3DES |
Triple DES |
802.11i |
IEEE 802.11i |
A5 |
GSM voice encryption |
AA |
Attribute Authority |
AAA |
Authentication, Authorisation and Accounting |
AaaS |
Attack as a Service |
AARL |
Attribute Authority Revocation List |
AC (es) |
Autoridad de Certificación |
AC (fr) |
Autorité de Certification |
AC |
attribute certificate |
ACL |
Access Control List |
ACRL |
Attribute Certificate Revocation List |
AES |
Advanced Encryption Standard |
AES-CCMP |
AES – Counter Cipher Mode Protocol |
AET |
Advanced Evasion Technique |
AfT |
Authorization for Trial |
AH |
Authentication Header |
ALARP |
As Low As Reasonably Practical |
ALE |
Annualised Loss Expectancy |
ANS (es) |
Acuerdo de Nivel de Servicio |
AOSTIC (es) |
Autoridad Operativa del Sistema TIC |
AP |
Access Point |
API |
Application Programming Interface |
APT |
Advanced Persistent Threat |
ASN.1 |
Abstract Syntax Notation One |
ATM |
Asynchronous Transfer Mode |
ATO |
Authorization to Operate |
BCM |
Business Continuity Management |
BCP |
Business Continuity Plan |
BER |
Basic Encoding Rules |
BGP |
Border Gateway Protocol |
BIA |
Business Impact Analysis |
BIOS |
Basic Input Output System |
Botnet |
Robot net |
BPC |
Boundary Protection Component |
BPD |
Border Protection Device |
BPS |
Boundary Protection Service |
BRP |
Business Resumption plan |
CA |
Certification Authority |
CAPEC |
Common Attack Pattern Enumeration and
Classification |
CAPI |
Cryptographic Application Programming
Interface |
CAPTCHA |
Completely Automated Public Turing
Test to tell Computers and Humans Apart |
CARL |
Certificate Authority Revocation List |
CAST |
Carlisle Adams and Stafford Tavares |
CBC |
Cipher Block Chaining |
CC (es) |
Criterios Comunes |
CC |
Common Criteria |
CCE |
Common Criteria Evaluation |
CCM |
Counter with Cipher Block
Chaining-Message Authentication Code |
CEM |
Common Evaluation Criteria |
CER |
Canonical Encoding Rules |
CERT |
Computer Emergency Response Team |
CES (fr) |
Contrat d´engagement de service |
CFB |
Cipher feedback mode |
CHAP |
Challenge-Handshake Authentication
Protocol |
CIDR |
Classless Inter-Domain Routing |
CIIP |
Critical Information Infrastructure
Protection |
CIK |
Crypto-Ignition Key |
CIO |
Chief Information Officer |
CIP |
Critical Infrastructure Protection |
CIRC |
Computer Incident Response Center |
CIRT |
Computer Incident Response Team |
CISO |
Chief Information Security Officer |
CMAC |
CBC-MAC |
CMDB |
Configuration Management Database |
CMM |
Capability Maturity Model |
CMS |
Cryptographic Message Syntax |
CNA |
Computer Network Attack |
CND |
Computer Network Defense |
CNE |
Computer Network Explotation |
CoF |
Ciphering OFfset |
COMPUSEC |
Computers security |
COMSEC |
Communications security |
CONOP |
Concept of Operations |
COOP |
Continuity of Operations Plan |
CPS |
Certification Practice Statement |
CRL |
Certificate Revocation List |
CSIRT |
Computer Security Incident Response
Team |
CSMA/CD |
Carrier Sense Multiple Access /
Collision Detection |
CSO |
Chief Security Officer |
CSRF |
Cross-Site Request Forgery |
CTAK |
Cipher Text Auto-Key |
CTR |
Counter mode |
CVE |
Common Vulnerability and Exposures |
CVSS |
Common Vulnerability Scoring System |
CWIN |
Critical infrastructure Warning
Information Network |
DAC |
Discretionary Access Control |
DDoS |
Distributed Denial of Service |
DEA |
Data Encryption Algorithm |
DER |
Distinguished Encoding Rules |
DES |
