CompTIA Acronyms
Category:
CompTIA A+, Network+, Security+ and Cloud+ Acronyms
A
Address
A DNS record that specifies the IP address of a given domain.
AAA
Authentication, Authorisation, Accounting
A security philosophy where a user trying to connect to a network must first present some form of credential to be authenticated and then must have limitable permissions within the network. The authenticating server should also record session information about the client.
AAAA
Authentication, Authorisation, Accounting, Auditing
This adds auditing to the AAA security philosophy.
ACL
Access Control List
A list associated with an object, such as a file, that identifies what level of access each subject, such as a user, has as well as what they can do to the object, for example, read, write, or execute.
ADF
Automatic Document Feeder
A tray, usually on top of a scanner, or multifunction device, that holds a document and enables the device to grab and scan each page automatically for easier scanning, copying, or faxing of long documents.
AES
Advanced Encryption Standard
An encryption standard created in the late 1990s, which utilises a symmetric block cipher, that uses a 128-bit block size and either a 128, 192 or 256-bit key size.
AES-256
Advanced Encryption Standard 256-bit
An implementation of AES using a 256-bit key.
AH
Authentication Header
A portion of the IPSec security protocol that provides authentication services and replay-detection ability. It can be used either by itself or with Encapsulating Security Payload (ESP).
AI
Artificial Intelligence
Artificial Intelligence, or AI for short, can be described most simply as software that imitates human behaviours and capabilities. This is achieved by utilising an AI model that has been trained on a large amount of data.
AIS
Automated Indicator Sharing
The use of STIX and TAXII to share threat information between systems.
ALE
Annualised Loss Expectancy
How much an event is expected to cost the business per year.
AMD
Advanced Micro Devices, Inc.
A multinational semiconductor company that makes products including central processing units (CPUs), graphics processing units (GPUs), and field-programmable gate arrays (FPGAs).
AP
Access Point
A device designed to interconnct wireless network nodes with wired networks.
APFS
Apple File System
The file system used by the macOS operating system from version 10.13 onwards. It replaced the Mac OS Extended file system used in earlier versions of macOS.
API
Application Programming Interface
A set of instructions as to how to interface with a computer program so that developers can access defined interfaces in a program.
APIPA
Automatic Private Internet Protocol Addressing
A networking feature in operating systems that enables clients to self-configure an IP address and subnet mask automatically when a DHCP server isn't available.
APT
Advanced Persistent Threat
A threat vector whose main objective is to remain on the system stealthily, with data exfiltration as a secondary task.
ARM
Advanced RISC [Reduced Instruction Set Computer] Machine
A family of central processing units (CPUs) based on a reduced instruction set computer (RISC) architecture.
ARO
Annualised Rate of Occurrence
The frequency with which an event is expected to occur on an annualised basis.
ARP
Address Resolution Protocol
A TCP/IP protocol, used with the command line tool of the same name, to determine the MAC address that corresponds to a particular IP address.
ASLR
Address Space Layout Randomisation
A memory-protection process employed by operating systems where the memory space is block randomised to guard against targeted injections from buffer-overflow attacks.
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge
A framework developed by MITRE for describing the methods used by attackers.
ATX
Advanced Technology eXtended
Popular motherboard form factor that generally replaced the AT form factor.
AUP
Acceptable Use Policy
A policy that communicates to users what specific uses of computer resources are permitted.
AV
Antivirus
A software program designed to detect, mitigate, or remove malware and viruses from a system or network.
AZ
Availability Zone
A region covered by a cloud provider can contain multiple datacentres. Where this is the case, they are referred to as availability zones, allowing for fault tolerance if there is an issue in one of them. Each datacentre has an independent power supply, cooling, and network to facilitate the fault tolerance and are connected via high-speed, private fibre networks.
BASH
Bourne Again Shell
A command language for Linux systems.
BCP
Business Continuity Planning
A plan a business develops to continue critical operations in the event of a major disruption.
BEC
Business Email Compromise
A type of cyber attack where the attacker uses email to trick a victim in to performing an action that benefits the attacker, such as transferring money or divulging sensitive information.
BGP
Border Gateway Protocol
An exterior gateway routing protocol that enables groups of routers to share routing information so that efficient, loop-free routes can be established. BGP connects Autonomous Systems on the Internet. The current version is BGP-4.
BIA
Business Impact Analysis
An analysis of the impact to the business of a specific event.
BIOS
Basic Input/Output System
A firmware element of a computer system that provides the interface between hardware and system software with respect to devices and peripherals. BIOS has been replaced by Unified Extensible Firmware Interface (UEFI), a more complex and capable system.
BNC
Bayonet Neill-Concelman
A connector used with 10-BASE-2 coaxial cable. All BNC connectors must be locked into place by turning the connector clockwise 90 degrees.
BPA
Business Partners Agreement
A written agreement defining the terms and conditions of a business partnership.
BPDU
Bridge Protocol Data Unit
A type of data message exchanged across switches within an extended LAN that uses a Spanning Tree Protocol topology.
BSOD
Blue Screen of Death
Error screen that appears when Windows encounters an unrecoverable error.
BSSID
Basic Service Set Identifier
ID of an access point in a wireless LAN, that is typically the access point’s MAC address.
BYOD
Bring Your Own Device
Mobile deployment model wherein users bring their own network-enabled devices to the work environment. These mobile phones, tablets, notebooks, and other mobile devices must be easily and securely integrated and released from corporate network environments using onboarding and offboarding technologies.
CA
Certificate Authority
An entity responsible for the issuing and revoking of certificates.
CaaS
Containers as a Service
A cloud computing model that provides a managed and automated platform for container orchestration, which automatically provisions, deploys, scales, and manages containerised applications, without having to worry about the underlying infrastructure.
CaC
Configuration as Code
The practice of managing system configurations through code, which are maintained in repositories such as Git. This facilitates the use of version control, peer review, and automated testing for the system configurations in question.
CAC [1]
Calling-card Authorisation Computer
A computer system that authorises and processes telephone calls made with prepaid or calling cards.
CAM
Content Addressable Memory
Content Addressable Memory (CAM) table is a system memory construct used by Ethernet switch logic which stores information such as MAC addresses available on physical ports with their associated VLAN Parameters. The CAM table, or content addressable memory table, is present in all switches for layer 2 switching. This allows switches to facilitate communications between connected stations at high speed and in full duplex regardless of how many devices are connected to the switch. Switches learn MAC addresses from the source address of Ethernet frames on the ports, such as Address Resolution Protocol (ARP) response packets.
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart
Software designed to pose tests that require human ability to resolve, preventing robots from filling in and submitting web pages.
CAR
Corrective Action Report
A report used to document the corrective actions taken on a system.
CASB
Cloud Access Security Broker
A security policy enforcement mechanism between cloud users and providers.
CBC
Cipher Block Chaining
A method of adding randomisation to blocks, where each block of plaintext is XORed with the previous ciphertext block before being encrypted.
CCMP
Counter-Mode/CBC-MAC Protocol
Also known as Counter Mode with Cipher Block Chaining-Message Authentication Code Protocol. An enhanced data cryptographic encapsulation mechanism based on the Counter Mode with CBC-MAC for AES, designed for use with wireless LANs.
CCTV
Closed-Circuit Television
A private television system usually hardwired into security applications to record visual information.
CDN
Content Delivery Network
A group of geographically distributed servers that speed up the delivery of web content by bringing it closer to where users are. CDNs cache content such as web pages, images, and video in proxy servers near to a user’s physical location.
CDP
Cisco Discovery Protocol
A proprietary protocol that runs at layer 2, the data link layer, on Cisco routers, bridges, access servers, and switches. It allows network management applications to discover Cisco devices that are neighbours of already known devices.
CERT
Computer Emergency Response Team
A group responsible for investigating and responding to security breaches, viruses, and other potential catastrophic incidents. Also known as a Computer Incident Response Team (CIRT).
CFB
Cipher Feedback
A method to make a block cipher into a self-synchronising stream cipher.
CHAP
Challenge-Handshake Authentication Protocol
Used to provide authentication across point-to-point links using the Point-to-Point Protocol (PPP).
CI/CD
Continuous Integration and Continuous Delivery
The combined practices of continuous integration and continuous delivery to allow software development teams to deliver code changes more frequently and reliably. Continuous integration is the practice of regularly committing code changes to a version control system that can test and deploy code automatically. Continuous delivery is a practice where code changes are automatically prepared for a release to production.
CIA
Confidentiality, Integrity, and Availability
The CIA triad is widely considered to be the foundation of IT security. It is put into practice through various security methods and controls. Every security technique, practice, and mechanism put into place to protect systems and data relates in some fashion to ensuring confidentiality, integrity, and availability.
CIDR
Classless Inter-Domain Routing
The basis of allocating and routing classless IP addresses, not restricting subnet masks to /8, /16, or /24, which classful addressing did. Based on variable-length subnet masking (VLSM), where subnets can be allocated according to the needs of an organisation, such as /26 for a network with 254 or fewer nodes, or /30 for a network with only two nodes.
CIFS
Common Internet File System
A version of SMB. A communication protocol for providing shared access to files, printers, and serial ports between nodes on a network.
CIO
Chief Information Officer
A company executive responsible for the management, implementation, and usability of information and computer technologies. Also sometimes called Chief Digital Information Officer (CDIO) or Information Technology (IT) Director.
CIRT
Computer Incident Response Team
A group responsible for investigating and responding to security breaches, viruses, and other potential catastrophic incidents. Also known as a Computer Emergency Response Team (CERT).
