Security+ (SY0-601) Acronym List - ECPI University

1 Acronym DEFINITION3 DES Triple Data Encryption StandardAAA Authentication, Authorization, and AccountingABAC Attribute-based Access ControlACL Access Control ListAD Active DirectoryAES Advanced Encryption StandardAES256 Advanced Encryption Standards 256bitAH Authentication HeaderAI Artificial IntelligenceAIS Automated Indicator SharingALE Annualized Loss ExpectancyAP Access PointAPI Application Programming InterfaceAPT Advanced Persistent ThreatARO Annualized Rate of OccurrenceARP Address Resolution ProtocolASLR Address Space Layout RandomizationASP Active Server PagesATT&CK Adversarial Tactics, Techniques, and Common KnowledgeAUP Acceptable Use PolicyAV AntivirusBASH Bourne Again ShellBCP Business Continuity PlanningBGP Border Gateway ProtocolBIA Business Impact AnalysisBIOS Basic Input/Output SystemBPA Business Partnership Agreement BPDU Bridge Protocol Data UnitBSSID Basic Service Set IdentifierBYOD Bring Your Own DeviceCA Certificate AuthorityCAPTCHA Completely Automated Public Turing Test to Tell Computers and Humans ApartACRONYM DEFINITION CAR Corrective Action ReportCASB Cloud Access Security BrokerCBC Cipher Block ChainingCBT Computer-based TrainingCCMP Counter-Mode/CBC-MAC ProtocolCCTV Closed-Circuit TelevisionCERT Computer Emergency Response TeamCFB Cipher Feedback CHAP Challenge-Handshake

2 Authentication ProtocolCIO Chief Information OfficerCIRT Computer Incident Response TeamCIS Center for Internet SecurityCMS Content Management SystemCN Common NameCOOP Continuity of Operations PlanningCOPE Corporate-owned Personally EnabledCP Contingency PlanningCRC Cyclic Redundancy CheckCRL Certificate Revocation ListCSA Cloud Security AllianceCSIRT Computer Security Incident Response TeamCSO Chief Security OfficerCSP Cloud Service Provider CSR Certificate Signing Request CSRF Cross-Site Request Forgery CSU Channel Service UnitCTM Counter-ModeCTO Chief Technology OfficerCVE Common Vulnerabilities and ExposuresCVSS Common Vulnerability Scoring SystemCYOD Choose Your Own DeviceDAC Discretionary Access ControlDBA Database Administrator DDoS Distributed Denial-of-ServiceDEP Data Execution PreventionThe following is a list of acronyms that appear on the CompTIA Security+ exam.

3 Candidates are encouraged to review the complete list and attain a working knowledge of all listed acronyms as part of a comprehensive exam preparation + (SY0-601) Acronym List CompTIA Security+ Certification Exam Objectives Version (Exam Number: SY0-601) Acronym DEFINITION DER Distinguished Encoding RulesDES Data Encryption StandardDHCP Dynamic Host Configuration ProtocolDHE Diffie-Hellman EphemeralDKIM Domain Keys Identified MailDLL Dynamic-link LibraryDLP Data Loss PreventionDMARC Domain Message Authentication Reporting and ConformanceDNAT Destination Network Address Transaction DNS Domain Name SystemDNSSEC Domain Name System Security ExtensionsDoS Denial-of-ServiceDPO Data Protection OfficerDRP Disaster Recovery PlanDSA Digital Signature Algorithm DSL Digital Subscriber LineEAP Extensible Authentication ProtocolECB Electronic Code BookECC Elliptic-curve CryptographyECDHE Elliptic-curve Diffie-Hellman EphemeralECDSA Elliptic-curve Digital Signature