Data Encryption Standard |
DH |
Diffie-Hellman |
DHCP |
Dynamic Host Configuration Protocol |
DHS |
Department of Homeland Security |
DLP |
Data Loss Prevention |
DMZ |
Demilitarized Zone |
DNS |
Domain Name System |
DNSSEC |
Domain Name System Security Extension |
DoS |
Denial of Service |
DRBG |
Deterministic Random Bit Generator |
DRES (es) |
Declaración de Requisitos Específicos de Seguridad |
DRM |
Digital Rights Management |
DRP |
Disaster Recovery Plan |
DRS (es) |
Declaración de Requisitos de Seguridad |
DRSI (es) |
Declaración de Requisitos de Seguridad de la Interconexión |
DSA |
Digital Signature Algorithm |
DSS |
Digital Signature Standard |
DTCC |
Depository Trust and Clearing
Corporation |
EAC |
Equivalent Annual Cost |
EAL |
Evaluation Assurance Level |
EAR (es) |
Esquema de Análisis de Riesgos |
EAP |
Extensible Authentication Protocol |
ECB |
Electronic codebook mode |
ECC |
Elliptic Curve Cryptography |
ECDSA |
Elliptic Curve Digital Signature
Algorithm |
EGP |
External Gateway Protocol |
EMSEC |
Emissions Security |
ERC (es) |
Equipo de Respuesta a Ciberincidentes |
ERM |
Enterprise Risk Management |
ESP |
Electronic Security Perimeter |
ESP |
Encapsulating Security Payload |
ESSID |
Extended Service Set Identifier |
FAR |
False Acceptance Rate |
FDDI |
Fiber Distributed Data Interface |
FEAL |
Fast Data Encipherment Algorithm |
FHSS |
Frequency Hoping Spread Spectrum |
FIPS |
Federal Information Processing
Standard |
FIRST |
Forum of Incident Response and
Security Teams |
FISMA |
Federal Information Security
Management Act |
FRAM IPSEC |
Framework Internet Protocol Security |
FRR |
False Rejection Rate |
GCM |
Galois/Counter Mode |
GIR (es) |
Grupo Involucrado en la Resolución |
GnuPG |
GNU Privacy Guard |
GPG |
GNU Privacy Guard |
GRC |
Governance, Risk Management and
Compliance |
HDLC |
High level Data Link Protocol |
HIDS |
Host Intrusion Detection System |
HIPAA |
Health Insurance Portability &
Accountability Act of 1996 |
HIPS |
Host Intrusion Prevention System |
HMAC |
Hash-based Message Authentication Code |
HSM |
Hardware Security Module |
HTTPS |
HTTP secure |
I&A |
Identification and Authentication |
IANA |
Internet Assigned Numbers Authority |
IATO |
Interim Approval to Operate |
ICC |
Integrated Circuit Card |
ICMP |
Internet Control Message Protocol |
IDEA |
International Data Encryption
Algorithm |
IDS |
Intrusion Detection System |
IGMP |
Internet Group Management Protocol |
IGP |
Interior Gateway Protocol |
IKE |
Internet Key Exchange |
IMAP |
Internet Message Access Protocol |
INFOSEC |
INFormation SECurity |
IOC |
Indicator of Compromise |
IODEF |
Incident Object Description and
Exchange Format |
IoT |
Internet of Things |
IP |
Internet Protocol |
IPS |
Intrusion Prevention System |
IPsec |
Internet Protocol security |
ISA |
Interconnection Security Agreement |
ISAKMP |
Internet Security Association Key
Management Protocol |
ISMS |
Information Security Management System
|
ISO |
Information Security Officer |
ITSEC |
Information Technology Security
Evaluation Criteria |
IV |
Initialization value |
IV |
Initialization vector |
KAK |
Key Auto-Key |
KDC |
Key Distribution Center |
KDF |
Key Derivation Function |
KEK |
Key Encrypting Key |
KGC |
Key Generation Centre |
KMI |
Key Management Infrastructure |
KPK |
Key Production Key |
KRI |
Key Risk Indicator |
L2F |
Layer 2 Forwarding |
L2TP |
Layer 2 Tunneling Protocol |
LAN |
Local Area Network |
