CompTIA CASP+ Acronym List

2FA -  Two-Factor Authentication
3DES -  Triple Digital Encryption Standard
AAA -  Authentication, Authorization and Accounting
AAR -  After Action Report
ACL -  Access Control List
AD -  Active Directory
AES -  Advanced Encryption Standard
AH - Authentication Header
AJAX -  Asynchronous JavaScript and XML
ALE -  Annualized Loss Expectancy
AP -  Access Point
API -  Application Programming Interface
APT -  Advanced Persistent Threat
ARO -  Annualized Rate of Occurrence
ARP -  Address Resolution Protocol
ASLR -  Address Space Layout Randomization
AUP -  Acceptable Use Policy
AV -  Antivirus
B2B -  Business-to-Business
BCP -  Business Continuity Planning
BGP -  Border Gateway Protocol
BIA -  Business Impact Analysis
BIOS -  Basic Input/Output System
BPA -  Business Partnership Agreement
BPM -  Business Process Management
BYOD -  Bring Your Own Device 
CA -  Certificate Authority
CAPTCHA -  Completely Automated Public Turing test to tell Computers and Humans Apart
CASB -  Cloud Access Security Broker
CBC -  Cipher Block Chaining
CCMP -  Counter-Mode/CBC-Mac Protocol
CCTV -  Closed-Circuit Television
CERT -  Computer Emergency Response Team
CFB -  Cipher Feedback
CHAP -  Challenge Handshake Authentication Protocol
CIA -  Confidentiality, Integrity and Availability
CIFS -  Common Internet File System
CIRT -  Computer Incident Response Team
CISO -  Chief Information Security Officer
CLI -  Command Line Interface
CMDB -  Configuration Management Database
CMS -  Content Management System
COOP -  Continuity of Operations
COPE -  Corporate Owned, Personally Enabled
COTS -  Commercial Off-the-Shelf
CRC -  Cyclical Redundancy Check
CredSSP -  Credential Security Support Provider
CRL -  Certification Revocation List
CRM -  Customer Resource Management
CSP -  Cloud Service Provider
CSP -  Cryptographic Service Provider
CSRF -  Cross-Site Request Forgery
CTR -  Counter Mode
CVE -  Collaborative Virtual Environment
CYOD -  Choose Your Own Device 
DAC -  Discretionary Access Control
DAM -  Database Activity Monitoring
DAR -  Data at Rest
DDoS -  Distributed Denial of Service
DEP -  Data Execution Prevention
DES -  Digital Encryption Standard
DHCP -  Dynamic Host Configuration Protocol
DKIM -  Domain Keys Identified Mail
DLL -  Dynamic Link Library
DLP -  Data Loss Prevention
DMZ -  Demilitarized Zone
DNS -  Domain Name Service
DOM -  Document Object Model
DoS -  Denial of Service
DRP -  Disaster Recovery Plan
DSA -  Digital Signature Algorithm
EAP -  Extensible Authentication Protocol
ECB -  Event Control Block
ECC -  Elliptic Curve Cryptography
EDR -  Endpoint Detection Response
EFS -  Encrypted File System
EMI -  Electromagnetic Interference
ERP -  Enterprise Resource Planning
ESA -  Enterprise Security Architecture
ESB -  Enterprise Service Bus
ESP -  Encapsulated Security Payload
EV -  Extended Validation (Certificate)
FDE -  Full Disk Encryption
FIM -  File Integrity Monitoring
FTP -  File Transfer Protocol
GPG -  GNU Privacy Guard
GPO -  Group Policy Object
GPU -  Graphic Processing Unit
GRC -  Governance, Risk and Compliance
GRE -  Generic Routing Encapsulation
GUI -  Graphical User Interface
HDD -  Hard Disk Drive
HIDS -  Host-based Intrusion Detection System
HIPS -  Host-based Intrusion Prevention System
HMAC -  Hashed Message Authentication Code
HOTP -  HMAC-based One-Time Password
HSM -  Hardware Security Module
HSTS -  HTTP Strict Transport Security
HVAC -  Heating, Ventilation and Air Conditioning
IaaS -  Infrastructure as a Service
ICMP -  Internet Control Message Protocol
ICS -  Industrial Control System
IDE -  Integrated Development Environment
IdM -  Identity Management
IdP -  Identity Provider
IDS -  Intrusion Detection System
IETF -  Internet Engineering Task Force
IKE -  Internet Key Exchange
