|
3DES |
Triple DES |
|
802.11i |
IEEE 802.11i |
|
A5 |
GSM voice encryption |
|
AA |
Attribute Authority |
|
AAA |
Authentication, Authorisation and Accounting |
|
AaaS |
Attack as a Service |
|
AARL |
Attribute Authority Revocation List |
|
AC (es) |
Autoridad de Certificación |
|
AC (fr) |
Autorité de Certification |
|
AC |
attribute certificate |
|
ACL |
Access Control List |
|
ACRL |
Attribute Certificate Revocation List |
|
AES |
Advanced Encryption Standard |
|
AES-CCMP |
AES – Counter Cipher Mode Protocol |
|
AET |
Advanced Evasion Technique |
|
AfT |
Authorization for Trial |
|
AH |
Authentication Header |
|
ALARP |
As Low As Reasonably Practical |
|
ALE |
Annualised Loss Expectancy |
|
ANS (es) |
Acuerdo de Nivel de Servicio |
|
AOSTIC (es) |
Autoridad Operativa del Sistema TIC |
|
AP |
Access Point |
|
API |
Application Programming Interface |
|
APT |
Advanced Persistent Threat |
|
ASN.1 |
Abstract Syntax Notation One |
|
ATM |
Asynchronous Transfer Mode |
|
ATO |
Authorization to Operate |
|
BCM |
Business Continuity Management |
|
BCP |
Business Continuity Plan |
|
BER |
Basic Encoding Rules |
|
BGP |
Border Gateway Protocol |
|
BIA |
Business Impact Analysis |
|
BIOS |
Basic Input Output System |
|
Botnet |
Robot net |
|
BPC |
Boundary Protection Component |
|
BPD |
Border Protection Device |
|
BPS |
Boundary Protection Service |
|
BRP |
Business Resumption plan |
|
CA |
Certification Authority |
|
CAPEC |
Common Attack Pattern Enumeration and
Classification |
|
CAPI |
Cryptographic Application Programming
Interface |
|
CAPTCHA |
Completely Automated Public Turing
Test to tell Computers and Humans Apart |
|
CARL |
Certificate Authority Revocation List |
|
CAST |
Carlisle Adams and Stafford Tavares |
|
CBC |
Cipher Block Chaining |
|
CC (es) |
Criterios Comunes |
|
CC |
Common Criteria |
|
CCE |
Common Criteria Evaluation |
|
CCM |
Counter with Cipher Block
Chaining-Message Authentication Code |
|
CEM |
Common Evaluation Criteria |
|
CER |
Canonical Encoding Rules |
|
CERT |
Computer Emergency Response Team |
|
CES (fr) |
Contrat d´engagement de service |
|
CFB |
Cipher feedback mode |
|
CHAP |
Challenge-Handshake Authentication
Protocol |
|
CIDR |
Classless Inter-Domain Routing |
|
CIIP |
Critical Information Infrastructure
Protection |
|
CIK |
Crypto-Ignition Key |
|
CIO |
Chief Information Officer |
|
CIP |
Critical Infrastructure Protection |
|
CIRC |
Computer Incident Response Center |
|
CIRT |
Computer Incident Response Team |
|
CISO |
Chief Information Security Officer |
|
CMAC |
CBC-MAC |
|
CMDB |
Configuration Management Database |
|
CMM |
Capability Maturity Model |
|
CMS |
Cryptographic Message Syntax |
|
CNA |
Computer Network Attack |
|
CND |
Computer Network Defense |
|
CNE |
Computer Network Explotation |
|
CoF |
Ciphering OFfset |
|
COMPUSEC |
Computers security |
|
COMSEC |
Communications security |
|
CONOP |
Concept of Operations |
|
COOP |
Continuity of Operations Plan |
|
CPS |
Certification Practice Statement |
|
CRL |
Certificate Revocation List |
|
CSIRT |
Computer Security Incident Response
Team |
|
CSMA/CD |
Carrier Sense Multiple Access /
Collision Detection |
|
CSO |
Chief Security Officer |
|
CSRF |
Cross-Site Request Forgery |
|
CTAK |
Cipher Text Auto-Key |
|
CTR |
Counter mode |
|
CVE |
Common Vulnerability and Exposures |
|
CVSS |
Common Vulnerability Scoring System |
|
CWIN |
Critical infrastructure Warning
Information Network |
|
DAC |
Discretionary Access Control |
|
DDoS |
Distributed Denial of Service |
|
DEA |
Data Encryption Algorithm |
|
DER |
Distinguished Encoding Rules |
|
DES |