4 Algorithm EDR Endpoint Detection and ResponseEFS Encrypted File SystemEIP Extended Instruction PointerEOL End of LifeEOS End of ServiceERP Enterprise Resource PlanningESN Electronic Serial NumberESP Encapsulating Security PayloadESSID Extended Service Set IdentifierFACL File System Access Control ListFDE Full Disk EncryptionFIM File Integrity MonitoringFPGA Field Programmable Gate ArrayFRR False Rejection RateFTP File Transfer ProtocolFTPS Secured File Transfer ProtocolGCM Galois/Counter Mode GDPR General Data Protection RegulationGPG GNU Privacy GuardGPO Group Policy ObjectGPS Global Positioning SystemGPU Graphics Processing UnitGRE Generic Routing EncapsulationHA High AvailabilityHDD Hard Disk DriveHIDS Host-based Intrusion Detection SystemHIPS Host-based Intrusion Prevention SystemHMAC Hash-based Message Authentication CodeHOTP HMAC-based One-time PasswordACRONYM DEFINITION HSM Hardware Security Module HSMaaS Hardware Security Module as a ServiceHTML Hypertext Markup LanguageHTTP Hypertext Transfer ProtocolHTTPS Hypertext Transfer Protocol Secure HVAC Heating, Ventilation.

5 Air ConditioningIaaS Infrastructure as a ServiceIAM Identity and Access ManagementICMP Internet Control Message ProtocolICS Industrial Control Systems IDEA International Data Encryption AlgorithmIDF Intermediate Distribution FrameIdP Identity Provider IDS Intrusion Detection SystemIEEE Institute of Electrical and Electronics EngineersIKE Internet Key ExchangeIM Instant MessagingIMAP4 Internet Message Access Protocol v4 IoC Indicators of CompromiseIoT Internet of ThingsIP Internet ProtocolIPS Intrusion Prevention SystemIPSec Internet Protocol SecurityIR Incident ResponseIRC Internet Relay ChatIRP Incident Response PlanISA interconnection Security AgreementISFW Internal Segmentation FirewallISO International Organization for StandardizationISP Internet Service ProviderISSO Information Systems Security OfficerITCP IT Contingency PlanIV Initialization VectorKDC Key Distribution CenterKEK Key Encryption KeyL2TP Layer 2 Tunneling ProtocolLAN Local Area NetworkLDAP Lightweight Directory Access ProtocolLEAP Lightweight Extensible Authentication ProtocolMaaS Monitoring as a ServiceMAC Media Access ControlMAM Mobile Application ManagementMAN Metropolitan Area NetworkMBR Master Boot RecordMD5 Message Digest 5 MDF Main Distribution FrameMDM Mobile Device ManagementMFA Multifactor AuthenticationMFD Multifunction DeviceMFP Multifunction PrinterML Machine Learning CompTIA Security+ Certification Exam Objectives Version (Exam Number.)

6 SY0-601) Acronym DEFINITION MMS Multimedia Message ServiceMOA Memorandum of AgreementMOU Memorandum of Understanding MPLS Multiprotocol Label SwitchingMSA Measurement Systems AnalysisMS-CHAP Microsoft Challenge-Handshake Authentication ProtocolMSP Managed Service ProviderMSSP Managed Security Service ProviderMTBF Mean Time Between FailuresMTTF Mean Time to FailureMTTR Mean Time to RepairMTU Maximum Transmission UnitNAC Network Access ControlNAS Network-attached StorageNAT Network Address TranslationNDA Non-disclosure AgreementNFC Near-field CommunicationNFV Network Function VirtualizationNGFW Next-generation FirewallNG-SWG Next-generation Secure Web GatewayNIC Network Interface CardNIDS Network-based Intrusion Detection SystemNIPS

