Acronyms and Abbreviations: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 7: | Line 7: | ||
|AA||Audit and Accountability | |AA||Audit and Accountability | ||
|- | |- | ||
|ABAC||Attribute-Based Access Control | |ABAC||[https://en.wikipedia.org/wiki/Attribute-based_access_control Attribute-Based Access Control] | ||
|- | |- | ||
|AC||Access Control | |AC||[https://cmmcwiki.org/index.php/Model_Glossary#A Access Control] | ||
|- | |- | ||
|ACSC||Australian Cyber Security Centre | |ACSC||[https://en.wikipedia.org/wiki/Australian_Cyber_Security_Centre Australian Cyber Security Centre] | ||
|- | |- | ||
|AES||Advanced Encryption Standard | |AES||[https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] | ||
|- | |- | ||
|AIA||Aerospace Industries Association | |AIA||[https://en.wikipedia.org/wiki/Aerospace_Industries_Association Aerospace Industries Association] | ||
|- | |- | ||
|AM||Asset Management | |AM||[https://cmmcwiki.org/index.php/Model_Glossary#A Asset Management] | ||
|- | |- | ||
|API||Application Programming Interface | |API||[https://en.wikipedia.org/wiki/API Application Programming Interface] | ||
|- | |- | ||
|APT||Advanced Persistent Threat | |APT||[https://cmmcwiki.org/index.php/Model_Glossary#A Advanced Persistent Threat] | ||
|- | |- | ||
|AT||Awareness and Training | |AT||[https://cmmcwiki.org/index.php/Model_Glossary#A Awareness and Training] | ||
|- | |- | ||
|AU||Audit and Accountability | |AU||Audit and Accountability | ||
Revision as of 18:42, 26 February 2022
Source of Reference: The official CMMC Glossary from the Office of the Under Secretary of Defense Acquisition & Sustainment.
For inquiries and reporting errors on this wiki, please contact us. Thank you.
A
| AA | Audit and Accountability |
| ABAC | Attribute-Based Access Control |
| AC | Access Control |
| ACSC | Australian Cyber Security Centre |
| AES | Advanced Encryption Standard |
| AIA | Aerospace Industries Association |
| AM | Asset Management |
| API | Application Programming Interface |
| APT | Advanced Persistent Threat |
| AT | Awareness and Training |
| AU | Audit and Accountability |
B
| BYOD | Bring Your Own Device |
C
| C2M2 | Cybersecurity Capability Maturity Model |
| C3PAO | CMMC Third-Party Assessment Organization |
| CA | Security Assessment |
| CD-ROM | Compact Disc Read-Only Memory |
| CDI | Covered Defense Information |
| CEA | Council of Economic Advisers |
| CERT | Computer Emergency Response Team |
| CERT RMM | CERT® Resilience Management Model |
| CFR | Code of Federal Regulations |
| CI | Configuration Item |
| CIO | Chief Information Officer |
| CIS | Computer Information System |
| CIS | Center for Internet Security |
| CISA | Cybersecurity and Infrastructure Security Agency |
| CM | Configuration Management |
| CMMC | Cybersecurity Maturity Model Certification |
| CNSSD | Committee on National Security Systems Directive |
| CNSSI | Committee on National Security Systems Instructions |
| COMSEC | Communications Security |
| CPI | Critical Program Information |
| CSF | Cybersecurity Framework |
| CSIS | Center for Strategic and International Studies |
| CSP | Credential Service Provider |
| CTI | Controlled Technical Information |
| CUI | Controlled Unclassified Information |
| CVE | Common Vulnerabilities and Exposures |
| CVMP | Cryptographic Module Validation Program |
| CWE | Common Weakness Enumeration |
D
| D/A | Department/Agency |
| DCISE | DIB Collaborative Information Sharing Environment |
| DCS | Distributed Control System |
| DD | Represents any two-character CMMC Domain acronym |
| DFARS | Defense Federal Acquisition Regulation Supplement |
| DHC | Device Health Check |
| DIB | Defense Industrial Base |
| DKIM | Domain Key Identified Mail |
| DMARC | Domain-based Message Authentication, Reporting, and Conformance |
| DMZ | Demilitarized Zone |
| DNS | Domain Name System |
| DNSSEC | Domain Name System Security |
| DoD | Department of Defense |
| DoDI | Department of Defense Instruction |
| DPCI | Derived PIV Credential Issuers |
| DVD | Digital Versatile Disc |
E
| E.O. | Executive Order |
| eSATA | External Serial Advanced Technology Attachment |
| ESP | External Service Provider |
F
| FAQ | Frequently Asked Question |
| FAR | Federal Acquisition Regulation |
| FBI | Federal Bureau of Investigation |
| FCI | Federal Contract Information |
| FDDI | Fiber Distributed Data Interface |
| FDE | Full Disk Encryption |
| FedRAMP | Federal Risk and Authorization Management Program |
| FFRDC | Federally Funded Research and Development Center |
| FIPS | Federal Information Processing Standard |
| FTP | File Transfer Protocol |
G
