A
Adware | Advertising-supported software |
AES | Advanced Encryption Standard |
AH | Authentication Headers |
AIaaS | Artificial Intelligence as a Service |
ALE | Annual loss expectancy |
ANSI | American National Standards Institute |
AP | Access point |
API | Application programming interface |
APT | Advanced persistent threat |
ARO | Annual rate of occurrence |
ARPAnet | Army Research Projects Agency network |
ASCII | American Standard Code for Information Interchange |
ASP | Active Server Pages |
AUP | Acceptable use policy |
B
B2B | Business to business |
B2C | Business to consumer |
BaaS | Backup as a Service |
BBS | Bulletin-board service |
BCP | Business continuity plan |
BI | Business intelligence |
BIA | Business impact analysis |
BIOS | Binary Input/Output System |
Bps | Bits per second |
BYOD | Bring Your Own Device |
C
C2B | Consumer to business |
C2C | Consumer to consumer |
CaaS | Cloud-as-a-Service |
CAN-SPAM | Controlling the Assault of Non-Solicited Pornography and Marketing Act |
CAPTCHA | Completely Automated Public Turing test to tell Computers and Humans Apart |
CCDA | Cisco Certified Design Associate |
CCE | Certified Computer Examiner |
CCEE | Citrix Certified Enterprise Engineer |
CCIA | Citrix Certified Integration Architect |
CCPA | California Consumer Privacy Act |
CDN | Content delivery network |
CERN | Conseil Européen pour la Recherche Nucléaire |
CERT | Computer Emergency Response Team |
CGI | Common Gateway Interface |
CI/CD | Continuous integration/continuous deployment |
CIA | Confidentiality, integrity, availability |
CIPA | Children’s Internet Protection Act |
COPPA | Children’s Online Privacy Protection Act |
CR/LF | Carriage Return/Line Feed |
CRM | Customer-relationship management |
CRT | Cathode Ray Tube |
CSP | Cloud service provider |
CSPM | Cloud Security Posture Management |
CSRF | Cross-site request forgery |
CSS | Cascading Style Sheet |
CSSLP | Certified Secure Software Lifecycle Professional |
CVE | Common Vulnerabilities and Exposures |
CVSS | Common Vulnerability Scoring System |
CWPP | Cloud Workload Protection Platform |
D
DaaS | Desktop as a Service |
DARPA | Defense Advanced Research Projects Agency |
DAST | Dynamic application security testing |
DBIR | Data Breach Investigations Report |
DBMS | Database management system |
DDoS | Distributed denial of service |
DECT | Digital Enhanced Cordless Telecommunications |
DES | Data encryption standard |
DevOps | Development and operations |
DHS | Department of Homeland Security |
DIA | Defense Intelligence Agency |
DiD | Defense in Depth |
DLL | Dynamic link library |
DMZ | Demilitarized zone |
DNS | Domain Name Service |
DoS | Denial of service |
DRP | Disaster recovery plan |
DSDM | Dynamic Systems Development Method |
DSL | Digital subscriber line |
E
EaaS | Everything-as-a-Service |
EF | Exposure factor |
EMP | Electro-magnetic pulse |
ERP | Enterprise resource planning |
ESP | Encapsulating Security Payloads |
EU | European Union |
EULA | End-User License Agreement |
F
FCC | Federal Communications Commission |
FDD | Feature-driven development |
FERPA | Family Educational Rights and Privacy Act |
FISMA | Federal Information Security Management Act |
FR1 | Frequency Range 1 |
FR2 | Frequency Range 2 |
FTC | Federal Trade Commission |
FTP | File Transfer Protocol |
G
GDPR | General Data Protection Regulation |
GLBA | Gramm-Leach-Bliley Act |
GPS | Global positioning system |
GUI | Graphical user interface |
H
HIPAA | Health Insurance Portability and Accountability Act |
HSPA | High Speed Packet Access |
HTML | Hypertext Markup Language |
HTTP | Hypertext Transfer Protocol |
HTTPS | Hypertext Transfer Protocol Secure |
I
IaaS | Infrastructure as a Service |
ICANN | Internet Corporation for Assigned Names and Numbers |
ICMP | Internet Control Message Protocol |
IDPS | Intrusion detection and prevention system |
IDS | Intrusion detection system |
IEEE | Institute of Electrical and Electronics Engineers |
IETF | Internet Engineering Task Force |
IKE | Internet Key Exchange |
IM | Instant messaging |
IMAP | Internet Message Access Protocol |
InfoSec | Information security |
IoT | Internet of Things |
IP | Internet Protocol |
IPO | Input-Processing-Output model |
IPS | Intrusion prevention system |
IPSec | Internet Protocol Security |
IPv4 | Internet Protocol version 4 |
IPv6 | Internet Protocol version 6 |
ISO | International Organization for Standardization |
ISOC | Internet Society |
ISP | Internet service provider |
ITIL | Information Technology Infrastructure Library |
L
L2TP | Layer 2 Tunneling Protocol |
LAMP | Linux, Apache, MySQL, PHP/Perl/Python |
LAN | Local area network |
LDAP | Lightweight Directory Access Protocol |
LFI | Local File Inclusion |
LoS | Line of Sight |
LSD | Lean software development |
LTE | Long-Term Evolution |
M
MAC | Media Access Control |
MAMP | macOS, Apache, MySQL/MariaDB, and PHP/Perl/Python |
MAN | Metropolitan area network |
MBR | Master Boot Record |
MD5 | Message Digest 5 |
