A
| Adware | Advertising-supported software |
| AES | Advanced Encryption Standard |
| AH | Authentication Headers |
| AIaaS | Artificial Intelligence as a Service |
| ALE | Annual loss expectancy |
| ANSI | American National Standards Institute |
| AP | Access point |
| API | Application programming interface |
| APT | Advanced persistent threat |
| ARO | Annual rate of occurrence |
| ARPAnet | Army Research Projects Agency network |
| ASCII | American Standard Code for Information Interchange |
| ASP | Active Server Pages |
| AUP | Acceptable use policy |
B
| B2B | Business to business |
| B2C | Business to consumer |
| BaaS | Backup as a Service |
| BBS | Bulletin-board service |
| BCP | Business continuity plan |
| BI | Business intelligence |
| BIA | Business impact analysis |
| BIOS | Binary Input/Output System |
| Bps | Bits per second |
| BYOD | Bring Your Own Device |
C
| C2B | Consumer to business |
| C2C | Consumer to consumer |
| CaaS | Cloud-as-a-Service |
| CAN-SPAM | Controlling the Assault of Non-Solicited Pornography and Marketing Act |
| CAPTCHA | Completely Automated Public Turing test to tell Computers and Humans Apart |
| CCDA | Cisco Certified Design Associate |
| CCE | Certified Computer Examiner |
| CCEE | Citrix Certified Enterprise Engineer |
| CCIA | Citrix Certified Integration Architect |
| CCPA | California Consumer Privacy Act |
| CDN | Content delivery network |
| CERN | Conseil Européen pour la Recherche Nucléaire |
| CERT | Computer Emergency Response Team |
| CGI | Common Gateway Interface |
| CI/CD | Continuous integration/continuous deployment |
| CIA | Confidentiality, integrity, availability |
| CIPA | Children’s Internet Protection Act |
| COPPA | Children’s Online Privacy Protection Act |
| CR/LF | Carriage Return/Line Feed |
| CRM | Customer-relationship management |
| CRT | Cathode Ray Tube |
| CSP | Cloud service provider |
| CSPM | Cloud Security Posture Management |
| CSRF | Cross-site request forgery |
| CSS | Cascading Style Sheet |
| CSSLP | Certified Secure Software Lifecycle Professional |
| CVE | Common Vulnerabilities and Exposures |
| CVSS | Common Vulnerability Scoring System |
| CWPP | Cloud Workload Protection Platform |
D
| DaaS | Desktop as a Service |
| DARPA | Defense Advanced Research Projects Agency |
| DAST | Dynamic application security testing |
| DBIR | Data Breach Investigations Report |
| DBMS | Database management system |
| DDoS | Distributed denial of service |
| DECT | Digital Enhanced Cordless Telecommunications |
| DES | Data encryption standard |
| DevOps | Development and operations |
| DHS | Department of Homeland Security |
| DIA | Defense Intelligence Agency |
| DiD | Defense in Depth |
| DLL | Dynamic link library |
| DMZ | Demilitarized zone |
| DNS | Domain Name Service |
| DoS | Denial of service |
| DRP | Disaster recovery plan |
| DSDM | Dynamic Systems Development Method |
| DSL | Digital subscriber line |
E
| EaaS | Everything-as-a-Service |
| EF | Exposure factor |
| EMP | Electro-magnetic pulse |
| ERP | Enterprise resource planning |
| ESP | Encapsulating Security Payloads |
| EU | European Union |
| EULA | End-User License Agreement |
F
| FCC | Federal Communications Commission |
| FDD | Feature-driven development |
| FERPA | Family Educational Rights and Privacy Act |
| FISMA | Federal Information Security Management Act |
| FR1 | Frequency Range 1 |
| FR2 | Frequency Range 2 |
| FTC | Federal Trade Commission |
| FTP | File Transfer Protocol |
G
