Security+ Acronyms.txt

  1. 3DES
    • Triple Digital Encryption Standard
    • more secure than DES, but AES is preferred choice of govt
  2. ACK
  3. ACL
    Access Control List
  4. AD-IDS
    Anomaly-Detection Intrusion Detection System
  5. AES
    • Advanced Encryption Standard
    • replaced DES, uses Rijndael algorithm, developed by Joan Daemen and Vincent Rijmen, used by US Govt, key sizes: 128 (default), 192 and 256 (qualifies for Top Secret)
  6. ALE
    Annual Loss Expectancy
  7. AH
    Authentication Header
  8. AP
    Access Point
  9. API
    Application Programming Interface
  10. ARO
    Annualized Rate of Occurrence
  11. ARP
    Address Resolution Protocol
  12. AS
    Authentication Service
  13. BCP
    Business Continuity Plan
  14. BGP
    Border Gateway Protocol
  15. BIA
    Business Impact Analysis
  16. BIOS
    Basic Input/Output System
  17. Blowfish
    produced by Counterpan Systems, 64-bit block cipher, very fast, Bruce Schneier author, also created Twofish with 128-bit blocks
  18. CAN
    Campus Area Network
  19. CA
    • Certificate Authority
    • oraganization responsible for issuing, revoking and distributing certificates
  20. CAST
    • Carlisle Adams Stafford Tavares
    • symmetric block cipher, 40-bit 10 128-bit key, very fast and efficient
  21. CC
    Common Criteria
  22. CCRA
    Common Criteria Recognition Agreement
  23. CGI
    Common Gateway Interface
  24. CHAP
    Challenge Handshake Authentication Protocol
  25. CIA Triangle
    Confidentiality, Integrity, Availability
  26. CP
    Certificate Policy
  27. CPS
    • Certificate Practice Statement
    • detailed statement the CA uses to issue certificates and implement its policies of the CA, how certificates are issues, what measures are taken to protect certificates and the rules the CA users must follow in order to maintain their certificate eligibility
  28. CRC
    Cyclical Redundancy Check
  29. CRL
    Certificate Revocation List
  30. CSIRT
    Computer Security Incident Response Team
  31. CTL
    Certificate Trust List
  32. DAC
    Discretionary Access Control
  33. DDoS
    Distributed Denial of Service Attack
  34. DES
    • Data Encryption Standard
    • used since 1970s, replaced by AES, 56-bit key, broken in two days,
  35. DHCP
    Dynamic Host Configuration Protocol
  36. Diffie-Hellman
    Dr W. Diffie and Dr M.E. Hellman created key exchange, considered founders of public/private key concept, used for transmission of keys in as secure manner
  37. DIT
    Directory Information Tree
  38. DMZ
    Demilitarized Zone
  39. DNS
    Domain Name Service
  40. DoS
    Denial of Service Attack
  41. DRP
    Disaster Recovery Plan
  42. DS
  43. DSA
    • Digital Signature Algorithm
    • Based on El Gamal
  44. DSL
    Digital Subscriber Line
  45. DSSS
    Direct-Sequence Spread Spectrum
  46. DSV
    Dynamic Signature Verification
  47. EAL
    Evaluation Assurance Levels
  48. EAP
    Extensible Authentication Protocol
  49. EAP-TLS
    Extensible Authentication Protocol-Transport Level Security
  50. EAS
    Advanced Encryption standard
  51. ECC
    • Elliptic Curve Cryptography
    • similar function to RSA, used in small devices, points on a curve to define public and private key pair
  52. EF
    Exposure Factor
  53. EFS
    Encrypted File System
  54. El Gamal
    Algorithm used for transmitting digital signatures and key exchanges, similar process to Diffie-Hellman key exchange, first published in 1985, DSA is based on this
  55. EMI
    Electromagnetic Interference
  56. ESP
    Encapsulating Security Payload
  57. FHSS
    Frequency-Hopping Spread Spectrum
  58. FIPS
    Federal Information Processing Standard
  59. FQDN
    Fully Qualified Domain Name
  60. FTP
    File Transfer Protocol
  61. H-IDS
    Host-based Intrusion Detection System
  62. HIPAA
    Health Insurance Portability and Accountability Act
  63. HIPS
    Host-based Intrusion Prevention System
  64. HTML
    Hypertext Markup Language
