3DES triple data encryption standard

AAA authentication, authorization, and accounting

ACD automatic call distributor

ACK acknowledgment

ACL access control list

ADS alternate data streams

AES Advanced Encryption Standard

AH Authentication Header

ALE annualized loss expectancy

ANSI American National Standards Institute

AP access point

API application programming interface

APT advanced persistent threat

ARO annualized rate of occurrence

ARP Address Resolution Protocol

ASAv Adaptive Security Virtual Appliance

ATM asynchronous transfer mode

AUP acceptable use policy

AV asset value

B2B business to business

B2C business to consumer

BBB Better Business Bureau

BCP business continuity planning

BGP BGP Border Gateway Protocol

BIOS basic input/output system

BYOD Bring Your Own Device

C2C consumer to consumer

CA certificate authority

CAP Certification and Accreditation Professional

CAUCE Coalition Against Unsolicited Commercial Email

CCC CERT Coordination Center

CCNA Cisco Certified Network Associate

CCPA California Consumer Privacy Act

CERT Computer Emergency Response Team

CFE Certified Fraud Examiner

CGI Common Gateway Interface

C-I-A confidentiality, integrity, and availability

CIDR classless inter-domain routing

CISA Certified Information Systems Auditor

CISM Certified Information Security Manager

CISSP Certified Information System Security Professional

CLI command line interface

CMIP common management information protocol

COPPA Children’s Online Privacy Protection Act

CPE customer premise equipment

CPU central processing unit

CRC cyclic redundancy check

CSI Computer Security Institute

CTI computer telephony integration

DBMS database management system

DCOM distributed component object model

DDoS distributed denial of service

DD-WRT DresDren-Wireless RouTer

DES Data Encryption Standard

devfs device file system

DHCP dynamic host configuration protocol

DLLs dynamic link libraries

DLP data leakage prevention

DMZ demilitarized zone

DNS domain name system

DoS denial of service

DPI deep packet inspection

DRP disaster recovery plan

DSL digital subscriber line

DSS digital signature standard

DSU data service unit

ECC elliptical curve cryptography

EDI electronic data interchange

EF exposure factor

EHR electronic health record

EIDE enhanced integrated development environment 

EIGRP Enhanced Interior Gateway Routing Protocol

EPHI electronic protected health information 

EPIC Electronic Privacy Information Center

ESD electrostatic discharge

ESP encapsulating security payload

EU European Union

EULA end-user license agreement

FACTA Fair and Accurate Credit Transactions Act

FAR false acceptance rate

FBI Federal Bureau of Investigation

FCC Federal Communications Corporation

FDIC Federal Deposit Insurance Corporation

FEP front-end processor

FERPA Family Educational Rights and Privacy Act

FIPS Federal Information Processing Standards

FQDN fully qualified domain names

FRCP Federal Rules of Civil Procedure

FRR false rejection rate

FTC Federal Trade Commission

FTP file transfer protocol

GDRP general data protection regulation

GIAC Global Information Assurance Certification

GLBA Gramm-Leach-Bliley Act

GLBP gateway load balancing protocol

GRC governance, risk, and compliance

GUI graphical user interface

HIDS host-based intrusion detection system

HIPAA Health Insurance Portability and Accountability Act

HIPS host-based intrusion prevention system

HITECH Health Information Technology for Economic and Clinical Health 

HSRP hot standby router protocol

HTML hypertext markup language

HTTP hypertext transfer protocol

HTTPS HTTP over secure socket layer

HVAC heating, ventilation, and cooling

IAB Internet Activities Board

IAM identity and access management

IANA Internet Assigned Numbers Authority

ICMP Internet control message protocol

ICS industrial control system

IDEA international data encryption algorithm

IDPS intrustion detection and prevention system

IDS intrusion detection system

IEEE Institute of Electrical and Electronics Engineers

IEMI intentional electromagnetic interference

IETF Internet Engineering Task Force

IGMP Internet group management protocol

IGRP Interior Gateway Routing Protocol

IKE Internet key exchange

IKEv2 Internet key exchange v2

IM instant messaging

IMS IP Multimedia Subsystem

InfoSec information security

IoT Internet of Things

IP Internet Protocol

IPS intrusion prevention system

IPSec IP Security

IPv4 Internet protocol version 4

IPv6 Internet protocol version 6

IPX/SPX Internetwork Packet Exchange/Sequenced Packet Exchange

IRC Internet relay chat

IRS Internal Revenue Service

(ISC)² International Information System Security Certification Consortium

ISDN Integrated Services Digital Network

ISO International Organization for Standardization

ISP Internet service provider

ISS Internet security systems

IT information technology

ITIL Information Technology Infrastructure Library

ITRC Identity Theft Resource Center

IVR interactive voice response

LAN local area network

LCD Liquid Crystal Display

LDAP lightweight directory access protocol

L2F layer 2 forwarding

L2TP layer 2 tunneling protocol

MAC Mandatory access code. Also Media Access Control.

