Comptia Security+ exam acronyms

The following is a list of acronyms that appear on the Security+ exam. Candidates are encouraged to review the complete list and attain a working knowledge of all listed acronyms as part of a comprehensive exam preparation program.

We offer an Intensive Authorized CompTIA Security+ Bootcamp if you are in need of timely Security+ certification. 4 Days of training with the Security+ exam on Day 5. We also offer a free exam retake if you fail the exam. Training takes places in many different cities across the US as well as our Remote classes that are done Live Over the Internet.

Click Here for a full list of our Security+ class schedule as well a program details.

3DES -  Triple Digital Encryption Standard
AAA -  Authentication, Authorization, and Accounting
ABAC -  Attribute-based Access Control
ACL -  Access Control List
AES -  Advanced Encryption Standard
AES256 -  Advanced Encryption Standards 256bit
AH -  Authentication Header
ALE -  Annualized Loss Expectancy
AP -  Access Point
API -  Application Programming Interface
APT -  Advanced Persistent Threat
ARO -  Annualized Rate of Occurrence
ARP -  Address Resolution Protocol
ASLR -  Address Space Layout Randomization
ASP -  Application Service Provider
AUP -  Acceptable Use Policy
AV -  Antivirus
AV -  Asset Value
BAC -  Business Availability Center
BCP -  Business Continuity Planning
BIA -  Business Impact Analysis
BIOS -  Basic Input/Output System
BPA -  Business Partners Agreement
BPDU -  Bridge Protocol Data Unit
BYOD -  Bring Your Own Device
CA -  Certificate Authority
CAC -  Common Access Card
CAN -  Controller Area Network
CAPTCHA -  Completely Automated Public Turing Test to Tell Computers and Humans Apart
CAR -  Corrective Action Report
CASB -  Cloud Access Security Broker
CBC -  Cipher Block Chaining
CCMP -  Counter-Mode/CBC-Mac Protocol
CCTV -  Closed-circuit Television
CER -  Certificate
CER -  Cross-over Error Rate
CERT -  Computer Emergency Response Team
CFB -  Cipher Feedback
CHAP -  Challenge Handshake Authentication Protocol
CIO -  Chief Information Officer
CIRT -  Computer Incident Response Team
CMS -  Content Management System
COOP -  Continuity of Operations Plan
COPE -  Corporate Owned, Personally Enabled
CP -  Contingency Planning
CRC -  Cyclical Redundancy Check
CRL -  Certificate Revocation List
CSIRT -  Computer Security Incident Response Team
CSO -  Chief Security Officer
CSP -  Cloud Service Provider
CSR -  Certificate Signing Request
CSRF -  Cross-site Request Forgery
CSU -  Channel Service Unit
CTM -  Counter-Mode
CTO -  Chief Technology Officer
CTR -  Counter
CYOD -  Choose Your Own Device
DAC -  Discretionary Access Control
DBA -  Database Administrator
DDoS -  Distributed Denial of Service
DEP -  Data Execution Prevention
DER -  Distinguished Encoding Rules
DES -  Digital Encryption Standard
DFIR -  Digital Forensics and Investigation Response
DHCP -  Dynamic Host Configuration Protocol
DHE -  Data-Handling Electronics
DHE -  Diffie-Hellman Ephemeral
DLL -  Dynamic Link Library
DLP -  Data Loss Prevention
DMZ -  Demilitarized Zone
DNAT -  Destination Network Address Transaction
DNS -  Domain Name Service (Server)
DoS -  Denial of Service
DRP -  Disaster Recovery Plan
DSA -  Digital Signature Algorithm
DSL -  Digital Subscriber Line
DSU -  Data Service Unit
EAP -  Extensible Authentication Protocol
ECB -  Electronic Code Book
ECC -  Elliptic Curve Cryptography
ECDHE -  Elliptic Curve Diffie-Hellman Ephemeral
ECDSA -  Elliptic Curve Digital Signature Algorithm
EF -  Exposure Factor
EFS -  Encrypted File System
EMI -  Electromagnetic Interference
EMP -  Electro Magnetic Pulse
EOL -  End of Life
ERP -  Enterprise Resource Planning
ESN -  Electronic Serial Number
ESP -  Encapsulated Security Payload
EULA -  End User License Agreement
FACL -  File System Access Control List
FAR -  False Acceptance Rate
FDE -  Full Disk Encryption
