
| RAID | Redundant Array of Independent Disks | Storage redundancy through multiple disks | 3 |
| SAN (storage) | Storage Area Network | Dedicated high-speed network for block-level storage | 3 |
| UPS | Uninterruptible Power Supply | Battery backup for power outages | 3 |
| PDU | Power Distribution Unit | Distributes power to rack-mounted equipment | 3 |
| HVAC | Heating, Ventilation, and Air Conditioning | Environmental controls for data centers | 3 |
| CCTV | Closed-Circuit Television | Video surveillance for physical security | 3 |
| PTZ | Pan-Tilt-Zoom | Camera type with remote directional and zoom control | 3 |
| RTO | Recovery Time Objective | Maximum acceptable downtime | 3 |
| RPO | Recovery Point Objective | Maximum acceptable data loss (in time) | 3 |
| MTBF | Mean Time Between Failures | Average uptime between failures | 3 |
| MTTF | Mean Time to Failure | Average lifespan of non-repairable components | 3 |
| MTTR | Mean Time to Repair | Average time to restore after failure | 3 |
| SPOF | Single Point of Failure | Component whose failure takes down the whole system | 3 |
| HA | High Availability | Architecture minimizing downtime | 3 |
| DRaaS | Disaster Recovery as a Service | Cloud-hosted disaster recovery environment | 3 |
| COOP | Continuity of Operations Plan | Plan for maintaining essential functions during disruption | 3 |
| SCADA | Supervisory Control and Data Acquisition | Industrial control system for remote monitoring | 3 |
| ICS | Industrial Control System | Systems managing physical industrial processes | 3 |
| RTOS | Real-Time Operating System | OS for time-critical embedded/industrial systems | 3 |
| FPGA | Field-Programmable Gate Array | Reprogrammable hardware chip for custom logic | 3 |
| SoC | System on Chip | Integrated circuit with CPU, memory, and I/O on one chip | 3 |
| IoT | Internet of Things | Connected devices (cameras, sensors, appliances) | 3 |
| OT | Operational Technology | Hardware/software monitoring and controlling physical processes | 3 |
| VDI | Virtual Desktop Infrastructure | Centrally hosted virtual desktops for end users | 3 |
| VDE | Virtual Desktop Environment | Virtualized desktop workspace | 3 |
| VPC | Virtual Private Cloud | Isolated network segment within a public cloud | 3 |
| SIEM | Security Information and Event Management | Centralized log collection, correlation, and alerting | 4 |
| SOAR | Security Orchestration, Automation, and Response | Automates security operations workflows | 4 |
| EDR | Endpoint Detection and Response | Monitors endpoints for threats and enables response | 4 |
| XDR | Extended Detection and Response | EDR extended across network, cloud, email, identity | 4 |
| MDR | Managed Detection and Response | Outsourced detection and response service | 4 |
| NAC | Network Access Control | Enforces security policy on devices connecting to network | 4 |
| MDM | Mobile Device Management | Centralized management of mobile devices | 4 |
| MAM | Mobile Application Management | Managing apps on mobile devices without full MDM | 4 |
| UEM | Unified Endpoint Management | Single platform managing all endpoint types | 4 |
| BYOD | Bring Your Own Device | Employee uses personal device for work | 4 |
| COPE | Corporate-Owned, Personally Enabled | Company device with permitted personal use | 4 |
| CYOD | Choose Your Own Device | Employee picks from approved corporate devices | 4 |
| WPA3 | Wi-Fi Protected Access 3 | Current wireless security standard | 4 |
| WPA | Wi-Fi Protected Access | Wireless security standard (WPA/WPA2/WPA3) | 4 |
| WEP | Wired Equivalent Privacy | Deprecated wireless encryption, trivially broken | 4 |
| WPS | Wi-Fi Protected Setup | Simplified wireless setup, vulnerable to brute force | 4 |
| WIDS | Wireless Intrusion Detection System | Detects rogue APs and wireless attacks | 4 |
| WIPS | Wireless Intrusion Prevention System | Detects and blocks wireless threats | 4 |
| SSID | Service Set Identifier | Wireless network name | 4 |
| WAP | Wireless Access Point | Device providing wireless network connectivity | 4 |
| EAP | Extensible Authentication Protocol | Framework for network authentication methods | 4 |