CIS
Centre for Internet Security
A US based non-profit organization, formed in October 2000. Its mission is to make the connected world a safer place by developing, validating, and promoting timely best practice solutions that help people, businesses, and governments protect themselves against pervasive cyber threats.
CLI [1]
Command-Line Interface
Allows a user to issue commands in the form of lines of text.
CLI [2]
Common Language Infrastructure
An international standard, ISO/IEC 23271, that defines a runtime environment which enables applications written in multiple high-level programming languages to execute across diverse platforms without the need for them to be rewritten for each specific architecture. The .NET Framework is an example of this.
CMDB
Configuration Management Database
A database that is used for the storage of configuration information of IT assets such as software and infrastructure devices.
CMS
Content Management System
A web based application that allows non-technical users to manage the content of a website. These applications are built using web technologies such as PHP or the .NET Framework and utilise a database, for example, MySQL, PostgreSQL, Oracle or SQL Server, to store the website information.
CNAME
Canonical Name
A DNS record that stores a fully qualified domain name. A common use is to provide an alias for another hostname.
COOP
Continuity of Operations Planning
The creation of plans related to continuing essential business operations after any major disruption.
COPE
Corporate Owned, Personally Enabled
A form of mobile device ownership, or management, where a company provides employees with a mobile device and allows them to use it as if they owned it.
CP
Contingency Planning
The act of creating processes and procedures that are used under special conditions.
CPU
Central Processing Unit
A microprocessor that acts as the brain of a computer, containing the circuitry necessary to interpret and execute program instructions such as arithmetic, logic, controlling and input/output operations.
CRC
Cyclic Redundancy Check
An error detection technique that uses a series of two 8-bit block check characters to represent an entire block of data. These block check characters are incorporated into the transmission frame and then checked at the receiving end.
CRL
Certificate Revocation List
A digitally signed object that lists all the current but revoked certificates issued by a given certification authority.
CRM
Customer Relationship Management
A set of integrated technologies that organisations use to manage, analyse, and improve their interactions with customers.
CRUD
Create, Read, Update and Delete
Refers to the possible ways to operate on stored data, such as in a database.
CSA
Cloud Security Alliance
A US based not-for-profit organization with a mission to ‘promote the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing’.
CSO
Chief Security Officer
The person appointed to oversee security functions in an enterprise.
CSP
Cloud Service Provider
An organisation that offers cloud-based network services, infrastructure, or business applications.
CSR
Certificate Signing Request
A message sent from an applicant to a certificate authority to apply for a digital identity certificate.
CSRF or XSRF
Cross-Site Request Forgery
A method of attacking a system by sending malicious input to the system and relying on the parsers and execution elements to perform the requested actions, thus instantiating the attack. CSRF exploits the trust a site has in the user’s browser.
CSU
Channel Service Unit
A piece of equipment that connects a T-carrier leased line from the telephone company to a customer’s equipment, such as a router.
CTM
Counter-Mode
Turns a block cipher into a stream cipher.
CTO
Chief Technology Officer
The person appointed to oversee scientific technology functions in an enterprise.
CVE [1]
Common Vulnerabilities and Exposures
A database hosted by the MITRE corporation, which incorporates a list of known vulnerabilities in publicly released software.
CVE [2]
Common Vulnerability Enumeration
A specification that provides a common language of discourse for discussing, finding, and dealing with the causes of software security vulnerabilities as they are found in code, design, or system architecture.
CVSS
Common Vulnerability Scoring System
A framework for scoring the severity of a vulnerability.
CWE
Common Weakness Enumeration
A specification developed and maintained by MITRE to identify the root cause, or weaknesses, of security vulnerabilities.
CWSS
Common Weakness Scoring System
A specification developed and maintained by MITRE to provide a way to prioritise software weaknesses that can introduce security vulnerabilities.
CYOD
Choose Your Own Device
A mobile device deployment methodology where each person chooses their own device type.
DAC
Direct Attach Copper
A type of high-speed, low-latency cable that consists of twinaxial copper wire with connectors on both ends. They are commonly used in data centres and high performance computing environments to connect network devices such as switches, routers and servers. They offer plug-and-play capabilities, have a low power consumption, and support high data transfer rates.
DAC
Discretionary Access Control
An access control mechanism in which the owner of an object (such as a file) can decide which other subjects (such as other users) may have access to the object as well as what access (read, write, execute) these subjects can have.
DAS
Direct Attached Storage
A type of storage that attaches directly to a host computer, rather than going via a network. Only the host can access the storage directly, with other devices having to go through the host.
DB-9
Serial Communications D-Shell Connector, 9 pins
Commonly referred to as a DB9 connector due to it being a 9-pin D-subminiature connector that often adheres to the RS-232 standard. It is used for serial communication in various situations including modem and network device connections.
DBA
Database Administrator
A person who is responsible for directing and performing all activities related to maintaining a successful database environment. A DBA makes sure an organisation's databases and related applications operate functionally and efficiently.
DBaaS
Database as a Service
A cloud computing managed service offering that provides access to a database without requiring the setup of physical hardware, the installation of software or the need to configure the database.
DCI
Data Centre Interconnect
Technology that connects two or more data centres together using high-speed packet-optical connectivity to facilitate the sharing of resources, along with a private exchange of data.
DDoS
Distributed Denial of Service
A multicomputer assault on a network resource that attempts, with sheer overwhelming quantity of requests, to prevent regular users from receiving services from the resource. Can also be used to crash systems. DDoS attacks are usually executed using botnets consisting of compromised systems referred to as zombies.
DDR
Double Data Rate
A type of computer memory, which is an advanced version of SDRAM, that can transfer data twice as fast as regular SDRAM chips. This is because DDR memory can send and receive signals twice per clock cycle.
DEP
Data Execution Prevention
A security feature of an operating system that can be driven by software, hardware, or both, designed to prevent the execution of code from blocks of data in memory.
DES
Data Encryption Standard
A private key encryption algorithm adopted by the U.S. government as a standard for the protection of sensitive but unclassified information. Commonly used in 3DES, where three rounds are applied to provide greater security.
DHCP
Dynamic Host Configuration Protocol
An Internet Engineering Task Force (IETF) Internet Protocol (IP) specification for automatically allocating IP addresses and other configuration information based on network adapter address.
DHE
Diffie-Hellman Ephemeral
A cryptographic method of establishing a shared key over an insecure medium in a secure fashion using a temporary key to enable perfect forward secrecy.
DIMM
Dual In-Line Memory Module
A 32 or 64-bit type of DRAM packaging with the distinction that each side of each tab inserted into the system performs a separate function. DIMMs come in a variety of sizes, with 184, 240 and 288 pins being the most common on desktop computers.
DKIM
Domain Keys Identified Mail
An email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam. DKIM allows the receiver to check that an email claiming to have come from a specific domain was indeed authorised by the owner of that domain.
DLL
Dynamic Link Library
A type of file which contains a library of functions and other information that can be accessed by a Microsoft Windows based piece of software.
DLP
Data Loss Prevention
Technology, processes, and procedures designed to detect when unauthorised removal of data from a system occurs. DLP is typically active, preventing the loss either by blocking the transfer or dropping the connection.
DMARC
Domain-based Message Authentication Reporting and Conformance
An e-mail authentication, policy, and reporting protocol.
DNAT
Destination Network Address Translation
A one-to-one static translation from a public destination address to a private address.
DNS
Domain Name System
A TCP/IP name resolution system that resolves hostnames to IP addresses, IP addresses to hostname, and other bindings, like DNS servers and mail servers for a domain.
DNSSEC
Domain Name System Security Extensions
The extension to DNS using cryptographically signed requests and answers.
DoH
DNS over Hypertext Transfer Protocol Secure
A network security protocol that encrypts DNS queries and responses by sending them over HTTPS. It ensures that attackers cannot forge or alter DNS traffic.
DoS
Denial-of-Service
An attack that floods a networked resource with so many requests that it becomes overwhelmed and ceases functioning. DoS prevents users from gaining normal use of a resource.
DoT
DNS over Transport Layer Security
A network security protocol that encrypts DNS queries to keep them secure and private, which utilises transport layer security on top of the user datagram protocol (UDP). It also ensures that DNS requests and responses are not tampered with or forged via an on-path attack.
DPO
Data Privacy Officer
The person in charge of privacy/data protection in the EU under GDPR.
DR
Disaster Recovery
An organisation’s ability to regain access and functionality to its IT infrastructure after a natural or human disaster.
DRM
Digital Rights Management
Access controls for restricting the use of proprietary hardware and copyrighted works.
DRP
Disaster Recovery Plan
A written plan developed to address how an organisation will react to a natural or manmade disaster in order to ensure business continuity. Related to the concept of a Business Continuity Plan (BCP).
DSA
Digital Signature Algorithm
A U.S. government standard for implementing digital signatures.
DSL
Digital Subscriber Line
A high-speed Internet connection technology that uses a regular telephone line for connectivity. DSL comes in several varieties, including asymmetric (ADSL) and symmetric (SDSL), and many speeds. Typical home-user DSL connections are ADSL with a download speed of up to 9 Mbps and an upload speed of up to 1 Kbps.
DSS
Data Security Standard
A structured set of guidelines, protocols, and requirements designed to protect information from unauthorised access, alteration, disclosure, disruption, modification, or destruction. This helps to ensure the confidentiality, integrity, and availability of data throughout its lifecycle.
DVI
Digital Visual Interface
Special video connector designed for digital-to-digital connections; most commonly seen on PC video cards and LCD monitors. Some versions also support analogue signals with a special adapter.