FRR -  False Rejection Rate
FTP -  File Transfer Protocol
FTPS -  Secured File Transfer Protocol
GCM -  Galois Counter Mode
GPG -  Gnu Privacy Guard
GPO -  Group Policy Object
GPS -  Global Positioning System
GPU -  Graphic Processing Unit
GRE -  Generic Routing Encapsulation
HA -  High Availability
HDD -  Hard Disk Drive
HIDS -  Host-based Intrusion Detection System
HIPS -  Host-based Intrusion Prevention System
HMAC -  Hashed Message Authentication Code
HOTP -  HMAC-based One-Time Password
HSM -  Hardware Security Module
HTML -  Hypertext Markup Language
HTTP -  Hypertext Transfer Protocol
HTTPS -  Hypertext Transfer Protocol over SSL/TLS
HVAC -  Heating, Ventilation and Air Conditioning
IaaS -  Infrastructure as a Service
ICMP -  Internet Control Message Protocol
ICS -  Industrial Control Systems
ID -  Identification
IDEA -  International Data Encryption Algorithm
IDF -  Intermediate Distribution Frame
IdP -  Identity Provider
IDS -  Intrusion Detection System
IEEE -  Institute of Electrical and Electronic Engineers
IIS -  Internet Information System
IKE -  Internet Key Exchange
IM -  Instant Messaging
IMAP4 -  Internet Message Access Protocol v4
IoT -  Internet of Things
IP -  Internet Protocol
IPSec -  Internet Protocol Security
IR -  Incident Response
IR -  Infrared
IRC -  Internet Relay Chat
IRP -  Incident Response Plan
ISA -  Interconnection Security Agreement
ISP -  Internet Service Provider
ISSO -  Information Systems Security Officer
ITCP -  IT Contingency Plan
IV -  Initialization Vector
KDC -  Key Distribution Center
KEK -  Key Encryption Key
L2TP -  Layer 2 Tunneling Protocol
LAN -  Local Area Network
LDAP -  Lightweight Directory Access Protocol
LEAP -  Lightweight Extensible Authentication Protocol
MaaS -  Monitoring as a Service
MAC -  Mandatory Access Control
MAC -  Media Access Control
MAC -  Message Authentication Code
MAN -  Metropolitan Area Network
MBR -  Master Boot Record
MD5 -  Message Digest 5
MDF -  Main Distribution Frame
MDM -  Mobile Device Management
MFA -  Multi-Factor Authentication
MFD -  Multi-function Device
MIME -  Multipurpose Internet Mail Exchange
MITM -  Man-in-the-Middle
MMS -  Multimedia Message Service
MOA -  Memorandum of Agreement
MOTD -  Message of the Day
MOU -  Memorandum of Understanding
MPLS -  Multi-protocol Label Switching
MSCHAP -  Microsoft Challenge Handshake Authentication Protocol
MSP -  Managed Service Provider
MTBF -  Mean Time Between Failures
MTTF -  Mean Time to Failure
MTTR -  Mean Time to Recover or Mean Time to Repair
MTU -  Maximum Transmission Unit
NAC -  Network Access Control
NAT -  Network Address Translation
NDA -  Non-disclosure Agreement
NFC -  Near Field Communication
NGAC -  Next Generation Access Control
NIDS -  Network-based Intrusion Detection System
NIPS -  Network-based Intrusion Prevention System
NIST -  National Institute of Standards & Technology
NTFS -  New Technology File System
NTLM -  New Technology LAN Manager
NTP -  Network Time Protocol
OAUTH -  Open Authorization
OCSP -  Online Certificate Status Protocol
OID -  Object Identifier
OS -  Operating System
OTA -  Over The Air
OVAL -  Open Vulnerability Assessment Language
P12 -  PKCS #12
P2P -  Peer to Peer
PaaS -  Platform as a Service
PAC -  Proxy Auto Configuration
PAM -  Pluggable Authentication Modules
PAP -  Password Authentication Protocol
PAT -  Port Address Translation
PBKDF2 -  Password-based Key Derivation Function 2
PBX -  Private Branch Exchange
PCAP -  Packet Capture
PEAP -  Protected Extensible Authentication Protocol
PED -  Personal Electronic Device
PEM -  Privacy-enhanced Electronic Mail
PFS -  Perfect Forward Secrecy
PFX -  Personal Exchange Format
PGP -  Pretty Good Privacy
PHI -  Personal Health Information
PII -  Personally Identifiable Information
PIV -  Personal Identity Verification
PKI -  Public Key Infrastructure
POODLE -  Padding Oracle on Downgrade Legacy Encryption