| GDPR | General Data Protection Regulation |
| GLBA | Gramm-Leach-Bliley Act |
| GPS | Global positioning system |
| GUI | Graphical user interface |
H
| HIPAA | Health Insurance Portability and Accountability Act |
| HSPA | High Speed Packet Access |
| HTML | Hypertext Markup Language |
| HTTP | Hypertext Transfer Protocol |
| HTTPS | Hypertext Transfer Protocol Secure |
I
| IaaS | Infrastructure as a Service |
| ICANN | Internet Corporation for Assigned Names and Numbers |
| ICMP | Internet Control Message Protocol |
| IDPS | Intrusion detection and prevention system |
| IDS | Intrusion detection system |
| IEEE | Institute of Electrical and Electronics Engineers |
| IETF | Internet Engineering Task Force |
| IKE | Internet Key Exchange |
| IM | Instant messaging |
| IMAP | Internet Message Access Protocol |
| InfoSec | Information security |
| IoT | Internet of Things |
| IP | Internet Protocol |
| IPO | Input-Processing-Output model |
| IPS | Intrusion prevention system |
| IPSec | Internet Protocol Security |
| IPv4 | Internet Protocol version 4 |
| IPv6 | Internet Protocol version 6 |
| ISO | International Organization for Standardization |
| ISOC | Internet Society |
| ISP | Internet service provider |
| ITIL | Information Technology Infrastructure Library |
L
| L2TP | Layer 2 Tunneling Protocol |
| LAMP | Linux, Apache, MySQL, PHP/Perl/Python |
| LAN | Local area network |
| LDAP | Lightweight Directory Access Protocol |
| LFI | Local File Inclusion |
| LoS | Line of Sight |
| LSD | Lean software development |
| LTE | Long-Term Evolution |
M
| MAC | Media Access Control |
| MAMP | macOS, Apache, MySQL/MariaDB, and PHP/Perl/Python |
| MAN | Metropolitan area network |
| MBR | Master Boot Record |
| MD5 | Message Digest 5 |
| MEAN | MongoDB, ExpressJS, AngularJS, NodeJS |
| MFA | Multi-factor authentication |
| MGCP | Media Gateway Control Protocol |
| MIME | Multipurpose Internet Mail Extensions |
| MitM | Man-in-the-middle attack |
| MMS | Multimedia Messaging Service |
| mmWave | Millimeter wave |
| MPLS | Multiprotocol Label Switching |
| MPOP | Multiple points of presence |
| MTTF | Mean time to failure |
| MTTR | Mean time to recovery |
| MVP | Minimum viable product |
N
| NaaS | Network as a Service |
| NGMN | Next Generation Mobile Networks |
| NIC | Network interface card |
| NIST | National Institute of Standards and Technology |
| NTP | Network Time Protocol |
| NVD | National vulnerability database |
O
| OMA | Open Mobile Alliance |
| ORM | Object-relational mapping |
| OS | Operating system |
| OSI | Open Systems Interconnection |
| OUI | Organizationally Unique Identifier |
| OWASP | Open Web Application Security Project |
P
| P2P | Peer-to-peer |
| PaaS | Platform as a Service |
| PBKDF | Password-based key derivation function |
| PBX | Private branch exchange |
| PCI DSS | Payment Card Industry Data Security Standard |
| PCI SSC | PCI Security Standards Council |
| PDA | Personal digital assistant |
| PHI | Personal health information |
| PHP | PHP Hypertext Preprocessor |
| PII | Personally identifiable information |
| PIN | Personal identification number |
| PING | Packet Internet Groper |
| POP3 | Post Office Protocol |
| POTS | Plain old telephone system |
| PPTP | Point-to-Point Tunneling Protocol |
| PSTN | Public switched telephone network |
| PUP | Potential Unwanted Program |
| PWA | Progressive web applications |
Q
| QAM | Qualitative assessment matrix |
R
| RAD | Rapid application development |
| RAM | Random-access memory |