EAP
Extensible Authentication Protocol
Authentication wrapper that EAP-compliant applications can use to accept one of many types of authentication. While EAP is a general-purpose authentication wrapper, its only substantial use is in wireless networks.
EAPoL
Extensible Authentication Protocol over LAN
A network port authentication protocol used in IEEE 802.1x and port-based network access control, which gives a generic network sign-on to access network resources.
ECB
Electronic Code Book
A block cipher mode where the message is divided into blocks, and each block is encrypted separately.
ECC
Elliptic Curve Cryptography
A method of public key cryptography based on the algebraic structure of elliptic curves over finite fields.
ECC
Error Correction Code
Special software, embedded on hard drives, that constantly scans the drives for bad blocks.
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral
A cryptographic method using ECC to establish a shared key over an insecure medium in a secure fashion using a temporary key to enable perfect forward secrecy.
ECDSA
Elliptic Curve Digital Signature Algorithm
A cryptographic method using ECC to create a digital signature.
EDR
Endpoint Detection and Response
A cybersecurity technology that continually monitors an endpoint to mitigate malicious cyber threats. Also known as endpoint threat detection and response.
EFS
Encrypted File System
A feature on Microsoft Windows introduced in version 3.0 of NTFS, that provides filesystem level encryption. This technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer. It is available on all versions of Windows, except the Home edition, from Windows 2000 onwards. By default, no files are encrypted, but encryption can be enabled by users on a per-file, directory or drive basis.
EIGRP
Enhanced Interior Gateway Routing Protocvol
Cisco's proprietary hybrid protocol that has elements of both distance vector and link state routing.
ELK
Elasticsearch, Logstash, and Kibana
Originally developed to store, search, and visualise large amounts of data for the purposes of monitoring application performance and perform searches on large datasets, but is now used by some SOC teams as a SIEM solution.
EOL
End of Life
A term used to denote that something has reached the end of its useful life.
EOS [2]
End of Support
A point in time where a manufacturer stops providing technical support and updates for a product. The product may still function after this time.
ERP
Enterprise Resource Planning
The integrated management of main business processes, often in real time and mediated by software and technology.
eSATA
External Serial Advanced Technology Attachment
A serial ATA-based connector for external hard drives and optical drives.
ESD
Electrostatic Discharge
Uncontrolled rush of electrons from one object to another, which can cause permanent damage to semiconductors.
ESN
Electronic Serial Number
A unique identification number embedded by manufacturers on a microchip in wireless phones.
ESP
Encapsulated Security Payload
A portion of the IPSec implementation that provides for data confidentiality with optional authentication and replay-detection services. ESP completely encapsulates user data in the datagram and can be used either by itself or in conjunction with Authentication Headers for varying degrees of IPSec services.
ESSID
Extended Service Set Identifier
The collection of all the BSSIDs on a WLAN; practically the same as the SSID.
EULA
End-User License Agreement
An agreement that comes with a piece of software, which a user must agree to before using the it. The agreement outlines the terms of use for the software, together with a list of any actions that violate the agreement.
exFAT
Extensible File Allocation Table
A proprietary file system developed by Microsoft, that supports files up to 16 exabytes in size, together with a theoretical partition limit of 64 zettabytes.
FaaS
Function as a Service
A cloud service model that sits between Platform as a Service (PaaS) and Software as a Service (SaaS). A function in this context, also called a serverless function, is a fully operational programme that runs only when it is triggered by a specific event. Cost is only incurred when the function is running.
FACL
File System Access Control List
The implementation of access controls as part of a file system.
FAT32
File Allocation Table 32-bit
A file allocation table that uses 32 bits to address and index clusters.
FC
Fibre Channel
A high-speed networking technology that is primarily used for transmitting data between data centres, servers, switches, and storage, at data rates of up to 128 Gbps.
FDE
Full Disk Encryption
The application of encryption to an entire disk, protecting all the contents in one container.
FHRP
First Hop Redundancy Protocol
A method of ensuring high data availability by taking multiple routers and grouping them into a virtual router with a single virtual IP address that clients use as a default gateway. Common FHRP protocols are the open standard Virtual Router Redundancy Protocol (VRRP), Cisco’s proprietary Hot Standby Router Protocol (HSRP) and Gateway Load Balancing Protocol (GLBP).
FIM
File Integrity Monitoring
An internal control or process that performs the act of validating the integrity of operating system and application software files using a verification method between the current file state and a known, good baseline.
FPGA
Field Programmable Gate Array
A programmable logic circuit instantiation in hardware.
FRR
False Rejection Rate
The acceptable level of legitimate users rejected by the system.
FRT
Facial Recognition Technology
Technology that analyses facial features, either from images or video, and compares them to a database of known faces to identify individuals. Distinct points on a face are mapped and assigned a mathematical representation, which is then compared with other mathematical representations assigned to faces in the database.
FTP
File Transfer Protocol
A protocol that works at the application layer, which is used to transfer files over a network connection. FTP utilises TCP ports 20 and 21.
FTPS
File Transfer Protocol Secure
A protocol that works at the application layer, which is used to transfer files over a network connection, using FTP over an SSL or TLS connection.
GCM
Galois Counter Mode
A mode of operation for symmetric key cryptographic block ciphers that has been widely adopted because it can be parallelised to increase efficiency and performance.
GDPR
General Data Protection Regulations
European Union law that specifies a broad set of rights and protections for personal information of EU citizens.
GFS
Grandfather-Father-Son
A method of storing previous generations of master file data that are continuously updated. The son is the current file, the father is a copy of the file from the previous cycle, and the grandfather is a copy of the file from the cycle before that.
GPG
GNU Privacy Guard
An application program that follows the OpenPGP standard for encryption.
GPO
Group Policy Object
A method used by Windows for the application of OS settings enterprise-wide.
GPS
Global Positioning System
A satellite-based form of location services and time standardisation.
GPT
GUID [Globally Unique Identifier] Partition Table
A partitioning system which facilitates the creation of more than four primary partitions without the use of dynamic disks.
GPU
Graphics Processing Unit
A chip designed to manage graphics functions in a system.
GRE
Generic Routing Encapsulation
A tunnelling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.
GUI
Graphical User Interface
An interface that allows a user to interact with a computer graphically, through the use of a mouse or other pointing device to manipulate applications running on it.
GUID
Globally Unique Identifier
A 128-bit number used to uniquely identify information in computer systems.
HA
High Availability
A collection of technologies and procedures that work together to keep an application available at all times.
HDD
Hard Disk Drive
A mechanical device used for the storing of digital data in magnetic form.
HDMI
High-Definition Multimedia Interface
A single multimedia connection that includes both high-definition audio and video. Used to connect computers, LCD displays, projectors and VR headsets, as well as various other devices in the home such as digital TV, DVD player, Blu-ray player, Xbox, Playstation and AppleTV with the television.
HIDS
Host-based Intrusion Detection System
A system that looks for computer intrusions by monitoring activity on one or more individual PCs or servers.
HIPS
Host-based Intrusion Prevention System
A system that automatically responds to computer intrusions by monitoring activity on one or more individual PCs or servers and responding based on a rule set.
HMAC
Hashed Message Authentication Code
The use of a cryptographic hash function and a message authentication code to ensure the integrity and authenticity of a message.
HOTP
HMAC-based One-time Password
A method of producing one-time passwords using HMAC functions.
HSM
Hardware Security Module
A physical device used to protect but still allow the use of cryptographic keys. It is separate from the host machine.
HTML
Hypertext Markup Language
A language that is used to provide the structure of web pages, using tags to define different parts of the page structure, for example, <h1> tags to denote the largest headings, or <p> tags for paragraphs of text.
HTTP
Hypertext Transfer Protocol
A network protocol that facilitates the transfer of documents, such as web pages, on the web, typically between a web browser and a server.
HTTPS
Hypertext Transfer Protocol Secure
A secure version of HTTP in which hypertext is encrypted by Transport Layer Security (TLS) before being sent over the network. Prior to TLS, this was accomplished using Secure Sockets Layer (SSL).
HVAC
Heating, Ventilation, and Air Conditioning
All the equipment involved in heating and cooling the environment within a facility. This includes boilers, furnaces, air conditioning units and ducts, plenums, and air passages.
IaaS
Infrastructure as a Service
Cloud Service model that provides on-demand access to infrastructure such as servers, switches, and routers at rates based on resource use. Large-scale, global IaaS providers use virtualisation to minimise idle hardware, protect against data loss and downtime, and respond to spikes in demand.
IaC
Infrastructure as Code
The use of machine-readable definition files as well as code to manage and provision computer systems.
IAM
Identity and Access Management
The policies and procedures used to manage access control.
ICMP
Internet Control Message Protocol
A TCP/IP protocol used to handle many low-level functions such as error or informational reporting. ICMP messages are usually request and response pairs such as echo requests and responses or router solicitations and responses. There are also unsolicited 'responses' (advertisements) that consist of single packets. ICMP messages are connectionless.
ICS
Industrial Control System
System that monitors and controls machines such as those in a factory or chemical plant, or even just a large HVAC system in an office building.
IDEA
International Data Encryption Algorithm
A symmetric encryption algorithm used in a variety of systems for bulk encryption services.
IDF
Intermediate Distribution Frame
The room where all the horizontal runs from all the work areas on a given floor in a building come together.
IdP
Identity Provider
A system that creates, maintains, and manages identity information, including authentication services.
IDS
Intrusion Detection System
A system that monitors network traffic for suspicious activity and alerts when such activity is discovered.