  65. HTTP
    Hyertext Transfer Protocol
  66. HTTPS
    Hyertext Transfer Protocol (Secure)
  67. HVAC
    Heating, Ventilation and Air Conditioning
  68. I&A
    Identification and Authentication
  69. IAB
    Internet Architecture Board
  70. IANA
    Internet Assigned Numbers Authority
  71. ICMP
    Internet Control Message Protocol
  72. IDEA
    • International Data Encryption Algorithm
    • developed by Swiss consortium (ASCOM AG), uses 128-bit key, more secure than DES with same speed and capability, uses PGP
  73. IDS
    Intrusion Detection System
  74. IEEE
    Institute of Electrical and Electronics Engineers
  75. IETF
    Internet Engineering Task Force
  76. IGMP
    Internet Group Management Protocol
  77. IKE
    Internet Key Exchange
  78. IM
    Instant Messaging
  79. IMAP
    Internet Message Access Protocol
  80. IP
    Internet Protocol
  81. IPSec
    Internet Protocol Security
  82. IPX
    Internetwork Packet Exchange
  83. IPX/SPX
    Internetwork Packet Exchange/Sequenced Packet Exchange
  84. IRP
    Incident Response Plan
  85. IRT
    Incident Response Team
  86. IRTF
    Internet Research Task Force
  87. ISAKMP
    Internet Security Association Key Management Protocol
  88. ISDN
    Integrated Services Digital Network
  89. ISO
    International Organization for Standardization
  90. ISOC
    Internet Society
  91. ISP
    Internet Service Provider
  92. ITU
    International Telecommunications Union
  93. KDC
    Key Distribution Center
  94. KEC
    Key Exchange Algorithm
  95. KMAC
    Keyed-Hash Message Authentication Code
  96. L2F
    Layer 2 Forwarding
  97. L2TP
    Layer 2 Tunneling Protocol
  98. LAN
    Local Area Network
  99. LANMAN
    • LAN Manager
    • replaced by NTLM with release of Windows NT, authentication protocol, used LM Hash and two DES keys
  100. LCP
    Link Control Protocol
  101. LDAP
    Lightweight Directory Access Protocol
  102. LDIF
    LDAP Data Interchange Format
  103. LRA
    • Local Registration Authority
    • used to identify or establish the identity of a user for certificate issuance, involves the physical identification of the person requesting the certificate
  104. MAC (permissions)
    Mandatory Access Control or Media Access Control
  105. MAC (encryption)
    Message Authentication Code
  106. MAN
    Metropolitan Area Network
  107. MAU
    Multistation Access Unit
  108. MBR
    Master Boot Record
  109. MDA
    • Message Digest Algorithm
    • one-way hash, helps maintain integrity, common versions newest MD5 (faster than SHA), MD4, MD2
  110. MD-IDS
    Misuse-Detection Intrusion Detection System
  111. MRA
    Mutual Recognition Agreement
  112. MSCHAP
    Microsoft Challegene Handshake Authentication Protocol
  113. MTBF
    Mean Time Between Failures
  114. MTTR
    Mean Time to Repair
  115. NAC
    Network Access Control
  116. NAT
    Network Address Translation
  117. NBS
    National Bureau of Standards
  118. NCP
    Network Control Protocol OR Netware Core Protocol
  119. NCSC
    National Computing Security Center
  120. NDPS
    Novell Distributed Print Services
  121. NDS
    Novell Directory Services OR NetWare Directory Services
  122. NetBEUI
    NetBIOS Extended User Interface
  123. NetBIOS
    Network Basic Input Output System
  124. NFS
    Network File System
  125. NIC
    Network Interface Card
  126. N-IDS
    Network-based Intrusion Detection System
  127. N-IPS
    Network-based Intrusion Prevention System
  128. NIST
    National Institute of Standards and Technology
  129. NLM
    NetWare Loadable Module
  130. NLSP
    NetWare Link State Protocol
  131. NNTP
    Network News Transfer Protocol
  132. NOC
    Network Operations Center
  133. NOS
    Network Operating System
  134. NSA
    National Security Agency
  135. NTDS
    NT Directory Service
  136. NTLM
    New Technology LAN Manager, replaced LANMAN with release of Windows NT, uses MD4/MD5 hashing algorithms. primary purpose is authentication.