Data Encryption Standard |
|
DH |
Diffie-Hellman |
|
DHCP |
Dynamic Host Configuration Protocol |
|
DHS |
Department of Homeland Security |
|
DLP |
Data Loss Prevention |
|
DMZ |
Demilitarized Zone |
|
DNS |
Domain Name System |
|
DNSSEC |
Domain Name System Security Extension |
|
DoS |
Denial of Service |
|
DRBG |
Deterministic Random Bit Generator |
|
DRES (es) |
Declaración de Requisitos Específicos de Seguridad |
|
DRM |
Digital Rights Management |
|
DRP |
Disaster Recovery Plan |
|
DRS (es) |
Declaración de Requisitos de Seguridad |
|
DRSI (es) |
Declaración de Requisitos de Seguridad de la Interconexión |
|
DSA |
Digital Signature Algorithm |
|
DSS |
Digital Signature Standard |
|
DTCC |
Depository Trust and Clearing
Corporation |
|
EAC |
Equivalent Annual Cost |
|
EAL |
Evaluation Assurance Level |
|
EAR (es) |
Esquema de Análisis de Riesgos |
|
EAP |
Extensible Authentication Protocol |
|
ECB |
Electronic codebook mode |
|
ECC |
Elliptic Curve Cryptography |
|
ECDSA |
Elliptic Curve Digital Signature
Algorithm |
|
EGP |
External Gateway Protocol |
|
EMSEC |
Emissions Security |
|
ERC (es) |
Equipo de Respuesta a Ciberincidentes |
|
ERM |
Enterprise Risk Management |
|
ESP |
Electronic Security Perimeter |
|
ESP |
Encapsulating Security Payload |
|
ESSID |
Extended Service Set Identifier |
|
FAR |
False Acceptance Rate |
|
FDDI |
Fiber Distributed Data Interface |
|
FEAL |
Fast Data Encipherment Algorithm |
|
FHSS |
Frequency Hoping Spread Spectrum |
|
FIPS |
Federal Information Processing
Standard |
|
FIRST |
Forum of Incident Response and
Security Teams |
|
FISMA |
Federal Information Security
Management Act |
|
FRAM IPSEC |
Framework Internet Protocol Security |
|
FRR |
False Rejection Rate |
|
GCM |
Galois/Counter Mode |
|
GIR (es) |
Grupo Involucrado en la Resolución |
|
GnuPG |
GNU Privacy Guard |
|
GPG |
GNU Privacy Guard |
|
GRC |
Governance, Risk Management and
Compliance |
|
HDLC |
High level Data Link Protocol |
|
HIDS |
Host Intrusion Detection System |
|
HIPAA |
Health Insurance Portability &
Accountability Act of 1996 |
|
HIPS |
Host Intrusion Prevention System |
|
HMAC |
Hash-based Message Authentication Code |
|
HSM |
Hardware Security Module |
|
HTTPS |
HTTP secure |
|
I&A |
Identification and Authentication |
|
IANA |
Internet Assigned Numbers Authority |
|
IATO |
Interim Approval to Operate |
|
ICC |
Integrated Circuit Card |
|
ICMP |
Internet Control Message Protocol |
|
IDEA |
International Data Encryption
Algorithm |
|
IDS |
Intrusion Detection System |
|
IGMP |
Internet Group Management Protocol |
|
IGP |
Interior Gateway Protocol |
|
IKE |
Internet Key Exchange |
|
IMAP |
Internet Message Access Protocol |
|
INFOSEC |
INFormation SECurity |
|
IOC |
Indicator of Compromise |
|
IODEF |
Incident Object Description and
Exchange Format |
|
IoT |
Internet of Things |
|
IP |
Internet Protocol |
|
IPS |
Intrusion Prevention System |
|
IPsec |
Internet Protocol security |
|
ISA |
Interconnection Security Agreement |
|
ISAKMP |
Internet Security Association Key
Management Protocol |
|
ISMS |
Information Security Management System
|
|
ISO |
Information Security Officer |
|
ITSEC |
Information Technology Security
Evaluation Criteria |
|
IV |
Initialization value |
|
IV |
Initialization vector |
|
KAK |
Key Auto-Key |
|
KDC |
Key Distribution Center |
|
KDF |
Key Derivation Function |
|
KEK |
Key Encrypting Key |
|
KGC |
Key Generation Centre |
|
KMI |
Key Management Infrastructure |
|
KPK |
Key Production Key |
|
KRI |
Key Risk Indicator |
|
L2F |
Layer 2 Forwarding |
|
L2TP |
Layer 2 Tunneling Protocol |
|
LAN |
Local Area Network |
|
LATO |