IM -  Instant Messaging
IMAP -  Internet Message Access Protocol
INE -  Inline Network Encryptor
IOC -  Indicator of Compromise
IoT -  Internet of Things
IP -  Internet Protocol
IPMI -  Internet Protocol Multicast Initiative
IPS -  Intrusion Prevention Systems
IPSec -  Internet Protocol Security
IR -  Incident Response
IRC -  Internet Relay Chat
IS-IS -  Intermediate System to Intermediate System
ISA -  Interconnection Security Agreement
ISAC -  Information Sharing Analysis Center
ISMS -  Information Security Management System
ISP -  Internet Service Provider
IV -  Initialization Vector 
JSON -  JavaScript Object Notation 
KDC -  Key Distribution Center
KPI -  Key Performance Indicator
KRI -  Key Risk Indicator
KVM -  Keyboard, Video, Mouse
LAN -  Local Area Network
L2TP -  Layer 2 Tunneling Protocol
LDAP -  Lightweight Directory Access Protocol
LEAP -  Lightweight Extensible Authentication Protocol
LTE -  Long-Term Evolution
LUN -  Logical Unit Number
MAC -  Mandatory Access Control
MAC -  Media Access Control
MAC -  Message Authentication Code
MAM -  Mobile Application Management
MAN -  Metropolitan Area Network
MBR -  Master Boot Record
MD5 -  Message Digest 5
MDM -  Mobile Device Management
MEAP -  Mobile Enterprise Application Platform
MFA -  Multifactor Authentication
MFD -  Multifunction Device
MITM -  Man in the Middle
MOA -  Memorandum of Agreement
MOU -  Memorandum of Understanding
MPLS -  Multiprotocol Label Switching
MSA -  Master Service Agreement
MSCHAP -  Microsoft Challenge Handshake Authentication Protocol
MSS -  Managed Security Service
MSSP -  Managed Security Service Provider
MTA -  Message Transfer Agent
MTBF -  Mean Time Between Failure
MTD -  Maximum Tolerable Downtime
MTP -  Media Transfer Protocol
MTTR -  Mean Time to Recovery
MTU -  Maximum Transmission Unit
NAC -  Network Access Control
NAS -  Network Attached Storage
NAT -  Network Address Translation
NDA -  Non-Disclosure Agreement
NFC -  Near Field Communication
NFS -  Network File System
NGFW -  Next Generation Firewall
NIDS -  Network Intrusion Detection System
NIPS -  Network Intrusion Prevention System
NIST -  National Institute of Standards and Technology
NLA -  Network-Level Authentication
NOS -  Network Operating System
NSP -  Network Service Provider
NTFS -  New Technology File System
NTLM -  New Technology LAN Manager
NTP -  Network Time Protocol
OCSP - Online Certificate Status Protocol
OLA -  Operating-Level Agreement
OOB -  Out-of-Band OS Operating System
OSI -  Open Systems Interconnection
OSPF -  Open Shortest Path First
OTP -  One-Time Password
OVAL -  Open Vulnerability Assessment Language
OWASP -  Open Web Application Security Project 
P2P -  Peer-to-Peer
PaaS -  Platform as a Service
PAP -  Password Authentication Protocol
PAT -  Port Address Translation
PBKDF2 -  Password-Based Key Derivation Function 2
PBX -  Private Branch Exchange
PCI-DSS -  Payment Card Industry Data Security Standard
PDP -  Policy Distribution Point
PEAP -  Protected Extensible Authentication Protocol
PEP -  Policy Enforcement Point 
PFS -  Perfect Forward Secrecy
PGP -  Pretty Good Privacy
PII -  Personal Identifiable Information
PIP -  Policy Information Point
PIR -  Post Incident Report
PKI -  Public Key Infrastructure 
PLC -  Programmable Logic Controller
POC -  Proof of Concept
POTS -  Plain Old Telephone Service
PPP -  Point-to-Point Protocol
PPTP -  Point-to-Point Tunneling Protocol
PSK -  Pre-Shared Key
QA -  Quality Assurance
QoS -  Quality of Service
R&D -  Research and Development
RA -  Recovery Agent
RA -  Registration Authority
RADIUS -  Remote Authentication Dial-in User Server
RAID -  Redundant Array of Inexpensive/Independent Disks
RAS -  Remote Access Server
RBAC -  Role-Based Access Control 