IEEE
Institute of Electrical and Electronic Engineers
A non-profit, technical, professional institute associated with computer research, standards, and conferences.
IIoT
Industrial Internet of Things
IIoT refers to devices, sensors, applications, and associated network equipment, that work together to gather, monitor, and analyse data from industrial operations.
IKE
Internet Key Exchange
A standard key exchange protocol used on the Internet, which is an implementation of the Diffie-Hellmann algorithm.
IM
Instant Messaging
A text-based method of communicating over the Internet.
IMAP
Internet Message Access Protocol
Protocol for retrieving e-mail from an SMTP server.
IoC
Indicators of Compromise
A set of values that, if found in memory or file storage, indicate a specific compromise event.
IOPS
Input/Output Operations Per Second
A measure of how many read and write operations a storage device can perform in a second.
IoT
Internet of Things
The everyday objects that can communicate with each other over the Internet, such as smart home appliances, automobiles, video surveillance systems, and more.
IP
Internet Protocol
Layer 3 protocol responsible for logical addressing and routing packets across networks, including the Internet. It doesn't guarantee reliable delivery of packets across the network, leaving that task to higher-level protocols.
IPAM
Internet Protocol Address Management
A suite of tools to enable end-to-end planning, deploying, managing, and monitoring of IP address infrastructure within an organisation. It automatically discovers IP address infrastructure servers and Domain Name System (DNS) servers on a network and enables the management of them from a central interface.
IPS [1]
Intrusion Prevention System
A network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. Vulnerability exploits usually come in the form of malicious inputs to a target application or service that attackers use to interrupt and gain control of an application or machine.
IPS [2]
In-plane Switching
A screen technology for liquid crystal displays, where a layer of crystals is sandwiched between two glass surfaces. The liquid crystal molecules are aligned parallel to those surfaces in predetermined directions. It replaces the older twisted nematic (TN) panels, providing more accurate colours and a wider viewing angle.
IPSec
Internet Protocol Security
A protocol used to secure IP packets during transmission across a network. IPSec offers authentication, integrity, and confidentiality services. It uses Authentication Header (AH) and Encapsulating Security Payload (ESP) to accomplish this.
IR
Incident Response
The process of responding to, containing, analysing, and recovering from a computer-related incident.
IRC
Internet Relay Chat
An application layer protocol that facilitates communication in the form of text across the Internet.
IRP
Incident Response Plan
The plan used in responding to, containing, analysing, and recovering from a computer related incident.
IS-IS
Intermediate System to Intermediate System
An open standard, Link-State routing protocol that uses the Dijkstra Shortest Path First (SPF) algorithm to determine the best path through the network.
iSCSI
Internet Small Computer Systems Interface
A protocol that enables the SCSI command set to be transported over a TCP/IP network from a client to an iSCSI-based storage system. iSCSI is popular with storage area network (SAN) systems.
ISO
International Standards Organisation
An international standard development organisation composed of representatives from the national standards organisations of member countries.
ISP
Internet Service Provider
An organisation that provides access to the Internet in some form, usually for a fee.
ISSO
Information Systems Security Officer
An individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.
ITIL
Information Technology Infrastructure Library
A framework containing a library of best practices for the management of IT services and improving IT support and service levels.
ITX
Information Technology eXtended
A family of motherboard form factors, of which the Mini-ITX is the largest and most popular.
IV
Initialisation Vector
A data value used to seed a cryptographic algorithm, providing for a measure of randomness.
JSON
JavaScript Object Notation
A text-based data interchange format designed for transmitting structured data. It is most commonly used for transferring data between web applications and web servers.
KDC
Key Distribution Centre
A component of the Kerberos system for authentication that manages the secure distribution of keys.
KEK
Key Encryption Key
An encryption key whose function it is to encrypt and decrypt the data encryption key (DEK).
KVM
Keyboard-Video-Mouse
A switching device that allows for the sharing of a single keyboard, video monitor and mouse, between multiple machines.
L2TP
Layer 2 Tunnelling Protocol
A Cisco switching protocol that operates at the data link layer.
LACP
Link Aggregation Control Protocol
IEEE specification of certain features and options to automate the negotiation, management, load balancing, and failure modes of aggregated ports.
LAN
Local Area Network
Network that generally (but not always) belongs to one household or organisation and covers a limited area (anything from two devices in an apartment up to thousands of devices on a multi-building school or business campus).
LC
Local/Lucent Connector
A duplex type of small form factor (SFF) fibre connector, designed to accept two fibre cables. Also known as LC connector or Lucent connector.
LCD
Liquid Crystal Display
A backlit flat panel display that uses the light modulating properties of liquid crystals to produce images on a screen.
LDAP
Lightweight Directory Access Protocol
An application protocol used to access directory services across a TCP/IP network.
LDAPS
Lightweight Directory Access Protocol over SSL
A secure version of LDAP.
LEAP
Lightweight Extensible Authentication Protocol
A version of EAP developed by Cisco prior to 802.11i to push 802.1X and WEP adoption.
LED
Light-Emitting Diode
Solid-state device that emits photons at luminous frequencies when current is applied.
LLDP
Link Layer Discovery Protocol
A open IEEE standard, 802.1AB, vendor neutral neighbour discovery protocol, that allows devices to advertise device information to their directly connected neighbouring devices.
LUN
Logical Unit Number
A unique identifier used to specify an individual or group of physical or virtual storage devices that perform input/output commands with a host computer, as defined by the SCSI (Small Computer Systems Interface) standard.
MaaS
Monitoring as a Service
The use of a third party to provide security monitoring services.
MAC [1]
Mandatory Access Control
An authorisation method in which the system grants access to resources based on security labels and clearance levels. Used in organisations with very high security needs.
MAC [2]
Media Access Control
A protocol used in the data link layer for local network addressing.
MAC [4]
Message Authentication Code
A short piece of data used to authenticate a message. This is often a hashed message authentication code (HMAC), where a hash function is used on the message authentication code to ensure the integrity and authenticity of a message.
MAN
Metropolitan Area Network
Multiple computers connected via cabling, radio, leased phone lines, or infrared that are within the same city.
MBR
Master Boot Record
A strip of data on a hard drive in Windows systems meant to result in specific initial functions or identification.
MD5
Message Digest 5
A hashing algorithm and a specific method of producing a message digest.
MDF
Main Distribution Frame
The room in a building that stores the demarc, telephone cross-connects, and LAN cross-connects.
MDIX
Medium Dependent Interface Crossover
A version of the medium dependent interface (MDI) enabling a connection between corresponding devices. An MDI port or uplink port is a port on a switch, router or network hub connecting to another switch or hub using a straight-through cable rather than an Ethernet crossover cable. Generally, there are one to two ports on a switch or hub with an uplink switch, which can be used to alter between an MDI and MDIX interface.
MDM
Mobile Device Management
An application designed to bring enterprise-level functionality onto a mobile device, including security functionality and data segregation.
MDR
Managed Detection and Response
A cyber security service provided by a third-party that combines advanced technology with human expertise to monitor an organisation's networks, endpoints, and cloud environments for threats, as well as to respond to any threats that are encountered.
MFA
Multifactor Authentication
The use of more than one different factor for authenticating a user to a system.
MFD
Multifunction Device
A single device that consolidates the functions of multiple document handling devices, such as printing, copying, scanning, and faxing.
MFP
Multifunction Printer
An office machine which incorporates the functionality of multiple devices in one, so as to have a smaller footprint in a home or small business setting, or to provide centralised document management, distribution, or production in a large-office setting. Also known as an all-in-one device or multifunction device.
MIB
Management Information Base
A database used by the Simple Network Management Protocol (SNMP) to aid in the management of entities in a communication network.
ML
Machine Learning
Machine learning, or ML for short, is a subfield of artificial intelligence that enables computers to learn patterns from data and make decisions or predictions without being explicitly programmed.
MMC
Microsoft Management Console
A component of Windows 2000 and later that provides admins and advanced users an interface for configuring and monitoring the system.
MMS
Multimedia Message Service
A standard way to send multimedia messages to and from mobile phones over a cellular network.
MNDA
Mutual Non-Disclosure Agreement
A legal contract involving two or more parties that agree to keep confidential information shared between them private.
MOA
Memorandum of Agreement
A document executed between two parties that defines some form of agreement.
MOU
Memorandum of Understanding
A document that defines an agreement between two parties in situations where a legal contract is not appropriate.
MPLS
Multiprotocol Label Switching
A routing technique in telecommunications networks that directs data from one node to the next based on labels rather than network addresses. Whereas network addresses identify endpoints the labels identify established paths between endpoints. MPLS can encapsulate packets of various network protocols, hence the multiprotocol component of the name.
MPO
Multifibre Push On
A type of cable connector that is used for cables that contain more than one fibre.
MSA [2]
Master Service Agreement
A contract between two or more parties that establishes what terms and conditions will govern all current and future activities and responsibilities. It creates a contract framework that provides the foundation for all future actions.
mSATA
Mini-Serial Advanced Technology Attachment
A smaller version of the SATA, or Serial Advanced Technology Attachment, interface that is designed for use in smaller devices, such as laptops and tablets, to facilitate data transfer between a computer's motherboard and mass storage devices.
MSCHAP
Microsoft Challenge Handshake Authentication Protocol
A Microsoft Developed variant of the Challenge Handshake Authentication Protocol (CHAP).
MSDS
Material Safety Data Sheet
Documents that list information relating to occupational safety and health for the use of various substances and products.