Limited Authorization To Operate |
|
LDAP |
Lightweight Directory Access Protocol |
|
LEAP |
Lightweight Extensible Authentication
Protocol |
|
LLC |
Logical Link Control |
|
LOPD (es) |
Ley Orgánica de Protección de Datos |
|
MaaS |
Malware as a Service |
|
MAC |
Message Authentication Code |
|
MAC |
Mandatory Access Control |
|
MAC |
Media Access Control |
|
MAEC |
Malware Attribute Enumeration and
Characterization |
|
Malware |
malicious software |
|
MAM |
Mobile Application Management |
|
MAN |
Metropolitan Area Network |
|
MCM |
Mobile Content Management |
|
MD2 |
Message Digest 2 |
|
MD4 |
Message Digest 4 |
|
MD5 |
Message Digest 5 |
|
MDM |
Mobile Device Management |
|
MEAM |
Mobile Enterprise Application
Management |
|
MLS |
Multilevel Security |
|
MTA |
Mail Transfer Address |
|
MUA |
Mail User Agent |
|
NCSC |
National CyberSecurity Center |
|
NIC |
Network Interface Card |
|
NIDS |
Network Intrusion Detection System |
|
NIPS |
Network Intrusion Prevention System |
|
NSA |
National Security Agency |
|
NTP |
Network Time Protocol |
|
NVD |
National Vulnerability Database |
|
NVRAM |
Non Volatile Random Access Memory |
|
OCSP |
Online Certificate Status Protocol |
|
OFB |
Output feedback mode |
|
OPSEC |
Operations Security |
|
OSPF |
Open Shortest Path First |
|
OTAR |
On The Air Rekeying |
|
OTP |
One-time password |
|
OWASP |
Open Web Application Security Project |
|
PAP |
Password Authentication Protocol |
|
PBAC |
Policy Based Access Control |
|
PCI |
Peripheral Component Interconnect |
|
PCI-DSS |
Payment Card Industry Data Security
Standard |
|
PCMCIA |
Personal Computer Memory Card
International Association |
|
PDCA |
Plan Do Check Act |
|
PEAP |
Protected Extensible Authentication
Protocol |
|
PEM |
Privacy Enhanced Mail |
|
PenTest |
Penetration Testing |
|
PER |
Packet Encoding Rules |
|
PFS |
Perfect Forward Secrecy |
|
PFS |
Public-Key Forward Secrecy |
|
PGP |
Pretty Good Privacy |
|
PIA |
Privacy Impact Assessment |
|
PII |
Personally Identifiable Information |
|
PIN |
Personal Identification Number |
|
PKC |
Public Key Cryptography |
|
PKCS |
Public Key Cryptography Standards |
|
PKI |
Public Key Infrastructure |
|
PMI |
Privilege Management Infrastructure |
|
POP |
Proof of Possession |
|
POS (es) |
Procedimientos Operativos de Seguridad |
|
PP (es) |
Perfil de protección |
|
PP |
Protection Profile |
|
PPP |
Point-to-Point Protocol |
|
PPT (es) |
Pliego de Prescripciones Técnicas |
|
PPTP |
Point-to-Point Tunneling Protocol |
|
PRNG |
Pseudo Random Number Generator |
|
PSK |
Pre-Shared Key |
|
PUP |
Potentially Unwanted Program |
|
QoS |
Quality of Service |
|
RA |
Registration Authority |
|
RACF |
Resource Access Control Facility |
|
RADIUS |
Remote Access Dial-In User Server |
|
RAID |
Redundant Arrays of Inexpensive Drives
|
|
RAID |
Redundant Array of Independent Disks |
|
RAID |
Redundant Array of Inexpensive Disks |
|
RAM |
Random Access Memory |
|
Ransomware |
Ransom software |
|
RARP |
Reverse Address Resolution Protocol |
|
RAT |
Remote Access Tools |
|
RBAC |
Role-Based Access Control |
|
RC-2 |
RC-2 |
|
RC-4 |
RC-4 |
|
RC-5 |
RC-5 |
|
RC-6 |
RC-6 |
|
RFI |
Remote File Inclusion |
|
RFID |
Radio Frequency Identification |
|
RIP |
Routing Information Protocol |
|
RIPEMD |
RACE Integrity Primitives Evaluation
Message Digest |
|
RNG |
Random Number Generator |
|
Rogueware |
Rogue software |
|
ROM |
Read Only Memory |
|
RPF |
Reverse Path Filtering |
|
RPO |
Recovery Point Objective |
|
RPV (es) |
Red Privada Virtual |
|
RSA |
Rivest Shamir Adelman |
|
RSBAC |
Rule Set Based Access Control |
|
RT |
Request Tracker |