MEAN | MongoDB, ExpressJS, AngularJS, NodeJS |
MFA | Multi-factor authentication |
MGCP | Media Gateway Control Protocol |
MIME | Multipurpose Internet Mail Extensions |
MitM | Man-in-the-middle attack |
MMS | Multimedia Messaging Service |
mmWave | Millimeter wave |
MPLS | Multiprotocol Label Switching |
MPOP | Multiple points of presence |
MTTF | Mean time to failure |
MTTR | Mean time to recovery |
MVP | Minimum viable product |
N
NaaS | Network as a Service |
NGMN | Next Generation Mobile Networks |
NIC | Network interface card |
NIST | National Institute of Standards and Technology |
NTP | Network Time Protocol |
NVD | National vulnerability database |
O
OMA | Open Mobile Alliance |
ORM | Object-relational mapping |
OS | Operating system |
OSI | Open Systems Interconnection |
OUI | Organizationally Unique Identifier |
OWASP | Open Web Application Security Project |
P
P2P | Peer-to-peer |
PaaS | Platform as a Service |
PBKDF | Password-based key derivation function |
PBX | Private branch exchange |
PCI DSS | Payment Card Industry Data Security Standard |
PCI SSC | PCI Security Standards Council |
PDA | Personal digital assistant |
PHI | Personal health information |
PHP | PHP Hypertext Preprocessor |
PII | Personally identifiable information |
PIN | Personal identification number |
PING | Packet Internet Groper |
POP3 | Post Office Protocol |
POTS | Plain old telephone system |
PPTP | Point-to-Point Tunneling Protocol |
PSTN | Public switched telephone network |
PUP | Potential Unwanted Program |
PWA | Progressive web applications |
Q
QAM | Qualitative assessment matrix |
R
RAD | Rapid application development |
RAM | Random-access memory |
RAM | Risk assessment matrix |
RAT | Radio access technology |
RCE | Remote code execution |
RDBMS | Relational Database Management System |
RF | Radio frequency |
RFC | Request for Comments |
RFI | Remote file inclusion |
RFID | Radio frequency identification |
RPO | Recovery point objective |
RSA | Rivest, Shamir, and Adleman |
RTCP | Real-time Transport Control Protocol |
RTO | Recovery time objective |
RTP | Real-time Transport Protocol |
S
SA | Security association |
SaaS | Software as a Service |
SAST | Static application scanning tool |
SCM | Software configuration management |
SDL | Secure development lifecycle |
SDLC | Systems development life cycle |
SDN | Software defined networking |
SD-WAN | Software defined WAN |
SEO | Search engine optimization |
SHA | Secure hash algorithm |
SID | Session ID |
SIP | Session Initiation Protocol |
SLA | Service level agreement |
SLE | Single loss expectancy |
SMB | Small-to-medium businesses |
SME | Subject matter expert |
SMS | Short message service |
SMTP | Simple Mail Transport Protocol |
SNMP | Simple Network Management Protocol |
SOAP | Simple Object Access Protocol |
SOHO | Small office/home office |
SOX | Sarbanes-Oxley Act of 2002 |
SPA | Single-page application |
SPI | Security Parameters Index |
SPOF | Single point of failure |
SQL | Structured Query Language |
SQLi | SQL Injection |
SSG | Static-site generation |
SSH | Secure shell |
SSI | Server-side include |
SSID | Service set identifier |
SSL | Secure Sockets Layer |
SSR | Server-side rendering |
SSRF | Server Side Request Forgery |
T
TCP | Transmission Control Protocol |
TCP/IP | Transmission Control Protocol/ Internet Protocol |
TCPA | Telephone Consumer Protection Act |
Telnet | Terminal network |
TLD | Top-level domain |
TLS | Transport Layer Security |
TOCTOU | Time of check, time of use |
TOR | The Onion Router |
U
UaaS | Unified communications as a service |
UAC | SIP user agent client |
UDI | Universal Document Identifier |
UDP | User Datagram Protocol |
UE | User equipment |
UEFI | Unified Extensible Firmware Interface |
UI | User interface |
ULE | Ultra-low emission |
UMB | Ultra Mobile Broadband |
UMTS | Universal Mobile Telecommunications System |
UPS | Uninterruptible power supply |
URI | Uniform Resource Identifier |
URL | Universal (or Uniform) Resource Locator |
USB | Universal serial bus |
UX | User experience |
V
VaaS | Video-conferencing as a Service |
VLAN | Virtual local area network |
VM | Virtual machine |
VMM | Virtual machine manager |
VoIP | Voice over Internet Protocol |
VPN | Virtual private network |
W
WAF | Web Application Firewall |
WAMP | Windows, Apache, MySQL, and PHP |
WAN | Wide area network |
WAP | Wireless access point |
WASC | Web Application Security Consortium |
WEP | Wired Equivalent Privacy |
Wi-Fi | Wireless Fidelity |
WiMAX | Worldwide Interoperability for Microwave Access |
WLAN | Wireless local area network |
WPA | Wi-Fi Protected Access |
WPA2 | Wi-Fi Protected Access, version 2 |
WPA3 | Wi-Fi Protected Access, version 3 |
WWW | World Wide Web |
X
XHTML-MP | Extensible HyperText Markup Language – Mobile Profile |
XML | Extensible Markup Language |
XP | Extreme programming |
XPath | XML Path |
XSS | Cross-site scripting |
XST | Cross-site tracing |
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.