RBAC -  Rule-Based Access Control
RDP -  Remote Desktop Protocol
REST -  Representational State Transfer
RFC -  Request for Comments
RFI -  Request for Information
RFID -  Radio Frequency Identification
RFP -  Request for Proposal
RFQ - -Request for Quote
ROI -  Return on Investment
RPO -  Recovery Point Objective
RSA -  Rivest, Shamir and Adleman
RTBH -  Remotely Triggered Black Hole
RTO -  Recovery Time Objective
RTP -  Real-time Transport Protocol
S/MIME -  Secure/Multipurpose Internet Mail Extensions
SaaS -  Software as a Service
SAML -  Security Assertions Markup Language
SAN -  Subject Alternative Name
SAN -  Storage Area Network
SAS -  Statement on Auditing Standards
SATCOM -  Satellite Communications
SCADA -  Supervisory Control and Data Acquisition
SCAP -  Security Content Automation Protocol
SCEP -  Simple Certificate Enrollment Protocol
SCP -  Secure Copy
SCSI -  Small Computer System Interface
SDL -  Security Development Life Cycle
SDLC -  Software Development Life Cycle
SED -  Self-Encrypting Drive
SELinux -  Security Enhanced Linux
SFTP -  Secure File Transfer Protocol
SHA -  Secure Hashing Algorithm
SIEM -  Security Information Event Management
SIM -  Subscriber Identity Module
SIP -  Session Initiation Protocol
SLA -  Service-Level Agreement
SLE -  Single Loss Expectancy
SMB -  Server Message Block
SMS -  Short Message Service
SMTP -  Simple Mail Transfer Protocol
SNAT -  Source Network Address Translation
SNMP -  Simple Network Management Protocol
SOA -  Service-Oriented Architecture
SOA -  Start of Authority
SOA -  Statement of Applicability
SOAP -  Simple Object Access Protocol
SOC -  Security Operations Center
SOC -  Service Organization Controls
SOE -  Standard Operating Environment
SOP -  Standard Operating Procedure
SOW -  Statement of Work
SOX -  Sarbanes-Oxley Act of 2002
SP -  Service Provider
SPIM -  Spam over Internet Messaging
SPML -  Service Provisioning Markup Language
SRTM -  Security Requirements Traceability Matrix
SRTP -  Secure Real-Time Protocol
SRV -  Service Records
SSD -  Solid State Drive
SSDLC -  Security System Development Life Cycle
SSH -  Secure Shell
SSID -  Service Set Identifier
SSL -  Secure Sockets Layer
SSO -  Single Sign-On
SSP -  Storage Service Provider 
TACACS -  Terminal Access Controller Access Control System
TCO -  Total Cost of Ownership
TCP/IP -  Transmission Control Protocol/Internet Protocol
TKIP -  Temporal Key Integrity Protocol
TLS -  Transport Layer Security
TOC/TOU -  Time of Check/Time of Use
TOS -  Type of Service
TOTP -  Time-based One-Time Password
TPM -  Trusted Platform Module
TSIG -  Transaction Signature Interoperability Group
TTR -  Time to Restore
UAC -  User Access Control
UAT -  User Acceptance Testing 
UDP -  User Datagram Protocol
UEFI -  Unified Extensible Firmware Interface
UPS -  Uninterruptable Power Supply
URL -  Universal Resource Locator
USB -  Universal Serial Bus
UTM -  Unified Threat Management
VDI -  Virtual Desktop Infrastructure
VLAN -  Virtual Local Area Network
VM -  Virtual Machine
VMFS -  VMware File System
VNC -  Virtual Network Connection
VoIP -  Voice over IP
VPN -  Virtual Private Network
VRRP -  Virtual Router Redundancy Protocol
vSAN -  Virtual Storage Area Network
VTC -  Video Teleconferencing
vTPM -  Virtual Trusted Platform Module
WAF -  Web Application Firewall
WAP -  Wireless Access Point
WAYF -  Where Are You From
WEP -  Wired Equivalent Privacy
WIDS -  Wireless Intrusion Detection System
WIPS -  Wireless Intrusion Prevention System
WMI -  Windows Management Interface
WPA -  Wireless Protected Access
WRT -  Work Recovery Time
WSDL -  Web Services Description Language
XACML -  eXtensible Access Control Markup Language
XHR -  XMLHttpRequest
XMPP -  eXtensible Messaging and Presence Protocol
XSS -  Cross-Site Scripting