  137. OCSP
    • Online Certificate Status Protocol
    • Used for certification revocation
  138. OFDM
    Orthogonal Frequency-Division Multiplexing
  139. OSI
    Open Systems Interconnection
  140. OSPF
    Open Shortest Path First
  141. OVAL
    • Open Vunerability and Assessment Language
    • A standard written in XML that provide and publicly available security content
  142. PAN
    Personal Area Network
  143. PAP
    Password Authentication Protocol
  144. PAT
    Port Address Translation
  145. PBX
    Private Branch Exchange
  146. PCI
    Payment Card Industry OR Peripheral Component Interconnect
  147. PII
    Personally Identifiable Information
  148. PGP
    • Pretty Good Privacy
    • Public Domain encryption used for email
  149. PKC
    • Public Key Cryptography
    • Two-key systems
  150. PKI
    • Public Key Infrastructure
    • framework, Two-key, asymmetric, Four parts: CA, RA, RSA and digital certificates
  151. PKIX
    Public Key Infastructure X.509
  152. POP
    Post Office Protocol
  153. POP3
    Post Office Protocol Version 3
  154. POTS
    Plain Old Telephone Service
  155. PPP
    Point-to-Point Protocol
  156. PPTP
    Point-to-Point Tunneling Protocol
  157. PSTN
    Public Switched Telephone Network
  158. RA
    • Registration Authority
    • Middleman between CA and user, distributes keys, accepts registrations for the CA and validates identities, does not issue certificates
  159. RAD
    Rapid Application Development
  160. RADIUS
    Remote Authentication Dial-In User Service
  161. RAID
    Redundant Array of Independent (OR Inexpensive) Disks
  162. RAS
    Remote Access Server
  163. RBAC
    Role-Based Access Control & Rule-Based Access control
  164. RC
    • Rivest Cipher or Ron's Code
    • produced by RSA labs, Ron Rivest author, RC5 uses up to 2,048-bit key
  165. RF
    Radio Frequency
  166. RFC
    Request for Comments
  167. RFI
    Radio Frequency Interference
  168. RIP
    Routing Information Protocol
  169. RSA
    • Rivest, Shamir and Adleman, founders of the company
    • asymmetric encryption, public key, uses very lasrge integers, de facto standard, used for encryption and digitals signatures, used in SSL
  170. RSBAC
    Rule Set-Based Access Control
  171. SAM
    Security Account Manager
  172. SET
    Secure Electronic Transcation
  173. SHA
    • Secure Hash Algorithm
    • one-way hash, ensure integrity, 160-bit has value, new standard SHA-1
  174. S-HTTP
    Secure Hypertext Transfer Protocol
  175. SLA
    Service Level Agreement
  176. SLE
    Single Loss Expectancy
  177. SLIP
    Serial Line Internet Protocol
  178. S/MIME
    Secure Multi Purpose Internet Mail Extension
  179. SMTP
    Simple Mail Transfer Protocol
  180. SNMP
    Simple Network Management Protocol
  181. SPX
    Sequenced Packet Exhange
  182. SSH
    Secure Shell
  183. SSL
    Secure Sockets Layer
  184. SSO
    Single Sign-On
  185. STP
    Shielded Twisted Pair
  186. SWP
    Secure WLAN Protocol
  187. TACACS
    Terminal Access Controller Access control System
  188. TCP
    Tranmission Control Protocol
  189. TCP/IP
    Transmission Control Protocol/Internet Protocol
  190. TCSEC
    Trusted Computer System Evaluation Criteria
  191. TFTP
    Trivial File Transfer Protocol
  192. TGT
    Ticket-Granting Ticket
  193. TKIP
    Temporal Key Interchange/Integrity Protocol
  194. TLS
    Transport Layer Security
  195. TNIEG
    Trusted Network Interpretation Environmental Guideline
  196. TPM
    Trusted Platform Module
  197. TTL
    Time to Live
  198. TTP
    Trusted Third Party
  199. UDP
    User Datagram Protocol
  200. UPS
    Uninterruptible Power Supply
  201. URL
    Uniform Resource Locator
  202. UTP
    Unshielded twisted pair
  203. VLAN
    Virtual LAN
  204. VPN
    Virtual Private Network
  205. W3C
    World Wide Web Consortium
  206. WAN
    Wide Area Network
  207. WAP
    Wireless Application Protocol
  208. WEP
    Wired Equivalency Protocol
  209. Wi-Fi
    Wireless Fidelity
  210. WINS
    Windows Internet Naming Service
  211. WPA
    Wi-Fi Protected Access
  212. WPAN
    Wireless Personal Area Network
  213. WTLS
    Wireless Transport Layer Security
  214. x.509
    standard certificate format supported by ITU and many other standards organizations
Card Set
Security+ Acronyms.txt