| GDPR | General Data Protection Regulation |
H
| HIPAA | Health Insurance Portability and Accountability Act |
| HSPD | Homeland Security Presidential Directive |
| HTTP | Hypertext Transfer Protocol |
| HTTPS | Hypertext Transfer Protocol Secure |
| HVA | High-Value Asset |
I
| IA | Information Assurance |
| IA | Identification and Authentication |
| IBAC | Identity-Based Access Control |
| IC3 | Internet Crime Complaint Center |
| ICAM | Identity, Credential, and Access Management |
| ICS | Industrial Control System |
| ID | Identification |
| IDA | Identification and Authentication |
| IDPS | Intrusion Detection and Prevention Systems |
| IEC | International Electrotechnical Commission |
| IETF | Internet Engineering Task Force |
| IIoT | Industrial Internet of Things |
| IoT | Internet of Things |
| IP | Internet Protocol |
| IPSec | Internet Protocol Security |
| IR | Incident Response |
| IS | Information System |
| ISAC | Information Sharing and Analysis Center |
| ISAO | Information Sharing and Analysis Organization |
| ISCM | Information Security Continuous Monitoring |
| ISDN | Integrated Services Digital Network |
| ISO | International Organization for Standardization |
| IT | Information Technology |
| ITIL | Information Technology Infrastructure Library |
L
| L# | Level Number |
| LAN | Local Area Network |
| LSI | Large-Scale Integration |
M
| MA | Maintenance |
| MAC | Media Access Control |
| MC | Maturity Capability |
| MC## | Maturity Capability Number |
| MDM | Mobile Device Management |
| MEP | Manufacturing Extension Partnership |
| MFA | Multifactor Authentication |
| ML | Maturity Level |
| ML# | Maturity Level Number |
| MMC | Multimedia Card |
| MP | Media Protection |
| N/A | Not Applicable (NA) |
| NARA | National Archives and Records Administration |
| NAS | Networked Attached Storage |
| NAS | National Aerospace Standard |
| NCSC | National Cyber Security Centre |
| NIST | National Institute of Standards and Technology |
| NISTIR | NIST Interagency (or Internal) Report |
| NPE | Non-Person Entity |
| NSA | National Security Agency |
| NSA/CSS | NSA Central Security Service |
| NSPD | National Security Presidential Directive |
| NSTISSD | National Security Telecommunications and Information Systems Security Directive |
| NTP | Network Time Protocol |
| NYSSCPA | New York State Society of CPAs |
O
| OMB | Office of Management and Budget |
| OS | Operating System |
| OSC | Organization Seeking Certification |
| OT | Operational Technology |
| OUSD A&S | Office of the Under Secretary of Defense for Acquisition and Sustainment |
P
| PCI | Personal Identity Verification Card Issuers |
| PDA | Personal Digital Assistant |
| PE | Physical Protection |
| PGP | Pretty Good Privacy |
| PII | Personally Identifiable Information |
| PIV | Personal Identify Verification |
| PKI | Public Key Infrastructure |
| PLC | Programmable Logic Controller |
| POC | Point of Contact |
| POTS | Plain Old Telephone Service |
| PP | Physical Protection |
| PPD | Presidential Policy Directive |
| PS | Personnel Security |
| PUB | Publication |
R
| RADIUS | Remote Authentication Dial-in User Service |
| RE | Recovery |
| Rev | Revision |
| RF | Radio Frequency |
| RFC | Request for Comments |
| RM | Risk Management |
| RMM | Resilience Management Model |
| RMM | Risk Management Model |
| RPO | Recovery Point Objectives |
| RTO | Recovery Time Objectives |
S
| SA | Situational Awareness |
| SaaS | Software as a Service |
| SAS | Security Assessment |
| SC | System and Communications Protection |
| SCADA | Supervisory Control and Data Acquisition |
| SCRM | Supply Chain Risk Management |
| SHA | Security Hash Algorithm |
| SI | System and Information Integrity |
| SIEM | Security Integration and Event Management |
| SMS | Short Message Service |
| SOC | Security Operations Center |
| SP | Special Publication |
| SPF | Sender Policy Framework |
| SSC | Secure Socket Layer |
| SSD | Solid-State Disk |
| SSP | System Security Plan |
| SSP | Sector Specific Plan |
T
| TLS | Transport Layer Security |
| TTP | Tactics, Techniques, and Procedures |
U
| U.S. | United States |
| UARC | University Affiliated Research Center |
| UK | United Kingdom |
| UMD | Universal Media Disc |
| URL | Uniform Resource Locator |
| USB | Universal Serial Bus |
| UTC | Coordinated Universal Time |
| UUENCODE | Unix-to-Unix Encode |
V
| VLAN | Virtual Local Area Network |
| VoIP | Voice over Internet Protocol |
| Vol. | Volume |
| VPN | Virtual Private Network |
W
| WAP | Wireless Access Point |
| WPA2-PSK | WiFi Protected Access-Pre-shared Key |
X
| xD | Extreme Digital (flash memory card device) |