| EAP-TLS | EAP Transport Layer Security | EAP using mutual TLS certificates (most secure) | 4 |
| EAP-TTLS | EAP Tunneled Transport Layer Security | EAP with TLS tunnel, inner authentication flexible | 4 |
| EAP-FAST | EAP Flexible Authentication via Secure Tunneling | Cisco EAP replacement for LEAP | 4 |
| LEAP | Lightweight Extensible Authentication Protocol | Deprecated Cisco EAP method, vulnerable | 4 |
| PEAP | Protected Extensible Authentication Protocol | EAP method using TLS tunnel + password | 4 |
| CHAP | Challenge-Handshake Authentication Protocol | Challenge-response authentication preventing replay attacks | 4 |
| MS-CHAP | Microsoft Challenge-Handshake Authentication Protocol | Microsoft version of CHAP (deprecated) | 4 |
| PAP | Password Authentication Protocol | Sends passwords in cleartext, insecure | 4 |
| RADIUS | Remote Authentication Dial-In User Service | Protocol for centralized authentication (AAA) | 4 |
| TACACS+ | Terminal Access Controller Access-Control System Plus | Cisco AAA protocol, encrypts full payload | 4 |
| LDAP | Lightweight Directory Access Protocol | Protocol for accessing directory services | 4 |
| SSO | Single Sign-On | One authentication grants access to multiple systems | 4 |
| SAML | Security Assertion Markup Language | XML-based SSO protocol for web applications | 4 |
| OAuth | Open Authorization | Authorization framework for delegated access | 4 |
| OIDC | OpenID Connect | Identity layer built on OAuth 2.0 | 4 |
| OpenID | Open Identification | Decentralized authentication standard | 4 |
| IdP | Identity Provider | Service authenticating users for SSO/federation | 4 |
| MFA | Multi-Factor Authentication | Requiring multiple authentication factors | 4 |
| TOTP | Time-based One-Time Password | Time-synchronized OTP (authenticator apps) | 4 |
| HOTP | HMAC-based One-Time Password | Counter-based OTP | 4 |
| FIDO2 | Fast Identity Online 2 | Passwordless authentication standard (WebAuthn) | 4 |
| PIV | Personal Identity Verification | US government smart card standard for authentication | 4 |
| PAM | Privileged Access Management | Securing and monitoring privileged accounts | 4 |
| JIT | Just-In-Time | Temporary access granted only when needed | 4 |
| JEA | Just-Enough-Access | Minimum permissions for the task at hand | 4 |
| RBAC | Role-Based Access Control | Permissions assigned to roles, users assigned to roles | 4 |
| ABAC | Attribute-Based Access Control | Access decisions based on attributes (user, resource, environment) | 4 |
| MAC | Mandatory Access Control | System-enforced access based on security labels | 4 |
| DAC | Discretionary Access Control | Resource owner controls access permissions | 4 |
| GPO | Group Policy Object | Windows policy enforcement mechanism | 4 |
| SPF | Sender Policy Framework | Email auth: specifies authorized sending IPs | 4 |
| DKIM | DomainKeys Identified Mail | Email auth: cryptographic signature on messages | 4 |
| DMARC | Domain-based Message Authentication, Reporting & Conformance | Email auth: policy for SPF/DKIM failures | 4 |
| FIM | File Integrity Monitoring | Detects unauthorized changes to files | 4 |
| SNMP | Simple Network Management Protocol | Network device monitoring (use v3 for encryption) | 4 |
| STIX | Structured Threat Information eXpression | Standard language for threat intelligence sharing | 4 |
| TAXII | Trusted Automated eXchange of Indicator Information | Transport protocol for STIX threat intel | 4 |
| AIS | Automated Indicator Sharing | DHS service for sharing threat indicators | 4 |
| IR | Incident Response | Structured approach to handling security incidents | 4 |
| IRP | Incident Response Plan | Documented procedures for handling incidents | 4 |
| CSIRT | Computer Security Incident Response Team | Team dedicated to handling security incidents | 4 |
| CIRT | Computer Incident Response Team | Alternate name for incident response team | 4 |
| CERT | Computer Emergency Response Team | Organization coordinating vulnerability responses | 4 |
| SELinux | Security-Enhanced Linux | Linux kernel MAC implementation | 4 |