MAN metropolitan area network

MD5 Message Digest 5

MitM man-in-the-middle

modem MOdulator DEModulator

MPLS multi-protocol label switching

MPPE Microsoft point-to-point encryption

MTBF mean time between failures

MTTF mean time to failure

MTU maximum transmission unit

NAC network access control

NAS network access server

NAT network access translation

NII National Information Infrastructure

NAT-PT network address translation–protocol translation

NetBEUI NetBios extended user interface

NFIC National Fraud Information Center

NGFV next-generation firewall virtual

NGFW next-generation firewall

NGIPS next-generation intrusion prevention system

NIC network interface card

NIDS network intrusion detection system

NIPS network intrusion prevention system

NIST National Institute of Standards and Technology

NMS network management system

NNTP network news transfer protocol

NPAS network policy and access services

NSA National Security Agency

NTFS new technology file system

OBM out-of-band management

OC optical carrier

OpenVPN open source virtual private network

Open WRT Open Wireless RouTer

OS operating system

OSI open systems interconnection

OSPF Open Shortest Path First

OWASP Open Web Application Security Project

P2P person to person

PAT port address translation

PBX private branch exchange

PC personal computer

PCI Payment Card Industry

PCI DSS Payment Card Industry Data Security Standard

PGP pretty good privacy

PHI protected health information

PII personally identifiable information

PKI public key infrastructure

PNAC port-based network access (admission) control

POP Post Office Protocol

PPP point-to-point protocol

PPTP point-to-point tunneling protocol

PRNG pseudo random number generator

QoS quality of service

RADIUS remote authentication dial-in user service

RAID redundant array of independent disks

RAM random access memory

RAS remote access server

RBAC role-based access system

RDC remote desktop connection

RDP remote desktop protocol

RDS remote desktop services

RFC request for comments

RFID radio-frequency identification

RIP Routing Information Protocol

RIR regional Internet registry

ROI return on investment

RRAS routing and remote access service

RSA Rivest, Shamir, and Adleman (algorithm)

SAN storage area network

SANCP security analyst network connection profiler

SANS SysAdmin, Audit, Network, Security

SAP service access point

SCSI small computer system interface

SDD Software Design Document

SED static-electric discharge

SEM security event management

SEO search engine optimization

SET secure electronic transaction

SGC server-gated cryptography

SHA secure hash algorithm

S-HTTP secure HTTP

SIEM security information and event management

SIM security information management

SIRT security incident response team

SLA service level agreement

SLE single loss expectancy

SMAC social, mobile, analytics and cloud

SMFA specific management functional area

SMTP simple mail transfer protocol

SNA systems network architecture

SNMP simple network management protocol

SOHO small office/home office

SOX Sarbanes-Oxley Act of 2002 (also Sarbox)

SQL Structured Query Language

SSA Social Security Administration

SSCP Systems Security Certified Practitioner

SSH secure shell

SSID service set identifier

SSL secure sockets layer

SSL/TLS secure sockets layer/transport layer security

SSO single sign-on

STP shielded twisted cable

STIG Security Technical Implementation Guide

SYN synchronize

SYN/ACK synchronization acknowledged

TACACS Terminal Access Controller Access-Control System

TCP Transmission Control Protocol

TCP/IP Transmission Control Protocol/Internet Protocol

TCSEC trusted computer system evaluation criteria

TFTP trivial file transfer protocol

TLS Transport Layer Security

TNI trusted network interpretation

TPM trusted platform module

UDP user datagram protocol

UNIX Uniplexed Information and Computer Systems

UPS uninterruptible power supply

URL uniform resource locator

USB universal serial bus

UTM unified threat management

UTP unshielded twisted cable

VLAN virtual local area network

VOIP Voice over Internet Protocol

VPN virtual private network

VRRP virtual router redundancy protocol

WAN wide area network

WAN wide area network virtual

VPN private network

WAP wireless accent point

WebGUI web-based graphical user interface

WLAN wireless local area network

WNIC wireless network interface card

WORM write-once read-many

W3C World Wide Web Consortium

WWW World Wide Web

XXS Cross-site scripting