| RAM | Risk assessment matrix |
| RAT | Radio access technology |
| RCE | Remote code execution |
| RDBMS | Relational Database Management System |
| RF | Radio frequency |
| RFC | Request for Comments |
| RFI | Remote file inclusion |
| RFID | Radio frequency identification |
| RPO | Recovery point objective |
| RSA | Rivest, Shamir, and Adleman |
| RTCP | Real-time Transport Control Protocol |
| RTO | Recovery time objective |
| RTP | Real-time Transport Protocol |
S
| SA | Security association |
| SaaS | Software as a Service |
| SAST | Static application scanning tool |
| SCM | Software configuration management |
| SDL | Secure development lifecycle |
| SDLC | Systems development life cycle |
| SDN | Software defined networking |
| SD-WAN | Software defined WAN |
| SEO | Search engine optimization |
| SHA | Secure hash algorithm |
| SID | Session ID |
| SIP | Session Initiation Protocol |
| SLA | Service level agreement |
| SLE | Single loss expectancy |
| SMB | Small-to-medium businesses |
| SME | Subject matter expert |
| SMS | Short message service |
| SMTP | Simple Mail Transport Protocol |
| SNMP | Simple Network Management Protocol |
| SOAP | Simple Object Access Protocol |
| SOHO | Small office/home office |
| SOX | Sarbanes-Oxley Act of 2002 |
| SPA | Single-page application |
| SPI | Security Parameters Index |
| SPOF | Single point of failure |
| SQL | Structured Query Language |
| SQLi | SQL Injection |
| SSG | Static-site generation |
| SSH | Secure shell |
| SSI | Server-side include |
| SSID | Service set identifier |
| SSL | Secure Sockets Layer |
| SSR | Server-side rendering |
| SSRF | Server Side Request Forgery |
T
| TCP | Transmission Control Protocol |
| TCP/IP | Transmission Control Protocol/ Internet Protocol |
| TCPA | Telephone Consumer Protection Act |
| Telnet | Terminal network |
| TLD | Top-level domain |
| TLS | Transport Layer Security |
| TOCTOU | Time of check, time of use |
| TOR | The Onion Router |
U
| UaaS | Unified communications as a service |
| UAC | SIP user agent client |
| UDI | Universal Document Identifier |
| UDP | User Datagram Protocol |
| UE | User equipment |
| UEFI | Unified Extensible Firmware Interface |
| UI | User interface |
| ULE | Ultra-low emission |
| UMB | Ultra Mobile Broadband |
| UMTS | Universal Mobile Telecommunications System |
| UPS | Uninterruptible power supply |
| URI | Uniform Resource Identifier |
| URL | Universal (or Uniform) Resource Locator |
| USB | Universal serial bus |
| UX | User experience |
V
| VaaS | Video-conferencing as a Service |
| VLAN | Virtual local area network |
| VM | Virtual machine |
| VMM | Virtual machine manager |
| VoIP | Voice over Internet Protocol |
| VPN | Virtual private network |
W
| WAF | Web Application Firewall |
| WAMP | Windows, Apache, MySQL, and PHP |
| WAN | Wide area network |
| WAP | Wireless access point |
| WASC | Web Application Security Consortium |
| WEP | Wired Equivalent Privacy |
| Wi-Fi | Wireless Fidelity |
| WiMAX | Worldwide Interoperability for Microwave Access |
| WLAN | Wireless local area network |
| WPA | Wi-Fi Protected Access |
| WPA2 | Wi-Fi Protected Access, version 2 |
| WPA3 | Wi-Fi Protected Access, version 3 |
| WWW | World Wide Web |
X
| XHTML-MP | Extensible HyperText Markup Language – Mobile Profile |
| XML | Extensible Markup Language |
| XP | Extreme programming |
| XPath | XML Path |
| XSS | Cross-site scripting |
| XST | Cross-site tracing |
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.
