all right these are the acronyms for the CompTIA Security Plus AAA authentication authorization and accounting ACL Access Control list AES Advanced encryption standard AES 256 Advanced encryption standards 256bit ah authentication header AI artificial intelligence AIS automated indicator sharing Al e annualized loss expectancy AP access point API application programming interface AP Advanced for persistent threat a o annualized rate of occurrence ARP address resolution protocol as LR address space layout randomization attack adversarial tactics techniques and common knowledge AUP acceptable use policy AV anti virus bash Born Again shell BCP business continuity planning bgp border Gateway protocol Bia business impact analysis bios basic input output system BPA business partners agreement bpdu Bridge protocol data use Unit B yod bring your own device CA certificate Authority capture completely automated public touring test to tell computers and humans apart car corrective Action Report casb Cloud access security broker CBC Cipher block chaining ccmp counter mode CBC Mac protocol CCTV closed circuit television CT computer Emergency Response Team CFB Cipher feedback chap challenge handshake Authentication Protocol CIA confidentiality Integrity availability cioo Chief INF information officer sech C computer in incident Response Team CMS content management system cop continuity of operation planning cope corporate owned personally enabled CP contingency planning CRC cyclical redundancy check CR L certificate revocation list CSO Chief security officer CSP cloud service provider CSR certificate signing request csrf cross site request forgery CSU Channel Service Unit ctm counter mode CTO Chief technology officer cve common vulnerability enumeration CVSs common vulnerability scoring system c y o d choose your own device da a discretionary Access Control DBA database administrator DD D distributed denial of service D data execution prevention D digital encryption standard DHCP Dynamic host configuration protocol DHE Diffy Helman ephemeral dkim domain Keys identified mail dll Dynamic link Library DLP data loss prevention DeMark domain message authentication reporting and conformance dnat destination Network address translation DNS domain name system do denial of service DPO data privacy officer DRP Disaster Recovery plan DSA digital signature algorithm DSL digital subscriber line EAP extensible Authentication Protocol ECB electronic codebook ECC elliptic curve cryptography e c d h e elliptic curve Diffy Helman ephemeral e c DSA elliptic curve digital signature algorithm EDR endpoint detection and response EFS encrypted file system e RP enterprise resource planning e SN electronic serial number es encapsulated security payload fle file system Access Control List fde full disk encryption fim file Integrity management fpga field programmable gate array F RR false rejection rate FTP file transfer protocol ftps secured file transfer protocol GCM galloy counter mode gdpr General data protection regulation gpg ganu privacy guard GPO Group Policy object GPS global positioning system GPU Graphics Processing Unit G generic routing encapsulation ha a High availability HDD hard disk drive HIDs host based intrusion detection system hips host based intrusion prevention system hmac hashed message authentication code h o TP hmac based one time password HSM Hardware security module HTML hyper text markup language HTTP hyper text transfer protocol https hyper text transfer protocol secure HVAC heating ventilation air conditioning I AAS infrastructure as a service I a infrastructure as code I am identity and access management I CMP internet control message protocol ICS industrial Control Systems idea I international data encryption algorithm I DF intermediate distribution frame IDP identity provider I DS intrusion detection system i e Institute of electrical and electronics Engineers ik ke internet key EXP exchange I instant messaging IMAP internet message access protocol iooc indicators of compromise iot Internet of Things IP Internet Protocol IPS intrusion prevention system IPC Internet Protocol security IR incident response IRC Internet relay chat IRP incident response plan ISO International standards organization ISP internet service provider is SSO Information Systems security officer i v initialization Vector KDC key distribution center k e k key encryption key L2 TP layer 2 tunneling protocol LAN local area network ldap lightweight directory access protocol leap lightweight extensible Authentication Protocol m a a monitoring as a service Mac mandatory access control Mac media access control Mac message authentication code man metropolitan area network MBR Master boot record md5 message digest 5 MDF main distribution frame MDM mobile device management MFA multiactor authentication MFD multifunction device mfp multi-function printer ml machine learning MMS multimedia message service M OA memorandum of agreement m oou meor mandum of understanding M PS multiprotocol label switching MSA Master service agreement Ms chap Microsoft challenge handshake Authentication Protocol MSP managed server service provider MSS P managed security service provider mtbf mean time between failures mttf mean time to failure mttr mean time