MSP
Managed Service Provider
A third party that manages aspects of a system under some form of service agreement.
MSSP
Managed Security Service Provider
A third party that manages the security aspects of a system under some form of service agreement.
MTBF
Mean Time Between Failure
A factor typically applied to a hardware component that represents the manufacturer’s best guess (based on historical data) regarding how much time will pass between major failures of that component.
MTTF
Mean Time to Failure
The statistically determined time to the next failure.
MTTR
Mean Time to Repair/Recover
A common measure of how long it takes to repair a given failure. This is the average time and may or may not include the time needed to obtain parts.
MTU
Maximum Transmission Unit
A measure of the largest payload that a particular protocol can carry in a single packet in a specific instance.
MX
Mail Exchange
A DNS record that SMTP servers use to determine where to send mail for a given domain.
NAC
Network Access Control
An approach to endpoint security that involves monitoring and remediating end-point security issues before allowing an object to connect to a network.
NAS
Network Attached Storage
A dedicated file server that has its own file system and typically uses hardware and software designed for serving and storing files.
NAT
Network Address Translation
A way of converting a system's IP address into another IP address before sending it out to a larger network. A network using NAT provides the systems on the network with private IP addresses. The system running the NAT software has two interfaces, one connected to the network and the other connected to the larger network. The NAT program takes packets from the client systems bound for the larger network and translates their internal private IP address to its own public IP address, enabling many systems to share an IP address.
NDA
Non-Disclosure Agreement
A legally binding contract that establishes a confidential relationship. The party or parties signing the agreement agree that sensitive information they may obtain will not be made available to any others. An NDA may also be referred to as a confidentiality agreement.
NetBIOS
Networked Basic Input/Output System
A protocol that operates at the Session layer of the OSI seven-layer model. It creates and manages connections based on the names of the computers involved and utilises TCP ports 137 and 139, as well as UDP ports 137 and 138.
NFC
Near Field Communication
A set of standards and protocols for establishing a communication link over very short distances, which are used with mobile devices.
NFS
Network File System
A distributed file system protocol, allowing a user on a client computer to access files over a network.
NFV
Network Function Virtualisation
A network architecture that applies infrastructure as code (IaC) style automation and orchestration to network management.
NGFW
Next-Generation Firewall
Network protection device that functions at multiple layers of the OSI model to tackle traffic no traditional firewall can filter alone.
NIC
Network Interface Card
Traditionally, an expansion card that enables a PC to connect physically to a network. Modern computers now utilise built in NICs, without the need for a physical card, however, the term NIC is still very common.
NIDS
Network-based Intrusion Detection System
A system for examining network traffic to identify suspicious, malicious, or undesirable behaviour.
NIPS
Network-based Intrusion Prevention System
A system that examines network traffic and automatically responds to computer intrusions.
NIST
National Institute of Standards & Technology
A U.S. government agency responsible for standards and technology.
NoSQL
Not Only Structured Query Language
A category of non-relational databases designed to store and manage data outside the traditional tabular structure of relational databases. NoSQL databases offer flexible, schema-less data models, such as key-value, document, wide-column, and graph formats, making them ideal for handling large volumes of unstructured, semi-structured, or rapidly changing data.
NS
Name Server
DNS servers that hold the actual name and IP DNS records in a kind of database called a zone.
NTFS
New Technology File System
A proprietary file system developed by Microsoft, introduced in 1993, that supports a wide variety of file operations on servers, PCs, and media.
NTLM
New Technology LAN Manager
A deprecated security suite from Microsoft that provides authentication, integrity, and confidentiality for users. As it does not support current cryptographic methods, it is no longer recommended for use.
NTP
Network Time Protocol
A protocol for the transmission of time synchronisation packets over a network.
NTS
Network Time Security
A protocol developed to secure communications between clients and time servers of the Network Time Protocol (NTP).
NVMe
Non-volatile Memory Express
A Solid-State Drive (SSD) technology that supports a communication connection between the operating system and the SSD directly through a PCIe bus lane,
OAUTH
Open Authorization
An open protocol that allows secure, token-based authorisation on the Internet from web, mobile, and desktop applications via a simple and standard method. It can be used by an external partner site to allow access to protected data without having to re-authenticate the user. It was created to remove the need for users to share their passwords with third-party applications, by substituting it with a token.
OCSP
Online Certificate Status Protocol
A protocol used to request the revocation status of a digital certificate. This is an alternative to certificate revocation lists.
OID
Object Identifier
The Simple Network Management Protocol (SNMP) uses Management Information Bases (MIBs) to categorise data that can be queried, and subsequently analysed. Object Identifiers uniquely number data pieces within a MIB.
OIDC
OpenID Connect Protocol
An identity authentication protocol that extends OAuth 2.0 to standardise the process for authenticating and authorising users when they sign in to access digital services. OIDC verifies that a user is who they say they are, whilst OAuth 2.0 authorises which systems the user has access to.
OLED
Organic Light-emitting Diode
A display technology where an organic compound provides the light for the screen, which eliminates the need for a backlight or inverter. OLED is used in high-end TVs and small devices such as smart watches, smartphones, and VR headsets.
ONT
Optical Network Terminal
A device that works like a modem, but for fibre networks and enables networked devices to communicate with an internet service provider (ISP).
OS
Operating System
The basic software that handles input, output, display, memory management, and all the other highly detailed tasks required to support the user environment and associated applications.
OSI
Open Systems Interconnection
An international standard suite of protocols defined by the International Organisation for Standardisation (ISO) that implements the OSI seven-layer model for network communications between computers.
OSINT
Open-source Intelligence
Security information derived from sources available to the public.
OSPF
Open Shortest Path First
An interior gateway routing protocol developed for IP networks based on the shortest path first or link state algorithm.
OT
Operational Technology
The name for an IT system used in an industrial setting to control physical processes.
OTA
Over The Air
Refers to performing an action wirelessly.
OTG
On-The-Go
In relation to USB, it refers to a standardised specification that allows a device to read data from a USB device without requiring a PC.
OTP
One-Time Password (or Passcode)
A unique, dynamically generated, temporary code, that is used for authentication and is only valid for one login session or transaction.
OVAL
Open Vulnerability Assessment Language
An XML-based standard for the communication of security information between tools and services.
P12
PKCS #12
A commonly used member of the family of standards called Public-Key Cryptographic Standards (PKCS), published by RSA Laboratories.
P2P
Peer to Peer
A network connection methodology involving direct connection from peer to peer.
PaaS
Platform as a Service
A cloud service model which provides a managed environment of hardware and software. This type of service is popular with application developers as it removes the need to maintain the complex infrastructure required.
PAC
Proxy Auto Configuration
A method of automating the connection of web browsers to appropriate proxy services to retrieve a specific URL.
PAM [1]
Privileged Access Management
A cybersecurity strategy to control, monitor, secure and audit all identities across an IT environment.
PAM [2]
Pluggable Authentication Modules
A mechanism used in Linux systems to integrate low-level authentication methods into an API.
PAN
Personal Area Network
An interconnection of devices to facilitate the exchange of information in the vicinity of a person. This is over a short distance of less than 33 feet or 10 metres and typically utilises wireless technologies, such as Bluetooth.
PAP
Password Authentication Protocol
A simple protocol used to authenticate a user to a network access server.
PAT
Port Address Translation
The most used form of network address translation, where the NAT uses the outgoing IP addresses and port numbers (collectively known as a socket) to map traffic from specific machines in the network.
PBKDF2
Password-based Key Derivation Function 2
A key derivation function that is part of the RSA Laboratories Public Key Cryptography Standards, published as IETF RFC 2898.
PBX
Private Branch Exchange
A telephone exchange that serves a specific business or entity.
PC
Personal Computer
A general purpose computer designed to be used by a single end user at any one time.
PCAP
Packet Capture
The methods and files associated with the capture of network traffic in the form of text files.
PCI [1]
Peripheral Component Interconnect
A standardised interface that is used for connecting hardware devices, such as graphics cards, sound cards and network cards, to a computer's motherboard.
PCI [2]
Payment Card Industry
Refers to the global ecosystem of financial institutions, payment networks, processors, merchants, and related entities that issue, process, and accept payment cards to facilitate electronic transactions for goods, services, and cash withdrawals.
PCI DSS
Payment Card Industry Data Security Standard
A contractual data security standard initiated by the credit card industry to cover cardholder data.
PCIe
Peripheral Component Interconnect Express
High-speed serial computer expansion bus standard, designed to replace PCI, PCI-X and AGP bus standards.
PDU
Power Distribution Unit
A rack-mounted set of outlets for devices installed in the rack. Connected to the rack’s uninterruptible power supply (UPS).
PEAP
Protected Extensible Authentication Protocol
A protected version of EAP developed by Cisco, Microsoft, and RSA Security, that functions by encapsulating the EAP frames in a TLS tunnel.
PED
Portable Electronic Device
A term used to describe an electronic device, owned by the user, and brought into the enterprise, that uses enterprise data. This includes laptops, tablets, and mobile phones, to name a few.
PEM
Privacy Enhanced Mail
Internet standard that provides for secure exchange of e-mail using cryptographic functions.
PFS
Perfect Forward Secrecy
A property of a cryptographic system whereby the loss of one key does not compromise material encrypted before or after its use.
PGP
Pretty Good Privacy
A popular encryption program that has the ability to encrypt and digitally sign e-mail and files.
PHI
Personal Health Information
Information related to a person’s medical records, including financial, identification, and medical data.
PII
Personally Identifiable Information
Information that can be used to identify a single person.