LATO |
Limited Authorization To Operate |
LDAP |
Lightweight Directory Access Protocol |
LEAP |
Lightweight Extensible Authentication
Protocol |
LLC |
Logical Link Control |
LOPD (es) |
Ley Orgánica de Protección de Datos |
MaaS |
Malware as a Service |
MAC |
Message Authentication Code |
MAC |
Mandatory Access Control |
MAC |
Media Access Control |
MAEC |
Malware Attribute Enumeration and
Characterization |
Malware |
malicious software |
MAM |
Mobile Application Management |
MAN |
Metropolitan Area Network |
MCM |
Mobile Content Management |
MD2 |
Message Digest 2 |
MD4 |
Message Digest 4 |
MD5 |
Message Digest 5 |
MDM |
Mobile Device Management |
MEAM |
Mobile Enterprise Application
Management |
MLS |
Multilevel Security |
MTA |
Mail Transfer Address |
MUA |
Mail User Agent |
NCSC |
National CyberSecurity Center |
NIC |
Network Interface Card |
NIDS |
Network Intrusion Detection System |
NIPS |
Network Intrusion Prevention System |
NSA |
National Security Agency |
NTP |
Network Time Protocol |
NVD |
National Vulnerability Database |
NVRAM |
Non Volatile Random Access Memory |
OCSP |
Online Certificate Status Protocol |
OFB |
Output feedback mode |
OPSEC |
Operations Security |
OSPF |
Open Shortest Path First |
OTAR |
On The Air Rekeying |
OTP |
One-time password |
OWASP |
Open Web Application Security Project |
PAP |
Password Authentication Protocol |
PBAC |
Policy Based Access Control |
PCI |
Peripheral Component Interconnect |
PCI-DSS |
Payment Card Industry Data Security
Standard |
PCMCIA |
Personal Computer Memory Card
International Association |
PDCA |
Plan Do Check Act |
PEAP |
Protected Extensible Authentication
Protocol |
PEM |
Privacy Enhanced Mail |
PenTest |
Penetration Testing |
PER |
Packet Encoding Rules |
PFS |
Perfect Forward Secrecy |
PFS |
Public-Key Forward Secrecy |
PGP |
Pretty Good Privacy |
PIA |
Privacy Impact Assessment |
PII |
Personally Identifiable Information |
PIN |
Personal Identification Number |
PKC |
Public Key Cryptography |
PKCS |
Public Key Cryptography Standards |
PKI |
Public Key Infrastructure |
PMI |
Privilege Management Infrastructure |
POP |
Proof of Possession |
POS (es) |
Procedimientos Operativos de Seguridad |
PP (es) |
Perfil de protección |
PP |
Protection Profile |
PPP |
Point-to-Point Protocol |
PPT (es) |
Pliego de Prescripciones Técnicas |
PPTP |
Point-to-Point Tunneling Protocol |
PRNG |
Pseudo Random Number Generator |
PSK |
Pre-Shared Key |
PUP |
Potentially Unwanted Program |
QoS |
Quality of Service |
RA |
Registration Authority |
RACF |
Resource Access Control Facility |
RADIUS |
Remote Access Dial-In User Server |
RAID |
Redundant Arrays of Inexpensive Drives
|
RAID |
Redundant Array of Independent Disks |
RAID |
Redundant Array of Inexpensive Disks |
RAM |
Random Access Memory |
Ransomware |
Ransom software |
RARP |
Reverse Address Resolution Protocol |
RAT |
Remote Access Tools |
RBAC |
Role-Based Access Control |
RC-2 |
RC-2 |
RC-4 |
RC-4 |
RC-5 |
RC-5 |
RC-6 |
RC-6 |
RFI |
Remote File Inclusion |
RFID |
Radio Frequency Identification |
RIP |
Routing Information Protocol |
RIPEMD |
RACE Integrity Primitives Evaluation
Message Digest |
RNG |
Random Number Generator |
Rogueware |
Rogue software |
ROM |
Read Only Memory |
RPF |
Reverse Path Filtering |
RPO |
Recovery Point Objective |
RPV (es) |
Red Privada Virtual |
RSA |
Rivest Shamir Adelman |
RSBAC |
Rule Set Based Access Control |
RT |
Request Tracker |