| DNSSEC | Domain Name System Security Extensions | Adds authentication to DNS responses | 4 |
| SAST | Static Application Security Testing | Analyzing source code for vulnerabilities | 4 |
| DAST | Dynamic Application Security Testing | Testing running applications for vulnerabilities | 4 |
| SCA | Software Composition Analysis | Identifying vulnerable third-party dependencies | 4 |
| SDLC | Software Development Life Cycle | Phases of software development (plan through maintain) | 4 |
| SDK | Software Development Kit | Tools and libraries for building applications | 4 |
| SCAP | Security Content Automation Protocol | Standards for automated vulnerability management | 4 |
| XCCDF | Extensible Configuration Checklist Description Format | Language for security checklists | 4 |
| OVAL | Open Vulnerability and Assessment Language | Language for describing system configuration states | 4 |
| ASV | Approved Scanning Vendor | PCI-DSS authorized external vulnerability scanner | 4 |
| PCAP | Packet Capture | Network traffic capture file/format | 4 |
| FAR | False Acceptance Rate | Rate biometric system incorrectly grants access | 4 |
| FRR | False Rejection Rate | Rate biometric system incorrectly denies access | 4 |
| TGT | Ticket-Granting Ticket | Kerberos initial authentication token | 4 |
| IAM | Identity and Access Management | Framework for managing digital identities and permissions | 4 |
| GRC | Governance, Risk, and Compliance | Integrated approach to organizational oversight | 5 |
| CISO | Chief Information Security Officer | Executive responsible for security program | 5 |
| CIO | Chief Information Officer | Executive responsible for information technology | 5 |
| CTO | Chief Technology Officer | Executive responsible for technology strategy | 5 |
| CSO | Chief Security Officer | Executive responsible for overall security | 5 |
| ISSO | Information Systems Security Officer | Officer ensuring IS compliance with security policy | 5 |
| DPO | Data Protection Officer | Required by GDPR for certain organizations | 5 |
| DBA | Database Administrator | Manages and secures database systems | 5 |
| BIA | Business Impact Analysis | Identifies critical functions and disruption impact | 5 |
| BCP | Business Continuity Plan | Plan for maintaining operations during disruption | 5 |
| DRP | Disaster Recovery Plan | Plan for restoring IT systems after disaster | 5 |
| CP | Contingency Planning | Preparing for potential disruption scenarios | 5 |
| ALE | Annualized Loss Expectancy | Expected yearly financial loss (SLE x ARO) | 5 |
| SLE | Single Loss Expectancy | Dollar loss per incident (AV x EF) | 5 |
| ARO | Annualized Rate of Occurrence | Expected frequency of an event per year | 5 |
| AV (risk) | Asset Value | Dollar value of the asset at risk | 5 |
| EF | Exposure Factor | Percentage of asset lost per incident | 5 |
| ROI | Return on Investment | Measure of gain relative to cost | 5 |
| KRI | Key Risk Indicator | Metric signaling increasing risk | 5 |
| RMF | Risk Management Framework | NIST structured approach to risk management | 5 |
| SLA | Service Level Agreement | Measurable performance expectations with a vendor | 5 |
| MOU | Memorandum of Understanding | Informal agreement documenting mutual intent | 5 |
| MOA | Memorandum of Agreement | Formal agreement with specific terms | 5 |
| MSA | Master Service Agreement | Overarching contract governing a vendor relationship | 5 |
| SOW | Statement of Work | Specific project deliverables under an MSA | 5 |
| NDA | Non-Disclosure Agreement | Legal agreement preventing info disclosure | 5 |
| DPA | Data Processing Agreement | GDPR-required contract with data processors | 5 |
| BPA | Business Partners Agreement | Defines business partner responsibilities | 5 |
| ISA | Interconnection Security Agreement | Agreement for connecting two organizations' networks | 5 |
| MSP | Managed Service Provider | Third party managing IT services | 5 |
| MSSP | Managed Security Service Provider | Third party managing security operations | 5 |
| CAR | Corrective Action Report | Document prescribing remediation steps for findings | 5 |