PIN
Personal Identification Number
A number that is secret, known only to the user to establish identity.
PIV
Personal Identity Verification
Policies, procedures, hardware, and software used to securely identify federal workers.
PKCS
Public Key Cryptography Standards
A series of standards covering aspects of the implementation of public key cryptography.
PKI
Public Key Infrastructure
Infrastructure for binding a public key to a known user through a trusted intermediary, typically a certificate authority.
PoE
Power over Ethernet
A standard that enables wireless access points (WAPs) to receive their power from the same Ethernet cables that transfer their data.
POP
Post Office Protocol
One of the two protocols that receive e-mail from SMTP servers.
POST
Power-on Self-Test
A basic diagnostic routine completed by a system at the beginning of the boot process to make sure a display adapter and the system’s memory are installed. It then searches for an operating system and if one is found, control of the machine is handed over to it.
POTS
Plain Old Telephone Service
The term used to describe the old analogue phone service and later the ‘land-line’ digital phone service.
PPP
Point-to-Point Protocol
The Internet standard for transmission of IP packets over a serial line, as in a dial-up connection to an ISP.
PPTP
Point-to-Point Tunnelling Protocol
The use of generic routing encapsulation over PPP to create a methodology used for virtual private networks.
PSK
Pre-Shared Key
A shared secret which was previously shared between two parties using some secure channel before it needs to be used.
PTP
Precision Time Protocol
An IEEE standard, 1588, which provides a method for highly accurate time synchronisation across a computer network.
PTR
Pointer
A type of DNS record that points IP addresses to hostnames.
PTZ
Pan-Tilt-Zoom
A term used to describe a video camera that supports remote directional and zoom control.
PUP
Potentially Unwanted Program
A software program you likely didn’t want installed on your computer. PUPs are common in bundled systems.
QoS
Quality of Service
The use of technology to manage data traffic, reduce packet loss, and control latency and jitter on a network.
QSFP
Quad Small Form-factor Pluggable
Bidirectional (BiDi) fibre-optic connector used in 40GbE networks.
RA [1]
Registration Agent
Part of the PKI system responsible for establishing registration parameters during the creation of a certificate.
RACE
Research and Development in Advanced Communications Technologies in Europe
A program launched in the 1980s by the Commission of European Communities to pave the way towards commercial use of Integrated Broadband Communication (IBC) in Europe in the late 1990s.
RACI
Responsibility, Accountability, Consulted, Informed
A framework used to clarify roles and responsibilities in projects or processes. Responsible refers to the individual or individuals who complete the tasks or deliverable. Accountable denotes the person who is ultimately answerable for the correct and thorough completion of the task. Consulted includes individuals whose expertise or input is sort prior to decisions or actions being taken. Finally, informed specifies the people who are kept up to date on progress or outcomes.
RAD
Rapid Application Development
A software development methodology that favours the use of rapid prototypes and changes as opposed to extensive advanced planning.
RADIUS
Remote Authentication Dial-in User Service
A standard protocol for providing authentication services that is commonly used in dial-up, wireless, and PPP environments.
RAID
Redundant Array of Independent or Inexpensive Disks
A method for creating a fault tolerant storage system. RAID uses multiple hard drives in various configurations to offer different levels of speed and data redundancy.
RAM
Random Access Memory
Memory that can be accessed at random, enabling you to write to or read from without touching the preceding address, often used to mean a computer’s main memory.
RAS
Remote Access Server
A combination of hardware and software used to enable remote access to a network.
RAT
Remote Access Trojan
A set of malware designed to exploit a system providing remote access.
RBAC [1]
Role-based Access Control
Roles within an organisation are assigned access permissions necessary to carry out those roles. These are in turn assigned to specific users that fulfil the roles within the organisation.
RBAC [2]
Rule-based Access Control
A series of rules are contained within an access control list to determine whether access should be granted or not, for example, don’t allow access to certain files outside of working hours during the week or on weekends.
RC4
Rivest Cipher version 4
A streaming symmetric-key algorithm. No longer secure due to the many vulnerabilities that have been discovered since its initial implementation.
RDP
Remote Desktop Protocol
Protocol used for Microsoft's Remote Desktop tool.
ReFS
Resilient File System
A file system from Microsoft that is designed to maximise data availability, with the ability to scale efficiently to handle large data sets across diverse workloads. It also provides data integrity and is resilient to becoming corrupt.
REST
Representational State Transfer
An architectural style for providing standards between computer systems on the web, making it easier for systems to communicate with one another. REST compliant systems, often called RESTful systems, are characterised by how they are stateless and separate the concerns of client and server.
RFID
Radio Frequency Identification
A technology used for remote identification via radio waves.
RIP
Routing Internet Protocol
A routing protocol. Version 1 had several shortcomings, with a maximum hop count of 15 and a routing table update interval of 30 seconds, causing every router on a network to send out its table at once. Version 2 added support for CIDR and fixed some of the issues with version 1, but maximum hop count remained.
RIPEMD
RACE Integrity Primitives Evaluation Message Digest
An open-source hashing algorithm that creates a unique 160-bit, 256-bit, or 320-bit message digest for each file.
RJ
Registered Jack
Type of connector used on the end of telephone (RJ-11) and network cables (RJ-45).
RJ11
Registered Jack Function 11
Standardised telecommunication network interface for telephones.
RJ45
Registered Jack Function 45
Standardised telecommunication network interface for voice and data.
RMM
Remote Monitoring and Management
The process of supervising and controlling IT systems by means of locally installed agents that can be accessed by a management service provider.
ROI
Return on Investment
A measure of the effectiveness of the use of capital.
RPC
Remote Procedure Call
A protocol that allows a program to invoke a procedure on a remote system as if it were a local call, abstracting away the underlying network communication complexities.
RPM
Red Hat Package Manager
A package manager used in Red Hat Enterprise Linux and other Red Hat based Linux distributions.
RPO
Recovery Point Objective
The amount of data a business is willing to place at risk. It is determined by the amount of time a business has to restore a process before an unacceptable amount of data loss results from a disruption.
RSA
Rivest, Shamir, & Adleman
The names of the three men who developed a public key cryptographic system and the company they founded to commercialise the system.
RSR
Rapid Security Response
A feature from Apple, that delivers important security improvements to devices running iOS, iPadOS and macOS, between the regular software updates.
RSTP
Rapid Spanning Tree Protocol
An evolution of the Spanning Tree Protocol (STP) that provides faster recovery in response to network changes or failures.
RTBH
Remotely Triggered Black Hole
A popular and effective filtering technique for the mitigation of denial-of-service attacks.
RTMP
Real-time Messaging Protocol
A communication protocol designed for real-time transmission of audio, video, and data over the internet. It was originally created by Macromedia, which was acquired by Adobe, for Adobe Flash Player, but has evolved into an open specification, which is still widely used today.
RTO
Recovery Time Objective
The amount of time a business has to restore a process before unacceptable outcomes result from a disruption.
RTOS
Real-time Operating System
An operating system designed to work in a real-time environment.
RTP
Real-time Transport Protocol
A protocol for a standardised packet format used to carry audio and video traffic over IP networks.
RX
Receiver
Short for receive, it refers to data being received by one device from another.
S/MIME
Secure/Multipurpose Internet Mail Extensions
An encrypted implementation of the MIME protocol specification.
SaaS
Software as a Service
Cloud service model that provides centralised applications accessed over a network.
SAE
Simultaneous Authentication of Equals
A secure key negotiation and exchange method for password-based authentication methods. It is a variant of the Dragonfly key exchange protocol specified in RFC 7664, which in turn is based on the Diffie-Hellmann key exchange. It is used with Wi-Fi Protected Access 3 (WPA3), IEEE 802.11 WLAN mesh networks, amongst other things.
SAML
Security Assertions Markup Language
An XML-based standard for exchanging authentication and authorisation data.
SAN [1]
Storage Area Network
A server that can take a pool of hard disks and present them over the network as any number of logical disks.
SAN [2]
Subject Alternative Name
A field in a certificate that has several uses, for example, for a machine, it can represent its Fully Qualified Domain Name (FQDN), for a user, it can be the User Principal Name (UPN), and for an SSL certificate, it can indicate multiple domains for which the certificate is valid.
SAS
Serial Attached SCSI [Small Computer System Interface]
A point-to-point serial protocol that moves data to and from computer-storage devices such as hard disk drives and tape drives.
SASE
Secure Access Service Edge
A cloud-based security framework that provides secure access to network resources from anywhere.
SATA
Serial Advanced Technology Attachment
Computer bus interface that connects host bus adapters to mass storage devices such as hard disk drives, optical drives and solid-state drives.
SC
Standard/Subscriber Connector
Fibre-optic connector used to terminate single-mode and multimode fibre. It is characterised by its push-pull, snap mechanical coupling, known as “stick and click”. Commonly referred to as subscriber connector, standard connector, and sometimes, Siemon connector.
SCADA
Supervisory Control and Data Acquisition
A system that has the basic components of a distributed control system (DCS), yet is designed for large-scale, distributed processes and functions with the idea that remote devices may or may not have ongoing communication with the central control.
SCAP
Security Content Automation Protocol
A method of using specific protocols and data exchanges to automate the determination of vulnerability management, measurement, and policy compliance across a system or set of systems.
SCEP
Simple Certification Enrolment Protocol
A protocol used in PKI for enrolment and other services.
SCSI
Small Computer System Interface
A set of standards for physically connecting and transferring data between computers and peripheral devices.