RT-IR |
Request Tracker for Incident Response |
RTO |
Recovery Time Objective |
RTTP |
Real Time Transport Protocol |
S/Key |
Secure Key |
S/MIME |
Secure Multipurpose Mail Extension |
SACM |
Security Automation & Continuous
Monitoring |
SAFER |
Secure And Fast Encryption Routine |
SAI (es) |
Sistema de Alimentación Ininterrumpida |
SAML |
Security Assertion Markup Language |
SARA (es) |
Sistema de Aplicaciones y Redes para las Administraciones |
SATAN |
Security Administrator Tool for
Analyzing Networks |
SECOPS |
Security Operating Procedures |
SEM |
Security Event Manager |
SEP |
Search Engine Poisoning |
SET |
Secure Electronic Transactions |
S-FTP |
Secure-FTP |
SFA |
Security Fault Analysis |
SFTP |
Secure File Transfer Protocol |
SGSI (es) |
Sistema de Gestión de la Seguridad de la Información |
SHA |
Secure Hash Algorithm |
SHIM |
System Health and Intrusion Monitoring
|
SHS |
Secure Hash Standard |
SIEM |
Security Information and Event
Management |
SIM |
Security Information Management |
SIM |
Subscriber identification module |
SISRS |
system interconnection security
requirements statement |
SKIP |
Simple Key Management for Internet
Protocols |
SLA |
Service Level Agreement |
SMB |
Server Message Block |
SMTP |
Single Mail Transfer Protocol |
SNMP |
Simple Network Management Protocol |
SNTP |
Simple Network Time Protocol |
SOA |
Source of Authority |
SoA |
Statement of Applicability |
SOAP |
Simple Object Access Protocol |
SOC |
Security Operations Center |
SoD |
Separation of Duties |
SOX |
Sarbanes-Oxley Act |
SPKI |
Simple Public Key Infrastructure |
Spyware |
Spy software |
SQL |
Structured Query Language |
SRS |
security requirements statement |
SSH |
Secure Shell |
SSL |
Secure Sockets Layer |
SSO |
Single Sign-On |
SSO |
System Security Officer |
SSPR |
Self-service password reset |
SSRS |
System-Specific Security Requirements
Statement |
ST |
Security Target |
STIC (es) |
Seguridad de las Tecnologías de la Información y las
Comunicaciones |
STIX |
Structured Thread Information
eXpression |
STP |
Spanning Tree Protocol |
TACACS |
Terminal Access Controller Access
Control System |
TAN |
Transaction Authentication Number |
TAXII |
Trusted Automated eXchange of
Indicator Information |
TCB |
Trusted Computing Base |
TCP |
Transmission Control Protocol |
TCSEC |
Trusted Computer System Evaluation Criteria
|
TDEA |
Triple Data Encryption Algorithm |
TDES |
Triple DES |
Telnet |
Teletype Network |
TEMPEST |
Transient Electromagnetic Pulse
Surveillance Technology |
TFTP |
Trivial File Transfer Protocol |
TKIP |
Temporal Key Integrity Protocol |
TLP |
Traffic Light Protocol |
TLS |
Transport Layer Security |
TOE |
Target Of Evaluation |
TRANSEC |
Transmissions security |
TSA |
Time-Stamping Authority |
TSS |
Time-Stamping Service |
TTL |
Time To Live |
TTP |
Trusted Third Party |
UDP |
User Datagram Protocol |
UPS |
Uninterruptible Power Supply |
USB |
Universal Serial Bus |
UTM |
Unified Threat Management |
VA |
Validation Authority |
VPN |
Virtual Private Network |
WAP |
Wireless Access Point |
WEP |
Wired Equivalent Privacy |
Wi-Fi |
Wireless Fidelity |
WLAN |
Wireless Local Area Network |
WPA |
Wi-Fi Protected Access |
WPA2 |
Wi-Fi Protected Access (2) |
WPAN |
Wireless Personal Area Network |
WS-Security |
Web Services Security |
XER |
XML Encoding Rules |
XML |
eXtensible Markup Language |
XSRF |
Cross-Site Request Forgery |
XSS |
Cross-Site Scripting |