to recover Mt U maximum transmission unit n network access control n a t Network address translation NDA nondisclosure agreement NFC near field communication n gfw Next Generation firewall n DS network based intrusion detection system nips network based intrusion prevention system nist National Institute of Standards and Technology NTFS new technology file system ntlm new technology land manager ntp Network time protocol oo open authorization ocsp online certificate status protocol o d object identifier o Operating System ENT opsource intelligence o PF open shortest path first OT T operational technology OT a over the air Oval open vulnerability assessment language p12 pkcs number 12 P2P Pier 2 Pier P AAS platform as a service Pac proxy Auto configuration P privileged access management Pam plugable authentication modules papap password Authentication Protocol p a port address translation pbkdf2 password based key derivation function 2 PBX private Branch exchange pcap packet capture PCI DSS payment card industry data security standard pdu power distribution unit P EAP protected extensible Authentication Protocol peed personal electronic device pem privacy enhanced mail PFS perfect forward secrecy pgp pretty good privacy p personal health information Pi I personally identifiable information PV personal identity verification pkcs public key cryptography standards pki public key infrastructure p o p or pop post office protocol pots plain old telephone service PPP point2 Point protocol pptp point2 Point tunneling protocol psk pre-shared key PT Z Pan tilt Zoom p u p potentially unwanted program ra a recovery agent r a registration Authority race research and development in Advanced Communications Technologies in Europe rad rapid application development radius remote authentication dial in user service raid redundant array of inexpensive discs Ras remote access server rat remote access Trojan rbac R based Access Control rbac rule based Access Control rc4 rivest Cipher version 4 RDP remote desktop protocol RFID radio frequency identifier ripemd race Integrity Primitives evaluation message digest Roi return on investment RPO recovery Point objective RSA rivest Shamir and Adelman rtbh remotely triggered black hole r t recovery time objective rtos realtime operating system RTP realtime transport protocol s min secure multi-purpose internet mail extensions s AAS software as a service SAE simultaneous authentication of equals saml security assertions markup language SAN storage area network San subject alternative name s secure access service edge Scot supervisory control and data acquisition SC escap security content automation protocol scce simple certificate enrollment protocol sdwan software defined wide area network SDK software development kit sdlc software development life cycle S dlm software development life cycle methodology sdn softwar defined networking SE Linux security enhanced Linux s e self encrypting drives SE structured exception Handler SFTP secured file transfer protocol sh secure hashing algorithm sh HTTP secure hypertext transfer protocol CM Security information and event management Sim subscriber identity module SLA service level agreement SLE single loss expectancy SMS short message service SMTP simple mail transfer protocol smtps simple mail transfer protocol secure SNMP simple Network management protocol soap simple object access protocol soore security orchestration automation response sooc system on a chip sock security operations center s so statement of work SPF sender policy framework spim spam over internet messaging SQL structured query language sqli SQL injection srtp secure real time protocol SSD solid state drive SSH secure shell SSL secure sockets layer SSO single sign on sticks structured threat information exchange SG secure web Gateway Tac Act plus terminal Access Controller access control system taxi trusted automated exchange of indicator information tcpip transmission control protocol Internet Protocol TGT ticket granting ticket tki temporal key integ integrity protocol TLS transport layer security to time of check t o TP time based onetime password touu time of use TPM trusted platform module TTP tactics techniques and procedures TSI transaction signature uat user acceptance testing UAV unmanned aerial vehicle UDP user datagram protocol UEFI United extensible firmware interface UE unified endpoint management UPS uninterruptable power supply URI uniform resource identifier URL Universal resource locator USB Universal serial bus USB ootg USB on Theo UTM unified threat management UTP unshielded twisted pair VBA Visual Basic vde virtual desktop environment vdi virtual desktop infrastructure VLAN virtual local area network vlsm variable length subnet masking VM virtual machine V voice over IP VPC virtual private Cloud VPN virtual private Network VTC video teleconferencing Waf web application firewall WAP wireless access point Point web wired equivalent privacy WIS Wireless intrusion detection system WIS Wireless intrusion prevention system wo work order WPA Wi-Fi protected access oops WPS Wi-Fi protect setup wtls Wireless TLS xdr extended detection and response XML extensible markup language XO R exclusive or xsrf cross site request forgery xss cross site scripting