SD-WAN
Software-defined Wide Area Network
A virtual wide area network architecture that allows enterprises to connect users securely and efficiently to applications. Software is used to control the connectivity, management and services between data centres, remote offices, and cloud resources.
SDK
Software Development Kit
A collection of software development tools that facilitate the creation of software, which can include a software framework, compiler and debugger.
SDLC
Software Development Life Cycle
A process used by the software industry to design, develop and test high quality software. The Software Development Life Cycle typically consists of stages such as, planning and requirements analysis, definition of requirements, design, build, test, deploy and maintain. There are a number of different Software Development Life Cycle models that are used today, including the waterfall model, the iterative model, the spriral model, the V-medel and the big bang model.
SDLM
Software Development Life-cycle Methodology
The processes and procedures employed to develop software. Sometimes also called secure development lifecycle model when security is part of the development process.
SDN
Software-Defined Network
Programming that allows a master controller to determine how network components will move traffic through the network. Used in virtualisation.
SDWAN
Software-Defined WAN
A wide area network that uses software-defined network technology, such as communicating over the Internet using overlay tunnels which are encrypted when destined for internal organisation locations.
SE Linux
Security-enhanced Linux
A security enhancement to Linux that allows users and administrators more control over access control. Standard Linux access controls allow a user, and the applications the user runs, to specify who has read, write, and execute permissions on a file, whereas SE Linux access controls are determined by a policy loaded on the system, which cannot be changed by careless users or misbehaving applications.
SED
Self-Encrypting Drives
A data drive that has built-in encryption capability on the drive control itself.
SEH
Structured Exception Hander
The process used to handle exceptions in the Windows operating system core functions.
SFP
Small Form-factor Pluggable
A Cisco module that enables you to add additional features to its routers.
SFTP [1]
Secure File Transfer Protocol
Uses SSH to provide the encryption for secure file transfer.
SHA
Secure Hashing Algorithm
A hashing algorithm used to hash block data. The first version is SHA-1, with subsequent versions detailing the hash digest length: SHA-256, SHA-348, and SHA-512.
SHTTP
Secure Hypertext Transfer Protocol
An alternative to HTTPS in which only the transmitted pages and POST fields are encrypted. Not widely used following the widespread adoption of HTTPS.
SIEM
Security Information and Event Management
A two-part process consisting of security event management (SEM), which performs real-time monitoring of security events and security information management (SIM), where the monitoring log files are reviewed and analysed by automated and human interpreters.
SIM
Subscriber Identity Module
An integrated circuit or hardware element that securely stores the International Mobile Subscriber Identity (IMSI) and the related key used to identify and authenticate subscribers on mobile telephones.
SIP
Session Initiation Protocol
A signalling protocol for controlling voice and video calls over IP.
SLA
Service Level Agreement
A document between a customer and service provider that defines the scope, quality, and terms of the service to be provided.
SLAAC
Stateless Address Auto-Configuration
A process that enables network clients to determine their own IPv6 addresses without the need for DHCP.
SLE
Single Loss Expectancy
Monetary loss or impact of each occurrence of a threat. SLE = asset value x exposure factor.
SMART
Self-monitoring Analysis and Reporting Technology
Monitoring system built in to hard drives that tracks errors and error conditions within the drive.
SMB
Server Message Block
The Internet standard protocol used by Microsoft Windows to share files, printers, and serial ports.
SMS
Short Message Service
A form of text messaging over phone and mobile phone circuits that allows up to 160-character messages to be carried over signalling channels.
SMTP
Simple Mail Transfer Protocol
The main protocol used to send email over the internet.
SMTPS
Simple Mail Transfer Protocol Secure
The secure version of the standard Internet protocol used to transfer e-mail between hosts.
SNMP
Simple Network Management Protocol
A set of standards for communication with network devices, such as switches and routers, connected to a TCP/IP network. Used for network management.
SOA
Start of Authority
DNS record that defines the primary name server in charge of a domain. Also includes parameters that control how secondary name servers check for updates to the zone file, such as the serial number which indicates whether the zone file has updates to fetch.
SOAP
Simple Object Access Protocol
An XML-based specification for exchanging information associated with web services.
SOAR
Security Orchestration, Automation, Response
A system designed to facilitate responses in incident response situations.
SOC [1]
Security Operations Centre
The grouping of security operations in an enterprise.
SoC [2]
System on Chip
The integration of complete system functions on a single chip in order to simplify construction of devices.
SOC2
System and Organisation Controls 2
A cyber security and data protection framework developed by the American Institute of Certified Public Accountants (AICPA), that is designed to evaluate and validate a service organisation's information security practices, particularly those related to protecting customer data.
SODIMM
Small Outline Dual Inline Memory Module
Type of computer memory used in laptops and other small devices.
SOHO
Small Office Home Office
A classification of networking equipment, usually marketed to consumers or small businesses, which focuses on low price and ease of configuration. SOHO networks differ from enterprise networks, which focus on flexibility and maximum performance.
SOP
Standard Operating Procedures
A documented set of step-by-step instructions for performing routine tasks efficiently and consistently.
SOW
Statement of Work
A document used in project management, that provides a narrative description of the work requirements for a project. It includes a definition of project activities, deliverables and timelines for an organisation providing services to a client.
SPF
Sender Policy Framework
An e-mail validation system designed to detect e-mail spoofing by verifying that incoming mail comes from a host authorised by that domain’s administrator.
SPICE
Software Process Improvement and Capability Determination
An international framework for assessing software development processes, which was jointly developed by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC), specified in ISO/IEC 15504.
SPIM
Spam over Instant Messaging
Spam sent over an instant messaging channel.
SQL
Structured Query Language
A language created by IBM that relies on simple English statements to perform database queries. SQL enables databases from different manufacturers to be queried using a standard syntax.
SQLi
Structured Query Language Injection
An attack against an interface using SQL.
SRTP
Secure Real-time Protocol
A secure version of the standard protocol for a standardised packet format used to carry audio and video traffic over IP networks.
SSD
Solid State Disk/Drive
A mass storage device, such as a hard drive, that is composed of electronic memory as opposed to a physical device made up of spinning platters.
SSE
Security Service Edge
A collection of network security services delivered from a purpose-built cloud platform, which can be seen as a subset of the Secure Access Service Edge (SASE) framework, with its architecture focused on security services.
SSH
Secure Shell
An encrypted remote terminal connection program, used to remotely connect to a server. SSH uses asymmetric encryption, however, it generally requires an independent source of trust with a server, such as manually receiving a server key, to operate.
SSID
Service Set Identifier
A 32-bit identification string, sometimes called a network name, that's inserted into the header of each data packet processed by a wireless access point.
SSL
Secure Sockets Layer
A protocol developed for transmitting private documents over the internet. It works by using a public key to encrypt sensitive data. This encrypted data is then sent over an SSL connection and then decrypted at the receiving end using a private key. Deprecated by Transport Layer Security (TLS).
SSO
Single Sign-On
An authentication process by which the user can enter a single user ID and password and then move from application to application or resource to resource without having to supply further authentication information.
ST
Straight Tip or Snap Twist
Fibre-optic connector used primarily with 2.5 mm single-mode fibre. It uses a push-on, then twist-to-lock mechanical connection commonly called stick-and-twist although ST actually stands for straight tip.
STAR
Security, Trust, Assurance, Risk
A globally recognized cloud security assurance program developed by the Cloud Security Alliance (CSA). It promotes transparency, rigorous auditing, and harmonisation of security standards to help cloud service providers (CSPs) validate and communicate their security posture. The program is built on the Cloud Controls Matrix (CCM), a comprehensive framework of 197 control objectives across 17 domains, which assesses cloud-specific security, privacy, and compliance controls.
STIX
Structured Threat Information eXpression
A framework for passing threat information across automated interfaces.
STP [1]
Shielded Twisted Pair
A Special kind of copper telephone and Local Area Network wiring that adds an outer layer, or shield, to reduce the potential for electromagnetic interference. Twisted pair wiring is where two conductors of a single circuit are twisted together to improve electromagnetic compatibility.
SVI
Switch Virtual Interface
A logical interface configured on a layer 3 switch that connects a VLAN to the routing engine of the switch. It allows traffic to be routed between VLANs by providing a default gateway for each VLAN, along with layer 3 IP connectivity to the switch, and support for bridging and routing protocols.
SWG
Secure Web Gateway
An on-premise or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible.
TACACS+
Terminal Access Controller Access Control System Plus
A proprietary protocol developed by Cisco to support Authorisation, Authentication, and Accounting (AAA) in a network with many routes and switches. It is like RADIUS in function but uses TCP port 49 by default and separates AAA into different parts.
TAXII
Trusted Automated eXchange of Indicator Information
A transport framework for STIX data communication.
TCP
Transmission Control Protocol
A Layer 4 connection-oriented protocol within the TCP/IP suite. TCP provides a reliable communications channel over an unreliable network by ensuring all packets are accounted for and retransmitted if any are lost.
TCP/IP
Transmission Control Protocol/Internet Protocol
A set of communication protocols, developed by the U.S. Department of Defence, which enable dissimilar computers to share information over a network.
TFTP
Trivial File Transfer Protocol
A protocol that transfers files between servers and clients, without the need for user login. Devices that need an operating system, but have no local hard disk (for example, diskless workstations and routers), often use TFTP to download their operating systems.
TGT
Ticket Granting Ticket
A part of the Kerberos authentication system that is used to prove identity when requesting service tickets.
TKIP
Temporal Key Integrity Protocol
A deprecated encryption standard used in WPA that provided a new encryption key for every sent packet.