| GDPR | General Data Protection Regulation | EU data privacy regulation | 5 |
| HIPAA | Health Insurance Portability and Accountability Act | US healthcare data protection law | 5 |
| PCI-DSS | Payment Card Industry Data Security Standard | Credit card data protection standard | 5 |
| SOX | Sarbanes-Oxley Act | US financial reporting controls law | 5 |
| GLBA | Gramm-Leach-Bliley Act | US financial data protection law | 5 |
| FERPA | Family Educational Rights and Privacy Act | US student data privacy law | 5 |
| CCPA | California Consumer Privacy Act | California data privacy regulation | 5 |
| NIST | National Institute of Standards and Technology | US standards body, publishes CSF and SP 800 series | 5 |
| CSF | Cybersecurity Framework | NIST framework: Identify, Protect, Detect, Respond, Recover | 5 |
| ISO | International Organization for Standardization | Publishes ISO 27001/27002 security standards | 5 |
| CIS | Center for Internet Security | Publishes CIS Controls and Benchmarks | 5 |
| COBIT | Control Objectives for Information and Related Technologies | IT governance framework | 5 |
| SOC (audit) | System and Organization Controls | Audit reports (SOC 1, SOC 2 Type I/II) | 5 |
| SOC (ops) | Security Operations Center | Facility for centralized security monitoring | 5 |
| PII | Personally Identifiable Information | Data that can identify an individual | 5 |
| PHI | Protected Health Information | Health-related PII under HIPAA | 5 |
| PIA | Privacy Impact Assessment | Evaluation of how a system affects privacy | 5 |
| UAT | User Acceptance Testing | Final validation that system meets business requirements | 5 |
| CBT | Computer-Based Training | Online training modules | 5 |
| OPSEC | Operational Security | Protecting sensitive information from adversaries | 5 |
| DNS | Domain Name System | Resolves domain names to IP addresses | -- |
| TSIG | Transaction Signature | DNS authentication mechanism for zone transfers | -- |
| DHCP | Dynamic Host Configuration Protocol | Automatically assigns IP addresses to devices | -- |
| HTTP | Hypertext Transfer Protocol | Web protocol (unencrypted) | -- |
| HTTPS | Hypertext Transfer Protocol Secure | HTTP encrypted with TLS | -- |
| HTML | Hypertext Markup Language | Standard markup language for web pages | -- |
| XML | Extensible Markup Language | Markup language for structured data exchange | -- |
| SQL | Structured Query Language | Language for database queries | -- |
| SOAP | Simple Object Access Protocol | XML-based messaging protocol for web services | -- |
| FTP | File Transfer Protocol | Unencrypted file transfer (insecure) | -- |
| SMTP | Simple Mail Transfer Protocol | Email sending protocol | -- |
| IMAP | Internet Message Access Protocol | Email retrieval (keeps mail on server) | -- |
| POP3 | Post Office Protocol 3 | Email retrieval (downloads and removes) | -- |
| RDP | Remote Desktop Protocol | Microsoft remote access (port 3389) | -- |
| SMB | Server Message Block | Windows file sharing protocol (port 445) | -- |
| NTP | Network Time Protocol | Synchronizes clocks across a network | -- |
| ARP | Address Resolution Protocol | Maps IP addresses to MAC addresses | -- |
| TCP | Transmission Control Protocol | Reliable, connection-oriented transport | -- |
| UDP | User Datagram Protocol | Fast, connectionless transport | -- |
| ICMP | Internet Control Message Protocol | Network diagnostics (ping, traceroute) | -- |
| IGMP | Internet Group Management Protocol | Manages multicast group membership | -- |
| IP | Internet Protocol | Network layer addressing and routing | -- |
| IPv4 | Internet Protocol version 4 | 32-bit addresses (e.g., 192.168.1.1) | -- |
| IPv6 | Internet Protocol version 6 | 128-bit addresses replacing IPv4 | -- |
| NAT | Network Address Translation | Maps private IPs to public IPs | -- |
| DNAT | Destination Network Address Translation | Redirects traffic to different destination IP | -- |
| PAT | Port Address Translation | NAT using port numbers to distinguish sessions | -- |
| BGP | Border Gateway Protocol | Internet routing protocol between autonomous systems | -- |