POP -  Post Office Protocol
POTS -  Plain Old Telephone Service
PPP -  Point-to-Point Protocol
PPTP -  Point-to-Point Tunneling Protocol
PSK -  Pre-shared Key
PTZ -  Pan-Tilt-Zoom
RA -  Recovery Agent
RA -  Registration Authority
RAD -  Rapid Application Development
RADIUS -  Remote Authentication Dial-in User Server
RAID -  Redundant Array of Inexpensive Disks
RAS -  Remote Access Server
RAT -  Remote Access Trojan
RBAC -  Role-based Access Control
RBAC -  Rule-based Access Control
RC4 -  Rivest Cipher version 4
RDP -  Remote Desktop Protocol
REST -   Representational State Transfer
RFID -  Radio Frequency Identifier
RIPEMD -  RACE Integrity Primitives Evaluation Message Digest
ROI -  Return on Investment
RMF -  Risk Management Framework
RPO -  Recovery Point Objective
RSA -  Rivest, Shamir, & Adleman
RTBH -  Remotely Triggered Black Hole
RTO -  Recovery Time Objective
RTOS -  Real-time Operating System
RTP -  Real-time Transport Protocol
S/MIME -  Secure/Multipurpose Internet Mail Extensions
SaaS -  Software as a Service
SAML -  Security Assertions Markup Language
SAN -  Storage Area Network
SAN -  Subject Alternative Name
SCADA -  System Control and Data Acquisition
SCAP -  Security Content Automation Protocol
SCEP -  Simple Certificate Enrollment Protocol
SCP -  Secure Copy
SCSI -  Small Computer System Interface
SDK -  Software Development Kit
SDLC -  Software Development Life Cycle
SDLM -  Software Development Life Cycle Methodology
SDN -  Software Defined Network
SED -  Self-encrypting Drive
SEH -  Structured Exception Handler
SFTP -  Secured File Transfer Protocol
SHA -  Secure Hashing Algorithm
SHTTP -  Secure Hypertext Transfer Protocol
SIEM -  Security Information and Event Management
SIM -  Subscriber Identity Module
SIP -  Session Initiation Protocol
SIPS -  Session Initiation Protocol Secure
SLA -  Service Level Agreement
SLE -  Single Loss Expectancy
SMB -  Server Message Block
SMS -  Short Message Service
SMTP -  Simple Mail Transfer Protocol
SMTPS -  Simple Mail Transfer Protocol Secure
SNMP -  Simple Network Management Protocol
SOAP -  Simple Object Access Protocol
SoC -  System on Chip
SPF -  Sender Policy Framework
SPIM -  Spam over Internet Messaging
SPoF -  Single Point of Failure
SQL -  Structured Query Language
SRTP -  Secure Real-Time Protocol
SSD -  Solid State Drive
SSH -  Secure Shell
SSID -  Service Set Identifier
SSL -  Secure Sockets Layer
SSO -  Single Sign-on
SSP -  System Security Plan
STP -  Shielded Twisted Pair
TACACS+ -  Terminal Access Controller Access Control System Plus
TCO -  Total Cost of Ownership
TCP/IP -  Transmission Control Protocol/Internet Protocol
TGT -  Ticket Granting Ticket
TKIP -  Temporal Key Integrity Protocol
TLS -  Transport Layer Security
TOTP -  Time-based One-time Password
TPM -  Trusted Platform Module
TSIG -  Transaction Signature
UAT -  User Acceptance Testing
UAV -  Unmanned Aerial Vehicle
UDP -  User Datagram Protocol
UEFI -  Unified Extensible Firmware Interface
UPS -  Uninterruptable Power Supply
URI -  Uniform Resource Identifier
URL -  Universal Resource Locator
USB -  Universal Serial Bus
USB -  OTG USB On The Go
UTM -  Unified Threat Management
UTP -  Unshielded Twisted Pair
VDE - Virtual Desktop Environment
VDI -  Virtual Desktop Infrastructure
VLAN -  Virtual Local Area Network
VLSM -  Variable Length Subnet Masking
VM -  Virtual Machine
VoIP -  Voice over IP
VPN -  Virtual Private Network
VTC -  Video Teleconferencing
WAF -  Web Application Firewall
WAP -  Wireless Access Point
WEP -  Wired Equivalent Privacy
WIDS -  Wireless Intrusion Detection System
WIPS -  Wireless Intrusion Prevention System
WORM -  Write Once Read Many
WPA -  WiFi Protected Access
WPA2 -  WiFi Protected Access 2
WPS -  WiFi Protected Setup
WTLS -  Wireless TLS
XML -  Extensible Markup Language
XOR -  Exclusive Or
XSRF -  Cross-site Request Forgery
XSS -  Cross-site Scripting