TLS
Transport Layer Security
A protocol where hosts use public-key cryptography to securely negotiate a cipher and symmetric key over an unsecured network, and the symmetric key to encrypt the rest of the session. TLS is the current name for the historical SSL protocol.
TN
Twisted Neumatic
Technology breakthrough that made LCDs practical. It doesn’t require a current to flow for operation and uses low operating voltages suitable for use with batteries.
TOC
Time-of-check
Refers to the time a value of something is checked in a multithreaded application.
TOTP
Time-based One Time Password
A password that is used once and is only valid during a specific time period.
TOU
Time-of-use
Refers to the time a value of something is used in a multithreaded application. The greater the separation between the time a program checks a value, and when it uses the value, the more likely it is for problems such as race conditions to arise.
TPM
Trusted Platform Module
A hardware chip to enable trusted computing platform operations.
TSIG
Transaction Signature
A protocol used as a means of authenticating dynamic DNS records during DNS updates.
TTL
Time to Live
A field in the IP header that indicates the number of hops a packet can make before it hits its demise and gets discarded by a router.
TTP
Tactics, Techniques, and Procedures
The methods used by an adversary, organised in a fashion to assist in identification and defence.
TX
Transmitter
Short for transmit, it refers to data being transmitted from one device to another.
TXT
Text
A DNS record in text format, which contains information about a domain, as well as details that help external network servers and services handle outgoing email from a domain. These records can be used to verify domain ownership, ensure email security, and prevent spam or phishing.
UAC
User Access Control
Mandatory access control enforcement facility introduced with Microsoft Windows Vista and Windows Server 2008, with a more relaxed version in Windows 7, 8, 10, Server 2008 R2 and 2012.
UAT
User Acceptance Testing
The application of acceptance-testing criteria to determine fitness for use according to end-user requirements.
UAV
Unmanned Aerial Vehicle
A remotely piloted flying vehicle.
UDP
User Datagram Protocol
Connectionless protocol in the TCP/IP suite. Has less overhead and better performance than TCP, but also a higher risk of errors. Fire-and-forget UDP datagrams do a lot of important behind-the-scenes work in a TCP/IP network.
UEFI
Unified Extensible Firmware Interface
A specification that defines the interface between an operating system and the hardware firmware. This is a replacement to BIOS.
UEM
Unified Endpoint Management
The aggregation of multiple products into a single system on an endpoint for efficiency purposes.
UPnP
Universal Plug and Play
Set of networking protocols that permits networked devices, such as PCs, printers etc to seamlessly discover and interact with each other on the network.
UPS
Uninterruptible Power Supply
A source of power, usually a battery, that is designed to provide uninterrupted power to a computer system in the event of a temporary loss of power.
URI
Uniform Resource Identifier
A set of characters used to identify the name of a resource in a computer system. A URL is a form of URI.
URL
Uniform Resource Locator
An address that defines the type and the location of a resource on the Internet. URLs are used in almost every TCP/IP application.
USB
Universal Serial Bus
A common interface that enables communication between devices and a host controller such as a personal computer (PC) or smartphone. It connects peripheral devices such as digital cameras, mice, keyboards, printers, scanners, media devices, external hard drives, and flash drives. Because of its wide variety of uses, including support for electrical power, the USB has replaced a wide range of interfaces like the parallel and serial port.
USB OTG
USB On-The-Go
A standardised specification that allows a device to read data from a USB device without requiring a PC.
UTM
Unified Threat Management
The aggregation of multiple network security products into a single appliance for efficiency purposes.
UTP
Unshielded Twisted Pair
A popular cabling for telephone and computer networks composed of pairs of wires twisted around each other at specific intervals. The twists serve to reduce interference, or crosstalk, as it is sometimes known. The more twists, the less interference. The cable has no metallic shielding to protect the wires from external interference, unlike Shielded Twisted Pair (STP). UTP is available in a variety of grades, called categories.
VA
Vertical Alignment
Type of LCD technology that’s characterised by vertically aligned pixels.
VBA
Visual Basic for Applications
A Microsoft specification for using Visual Basic in applications such as the Office Suite.
vCPU
Virtual CPU
A CPU inside a virtual machine, acting as a microprocessor, or brains of a computer, that interprets and executes program instructions such as arithmetic, logic, controlling and input/output operations.
VDE
Virtual Desktop Environment
The use of virtualisation technology to host desktop systems on a centralised server.
VDI
Virtual Desktop Infrastructure
The use of servers to host virtual desktops by moving the processing to the server and using the desktop machine as merely a display terminal.
VGA
Video Graphics Array
Video display controller and accompanying de-facto graphics standard. Includes the resolution 640 x 480.
VIP
Virtual IP
A single IP address shared by multiple systems. This is commonly the single IP address assigned to a home or organisation that uses NAT to have multiple IP stations on the private side of the NAT router. Virtual IP addresses are also used by the First Hop Redundancy Protocol (FHRP).
VLAN
Virtual Local Area Network
A common feature among managed switches that enables a single switch to support multiple Layer 2 broadcast domains and provide isolation between hosts on different VLANs. Critical for modern network performance and security.
VLSM
Variable Length Subnet Masking
The process of using variable-length subnets to create subnets within subnets.
VM
Virtual Machine
A virtual computer accessed through a class of programs called a hypervisor or virtual machine monitor. A virtual machine runs inside your actual operating system, essentially enabling you to run two or more operating systems at once.
VNC
Virtual Network Computing
A remote access program and protocol.
vNIC
Virtual Network Interface Card
Software-based NIC that functions identically to a physical NIC and uses a software connection to pass traffic from the real. NIC to the virtual one.
VoIP
Voice over Internet Protocol
The use of an IP network to conduct voice calls.
VPC
Virtual Private Cloud
A cloud instance that is virtually isolated by the provider.
VPN
Virtual Private Network
A network configuration that enables a remote user to access a private network via the Internet. VPNs employ an encryption methodology called tunnelling, which protects the data from interception.
VRAM
Video Random-access Memory
Memory in a computer system that holds the pixels and other information displayed on a computer monitor.
VTC
Video Teleconferencing
A business process of using video signals to carry audio and visual signals between separate locations, thus allowing participants to meet via a virtual meeting instead of traveling to a physical location.
VXLAN
Virtual Extensible LAN
A network virtualisation technology standard from the Internet Engineering Task Force (IETF), which allows a single physical network to be shared by multiple different organisations, without any one of them being able to see the network traffic of another.
WAF
Web Application Firewall
A firewall that operates at the application level, specifically designed to protect web applications by examining requests at the application stack level.
WAN
Wide Area Network
A geographically dispersed network created by linking various computers and LANs over long distances, generally using leased phone lines. There is no firm dividing line between a WAN and a LAN.
WAP
Wireless Access Point
Connects wireless network nodes to wireless or wired networks. Many WAPs are combination devices that act as high-speed hubs, switches, bridges, and routers, all rolled in to one.
WEP
Wired Equivalent Privacy
The encryption scheme used to attempt to provide confidentiality and data integrity on 802.11 networks.
WIDS
Wireless Intrusion Detection System
An intrusion detection system established to cover a wireless network.
WinRM
Windows Remote Management
An implementation of the WS-Management protocol by Microsoft, which is a standard SOAP, or Simple Object Access Protocol based, firewall-friendly protocol to facilitate interoperation between hardware and operating systems from multiple vendors.
WIPS
Wireless Intrusion Prevention System
An intrusion prevention system established to cover a wireless network.
WISP
Wireless Internet Service Provider
An internet service provider for which the last segment or two uses a point-to-point long-range fixed wireless connection.
WLAN
Wireless Local Area Network
A network that allows devices to connect and communicate wirelessly.
WO
Work Order
A task or job for a customer, that can be scheduled or assigned to a particular person.
WPA
Wi-Fi Protected Access
A wireless security protocol that addresses weaknesses and acts as an upgrade to WEP. WPA offers security enhancements such as dynamic encryption key generation (keys are issued on a per-user and per-session basis), an encryption key integrity-checking feature, user authentication through the industry standard Extensible Authentication Protocol (EAP), and other advanced features that WEP lacks. WPA has been replaced by the more secure WPA2.
WPS
Wi-Fi Protected Setup
A network security standard that allows easy setup of a wireless home network.
WTLS
Wireless TLS
A protocol based on the Transport Layer Security (TLS) protocol, that provides reliability and security for wireless communications using the Wireless Application Protocol (WAP). It is necessary due to the limited memory and processing abilities of some WAP enabled mobile devices.
WWAN
Wireless Wide Area Network
A form of wireless network over a wide area, which utilises cellular network technologies, such as 4G LTE and 5G to transfer data.
XDR
Extended Detection Response
Collects, correlates, and contextualises alerts from different solutions across endpoints, servers, networks, applications, and cloud workloads, into a unified incident detection and response platform.
XFS
Extended File System
A high-performance and scalable file system that was created to support extremely large file systems, up to 16 exabytes, with a maximum file size of 8 exabytes and directory structures with tens of millions of entries. It supports metadata journaling for quick crash recovery.
XML
Extensible Markup Language
A text-based, human-readable data markup language.
XOR
Exclusive OR
An operation commonly used in cryptography.
XSS
Cross-site Scripting
A method of attacking a system by sending script commands to the system input and relying on the parsers and execution elements to perform the requested scripted actions, thus instantiating the attack. XSS exploits the trust a user has for the site.
ZTA
Zero Trust Architecture
A network architecture whereby the trust is removed, with an assumption made that it is a hostile environment where all requests are verified based on an access policy.