| OSPF | Open Shortest Path First | Interior gateway routing protocol | -- |
| MPLS | Multiprotocol Label Switching | High-performance WAN routing using labels | -- |
| BPDU | Bridge Protocol Data Unit | Spanning Tree Protocol frame for loop prevention | -- |
| RSTP | Rapid Spanning Tree Protocol | Faster convergence spanning tree (IEEE 802.1w) | -- |
| RTBH | Remotely Triggered Black Hole | BGP-based DDoS mitigation dropping attack traffic | -- |
| MAC (addr) | Media Access Control Address | Hardware address for network interface (Layer 2) | -- |
| API | Application Programming Interface | Interface for software-to-software communication | -- |
| REST | Representational State Transfer | Architectural style for web APIs | -- |
| RTP | Real-Time Transport Protocol | Delivers audio/video over IP networks | -- |
| VoIP | Voice over IP | Phone calls over data networks | -- |
| PBX | Private Branch Exchange | Private telephone network within an organization | -- |
| POTS | Plain Old Telephone Service | Traditional analog telephone system | -- |
| SIM | Subscriber Identity Module | Smart card identifying a mobile subscriber | -- |
| SMS | Short Message Service | Text messaging on mobile networks | -- |
| MMS | Multimedia Messaging Service | Rich media messaging on mobile networks | -- |
| NFC | Near Field Communication | Short-range wireless for contactless payments/pairing | -- |
| RFID | Radio Frequency Identification | Wireless tags for asset tracking and access cards | -- |
| GPS | Global Positioning System | Satellite-based location tracking | -- |
| IR (port) | Infrared | Short-range line-of-sight communication | -- |
| USB | Universal Serial Bus | Standard connector for peripherals | -- |
| USB OTG | USB On-The-Go | USB connection between mobile devices | -- |
| VM | Virtual Machine | Software emulation of a computer system | -- |
| OS | Operating System | System software managing hardware and applications | -- |
| CPU | Central Processing Unit | Main processor in a computer | -- |
| GPU | Graphics Processing Unit | Processor for parallel computation and graphics | -- |
| RAM | Random Access Memory | Volatile system memory | -- |
| SSD | Solid State Drive | Flash-based storage (no moving parts) | -- |
| HDD | Hard Disk Drive | Magnetic spinning disk storage | -- |
| MBR | Master Boot Record | Legacy disk partition and boot sector format | -- |
| NIC | Network Interface Card | Hardware providing network connectivity | -- |
| BIOS | Basic Input/Output System | Legacy firmware interface (replaced by UEFI) | -- |
| UEFI | Unified Extensible Firmware Interface | Modern firmware interface replacing BIOS | -- |
| AD | Active Directory | Microsoft directory service for identity management | -- |
| OU | Organizational Unit | Container in Active Directory for organizing objects | -- |
| LAN | Local Area Network | Network within a single location | -- |
| MAN | Metropolitan Area Network | Network spanning a city or campus | -- |
| DSL | Digital Subscriber Line | Internet over telephone lines | -- |
| ISP | Internet Service Provider | Company providing internet access | -- |
| MTU | Maximum Transmission Unit | Largest packet size for a network interface | -- |
| UTP | Unshielded Twisted Pair | Common Ethernet cabling (Cat5e, Cat6) | -- |
| EMI | Electromagnetic Interference | Electrical noise disrupting signals | -- |
| RFI | Radio Frequency Interference | Radio signal disrupting other signals | -- |
| IDF | Intermediate Distribution Frame | Secondary wiring closet in a building | -- |
| MDF | Main Distribution Frame | Primary wiring closet where external lines enter | -- |
| CSP | Cloud Service Provider | Company delivering cloud computing services | -- |
| CASB | Cloud Access Security Broker | Enforces security policies for cloud services | -- |
| CSPM | Cloud Security Posture Management | Monitors cloud configurations for misconfigurations | -- |
| CNAPP | Cloud-Native Application Protection Platform | Unified cloud security (CSPM + CWPP + more) | -- |
| CWPP | Cloud Workload Protection Platform | Protects cloud workloads (VMs, containers, serverless) | -- |
| ZTNA | Zero Trust Network Access | Identity-based access replacing traditional VPN | -- |