|
RT-IR |
Request Tracker for Incident Response |
|
RTO |
Recovery Time Objective |
|
RTTP |
Real Time Transport Protocol |
|
S/Key |
Secure Key |
|
S/MIME |
Secure Multipurpose Mail Extension |
|
SACM |
Security Automation & Continuous
Monitoring |
|
SAFER |
Secure And Fast Encryption Routine |
|
SAI (es) |
Sistema de Alimentación Ininterrumpida |
|
SAML |
Security Assertion Markup Language |
|
SARA (es) |
Sistema de Aplicaciones y Redes para las Administraciones |
|
SATAN |
Security Administrator Tool for
Analyzing Networks |
|
SECOPS |
Security Operating Procedures |
|
SEM |
Security Event Manager |
|
SEP |
Search Engine Poisoning |
|
SET |
Secure Electronic Transactions |
|
S-FTP |
Secure-FTP |
|
SFA |
Security Fault Analysis |
|
SFTP |
Secure File Transfer Protocol |
|
SGSI (es) |
Sistema de Gestión de la Seguridad de la Información |
|
SHA |
Secure Hash Algorithm |
|
SHIM |
System Health and Intrusion Monitoring
|
|
SHS |
Secure Hash Standard |
|
SIEM |
Security Information and Event
Management |
|
SIM |
Security Information Management |
|
SIM |
Subscriber identification module |
|
SISRS |
system interconnection security
requirements statement |
|
SKIP |
Simple Key Management for Internet
Protocols |
|
SLA |
Service Level Agreement |
|
SMB |
Server Message Block |
|
SMTP |
Single Mail Transfer Protocol |
|
SNMP |
Simple Network Management Protocol |
|
SNTP |
Simple Network Time Protocol |
|
SOA |
Source of Authority |
|
SoA |
Statement of Applicability |
|
SOAP |
Simple Object Access Protocol |
|
SOC |
Security Operations Center |
|
SoD |
Separation of Duties |
|
SOX |
Sarbanes-Oxley Act |
|
SPKI |
Simple Public Key Infrastructure |
|
Spyware |
Spy software |
|
SQL |
Structured Query Language |
|
SRS |
security requirements statement |
|
SSH |
Secure Shell |
|
SSL |
Secure Sockets Layer |
|
SSO |
Single Sign-On |
|
SSO |
System Security Officer |
|
SSPR |
Self-service password reset |
|
SSRS |
System-Specific Security Requirements
Statement |
|
ST |
Security Target |
|
STIC (es) |
Seguridad de las Tecnologías de la Información y las
Comunicaciones |
|
STIX |
Structured Thread Information
eXpression |
|
STP |
Spanning Tree Protocol |
|
TACACS |
Terminal Access Controller Access
Control System |
|
TAN |
Transaction Authentication Number |
|
TAXII |
Trusted Automated eXchange of
Indicator Information |
|
TCB |
Trusted Computing Base |
|
TCP |
Transmission Control Protocol |
|
TCSEC |
Trusted Computer System Evaluation Criteria
|
|
TDEA |
Triple Data Encryption Algorithm |
|
TDES |
Triple DES |
|
Telnet |
Teletype Network |
|
TEMPEST |
Transient Electromagnetic Pulse
Surveillance Technology |
|
TFTP |
Trivial File Transfer Protocol |
|
TKIP |
Temporal Key Integrity Protocol |
|
TLP |
Traffic Light Protocol |
|
TLS |
Transport Layer Security |
|
TOE |
Target Of Evaluation |
|
TRANSEC |
Transmissions security |
|
TSA |
Time-Stamping Authority |
|
TSS |
Time-Stamping Service |
|
TTL |
Time To Live |
|
TTP |
Trusted Third Party |
|
UDP |
User Datagram Protocol |
|
UPS |
Uninterruptible Power Supply |
|
USB |
Universal Serial Bus |
|
UTM |
Unified Threat Management |
|
VA |
Validation Authority |
|
VPN |
Virtual Private Network |
|
WAP |
Wireless Access Point |
|
WEP |
Wired Equivalent Privacy |
|
Wi-Fi |
Wireless Fidelity |
|
WLAN |
Wireless Local Area Network |
|
WPA |
Wi-Fi Protected Access |
|
WPA2 |
Wi-Fi Protected Access (2) |
|
WPAN |
Wireless Personal Area Network |
|
WS-Security |
Web Services Security |
|
XER |
XML Encoding Rules |
|
XML |
eXtensible Markup Language |
|
XSRF |
Cross-Site Request Forgery |
|
XSS |
Cross-Site Scripting |