7 Network-based Intrusion Prevention SystemNIST National Institute of Standards & TechnologyNOC Network Operations CenterNTFS New Technology File SystemNTLM New Technology LAN ManagerNTP Network Time ProtocolOCSP Online Certificate Status ProtocolOID Object IdentifierOS Operating SystemOSI Open Systems InterconnectionOSINT Open-source IntelligenceOSPF Open Shortest Path FirstOT Operational TechnologyOTA Over-The-AirOTG On-The-GoOVAL Open Vulnerability and Assessment LanguageOWASP Open Web Application Security ProjectP12 PKCS #12P2P Peer-to-PeerPaaS Platform as a ServicePAC Proxy Auto Configuration PAM Privileged Access ManagementPAM Pluggable Authentication ModulesPAP Password Authentication ProtocolPAT Port Address TranslationPBKDF2 Password-based Key Derivation Function 2 PBX Private Branch Exchange PCAP Packet Capture Acronym DEFINITION PCI DSS Payment Card Industry Data Security StandardPDU Power Distribution UnitPE Portable ExecutablePEAP Protected Extensible Authentication ProtocolPED Portable Electronic DevicePEM Privacy Enhanced MailPFS Perfect Forward Secrecy PGP Pretty Good PrivacyPHI Personal Health InformationPII Personally Identifiable InformationPIN Personal Identification NumberPIV Personal Identity Verification PKCS Public Key Cryptography StandardsPKI Public Key InfrastructurePoC Proof of ConceptPOP Post Office ProtocolPOTS Plain Old Telephone ServicePPP

8 Point-to-Point ProtocolPPTP Point-to-Point Tunneling ProtocolPSK Preshared KeyPTZ Pan-Tilt-ZoomPUP Potentially Unwanted ProgramQA Quality AssuranceQoS Quality of ServicePUP Potentially Unwanted ProgramRA Registration AuthorityRAD Rapid Application DevelopmentRADIUS Remote Authentication Dial-in User ServiceRAID Redundant Array of Inexpensive DisksRAM Random Access MemoryRAS Remote Access ServerRAT Remote Access TrojanRC4 Rivest Cipher version 4 RCS Rich Communication ServicesRFC Request for CommentsRFID Radio Frequency IdentificationRIPEMD RACE Integrity Primitives Evaluation Message DigestROI Return on InvestmentRPO Recovery Point ObjectiveRSA Rivest, Shamir, & AdlemanRTBH Remotely Triggered Black HoleRTO Recovery Time ObjectiveRTOS Real-time Operating SystemRTP Real-time Transport ProtocolS/MIME Secure/Multipurpose Internet Mail ExtensionsSaaS Software as a ServiceSAE Simultaneous Authentication of EqualsSAML Security Assertions Markup LanguageSCADA Supervisory Control and Data Acquisition SCAP Security Content Automation ProtocolCompTIA Security+ Certification Exam Objectives Version (Exam Number.)

9 SY0-601) Acronym DEFINITION SCEP Simple Certificate Enrollment ProtocolSDK Software Development KitSDLC Software Development Life CycleSDLM Software Development Life-cycle MethodologySDN Software-defined NetworkingSDP Service Delivery PlatformSDV Software-defined VisibilitySED Self-Encrypting Drives SEH Structured Exception Handling SFTP SSH File Transfer Protocol SHA Secure Hashing AlgorithmSIEM Security Information and Event ManagementSIM Subscriber Identity ModuleSIP Session Initiation ProtocolSLA Service-level AgreementSLE Single Loss ExpectancySMB Server Message BlockS/MIME Secure/Multipurpose Internet Mail ExtensionsSMS Short Message ServiceSMTP Simple Mail Transfer ProtocolSMTPS Simple Mail Transfer Protocol SecureSNMP Simple

10 Network Management ProtocolSOAP Simple Object Access ProtocolSOAR Security Orchestration, Automation, ResponseSoC System on ChipSOC Security Operations CenterSPF Sender Policy FrameworkSPIM Spam over Instant MessagingSQL Structured Query LanguageSQLi SQL InjectionSRTP Secure Real-time Transport ProtocolSSD Solid State DriveSSH Secure ShellSSID Service Set IdentifierSSL Secure Sockets LayerSSO Single Sign-onSTIX Structured Threat Information eXpressionSTP Shielded Twisted PairSWG Secure Web GatewayTACACS+ Terminal Access Controller Access Control SystemTAXII Trusted Automated eXchange of Intelligence InformationTCP/IP Transmission Control Protocol/Internet ProtocolTGT Ticket Granting TicketTKIP Temporal Key Integrity ProtocolTLS Transport Layer Security TOTP Time-based One Time PasswordTPM Trusted Platform ModuleTSIG