| IAP | Identity-Aware Proxy | Proxy that verifies identity before granting access | -- |
| SWG | Secure Web Gateway | Filters web traffic for threats and policy enforcement | -- |
| FWaaS | Firewall as a Service | Cloud-delivered firewall | -- |
| mTLS | Mutual TLS | Both client and server authenticate via certificates | -- |
| JWT | JSON Web Token | Token format for claims-based authentication | -- |
| STIG | Security Technical Implementation Guide | DISA security configuration guidelines | -- |
| GPG | GNU Privacy Guard | Open-source implementation of PGP encryption | -- |
| PGP | Pretty Good Privacy | Encryption program for email and files | -- |
| S/MIME | Secure/Multipurpose Internet Mail Extensions | Standard for encrypted and signed email | -- |
| NTLM | NT LAN Manager | Legacy Windows authentication protocol | -- |
| NTFS | New Technology File System | Windows file system supporting permissions and encryption | -- |
| MAB | MAC Authentication Bypass | 802.1X fallback for devices that can't authenticate | -- |
| PMF | Protected Management Frames | Wi-Fi protection against deauth attacks | -- |
| IEEE | Institute of Electrical and Electronics Engineers | Standards body (802.1X, 802.11, etc.) | -- |
| OSI | Open Systems Interconnection | 7-layer network reference model | -- |
| ASCII | American Standard Code for Information Interchange | Character encoding standard | -- |
| CRC | Cyclic Redundancy Check | Error-detection code for data integrity | -- |
| IT | Information Technology | Broad term for computing infrastructure and services | -- |
| OID | Object Identifier | Hierarchical identifier for SNMP and X.509 objects | -- |
| PIN | Personal Identification Number | Numeric passcode for authentication | -- |
| URI | Uniform Resource Identifier | String identifying a resource (superset of URL) | -- |
| URL | Uniform Resource Locator | Web address for accessing resources | -- |
| AP | Access Point | Device providing wireless network connectivity | -- |
| ESN | Electronic Serial Number | Unique identifier for mobile devices | -- |
| PED | Personal Electronic Device | Any personal computing or communication device | -- |
| MFD | Multi-Function Device | Device combining printer, scanner, copier, fax | -- |
| IoC | Indicator of Compromise | Alternate casing of IOC | -- |
| IM | Instant Messaging | Real-time text communication | -- |
| IRC | Internet Relay Chat | Text-based chat protocol, used by some C2 channels | -- |
| VTC | Video Teleconference | Video-based remote meeting | -- |
| P2P | Peer-to-Peer | Direct device-to-device communication without central server | -- |
| OTA | Over-the-Air | Wireless software/firmware updates | -- |
| UAV | Unmanned Aerial Vehicle | Drone, physical security concern for surveillance | -- |
| ERP | Enterprise Resource Planning | Integrated business management software | -- |
| CMS | Content Management System | Software for creating and managing digital content | -- |
| RAS | Remote Access Server | Server providing remote network access | -- |
| PAC | Proxy Auto-Configuration | File directing browser proxy settings | -- |
| BASH | Bourne Again Shell | Common Unix/Linux command shell | -- |
| WBC | White-Box Cryptography | Crypto that resists key extraction from exposed code | -- |
| eBPF | Extended Berkeley Packet Filter | Linux kernel technology for programmable packet processing | -- |
| JA3 | JA3 TLS Fingerprint | Client TLS fingerprinting method for threat detection | -- |
| AV (software) | Antivirus | Software detecting and removing malware | -- |
| CSU | Channel Service Unit | Device connecting LAN to WAN leased line | -- |
| WTLS | Wireless Transport Layer Security | TLS adapted for wireless/mobile environments | -- |
| VBA | Visual Basic for Applications | Scripting language in Microsoft Office, common malware vector | -- |
| VLSM | Variable Length Subnet Masking | Subnetting with different-sized subnets | -- |
| WO | Work Order | Formal request for maintenance or service | -- |
| IDEA | International Data Encryption Algorithm | Block cipher used in early PGP versions | -- |