Acronyms and Abbreviations: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| (13 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
'''Source of Reference: The official [https:// | '''Source of Reference: The official [https://dodcio.defense.gov/CMMC/Documentation/ CMMC Glossary] from the Department of Defense Chief Information Officer (DoD CIO).''' | ||
For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. | |||
== A == | == A == | ||
| Line 5: | Line 7: | ||
|AA||Audit and Accountability | |AA||Audit and Accountability | ||
|- | |- | ||
|ABAC||Attribute-Based Access Control | |ABAC||[https://en.wikipedia.org/wiki/Attribute-based_access_control Attribute-Based Access Control] | ||
|- | |- | ||
|AC||Access Control | |AC||[https://cmmcwiki.org/index.php/Model_Glossary#A Access Control] | ||
|- | |- | ||
|ACSC||Australian Cyber Security Centre | |ACSC||[https://en.wikipedia.org/wiki/Australian_Cyber_Security_Centre Australian Cyber Security Centre] | ||
|- | |- | ||
|AES||Advanced Encryption Standard | |AES||[https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] | ||
|- | |- | ||
|AIA||Aerospace Industries Association | |AIA||[https://en.wikipedia.org/wiki/Aerospace_Industries_Association Aerospace Industries Association] | ||
|- | |- | ||
|AM||Asset Management | |AM||[https://cmmcwiki.org/index.php/Model_Glossary#A Asset Management] | ||
|- | |- | ||
|API||Application Programming Interface | |API||[https://en.wikipedia.org/wiki/API Application Programming Interface] | ||
|- | |- | ||
|APT||Advanced Persistent Threat | |APT||[https://cmmcwiki.org/index.php/Model_Glossary#A Advanced Persistent Threat] | ||
|- | |- | ||
|AT||Awareness and Training | |AT||[https://cmmcwiki.org/index.php/Model_Glossary#A Awareness and Training] | ||
|- | |- | ||
|AU||Audit and Accountability | |AU||Audit and Accountability | ||
| Line 28: | Line 30: | ||
== B == | == B == | ||
{| | {| | ||
|BYOD||Bring Your Own Device | |BYOD||[https://en.wikipedia.org/wiki/Bring_your_own_device Bring Your Own Device] | ||
|} | |} | ||
| Line 35: | Line 37: | ||
|C2M2||Cybersecurity Capability Maturity Model | |C2M2||Cybersecurity Capability Maturity Model | ||
|- | |- | ||
|C3PAO||CMMC Third-Party Assessment Organization | |C3PAO||[https://cmmcab.org/c3pao-lp/ CMMC Third-Party Assessment Organization] | ||
|- | |- | ||
|CA||Security Assessment | |CA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment] | ||
|- | |- | ||
|CD-ROM||Compact Disc Read-Only Memory | |CD-ROM||[https://en.wikipedia.org/wiki/CD-ROM Compact Disc Read-Only Memory] | ||
|- | |- | ||
|CDI||Covered Defense Information | |CDI||[https://cmmcwiki.org/index.php/Model_Glossary#C Covered Defense Information] | ||
|- | |- | ||
|CEA||Council of Economic Advisers | |CEA||[https://en.wikipedia.org/wiki/Council_of_Economic_Advisers Council of Economic Advisers] | ||
|- | |- | ||
|CERT||Computer Emergency Response Team | |CERT||[https://en.wikipedia.org/wiki/Computer_emergency_response_team Computer Emergency Response Team] | ||
|- | |- | ||
|CERT RMM||CERT® Resilience Management Model | |CERT RMM||CERT® Resilience Management Model | ||
|- | |- | ||
|CFR||Code of Federal Regulations | |CFR||[https://en.wikipedia.org/wiki/Code_of_Federal_Regulations Code of Federal Regulations] | ||
|- | |- | ||
|CI||Configuration Item | |CI||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Item] | ||
|- | |- | ||
|CIO||Chief Information Officer | |CIO||[https://en.wikipedia.org/wiki/Chief_information_officer Chief Information Officer] | ||
|- | |- | ||
|CIS||Computer Information System | |CIS||Computer Information System | ||
|- | |- | ||
|CIS||Center for Internet Security | |CIS||[https://en.wikipedia.org/wiki/Center_for_Internet_Security Center for Internet Security] | ||
|- | |- | ||
|CISA||Cybersecurity and Infrastructure Security Agency | |CISA||[https://en.wikipedia.org/wiki/Cybersecurity_and_Infrastructure_Security_Agency Cybersecurity and Infrastructure Security Agency] | ||
|- | |- | ||
|CM||Configuration Management | |CM||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Management] | ||
|- | |- | ||
|CMMC||Cybersecurity Maturity Model Certification | |CMMC||[https://www.acq.osd.mil/cmmc/index.html Cybersecurity Maturity Model Certification] | ||
|- | |- | ||
|CNSSD||Committee on National Security Systems Directive | |CNSSD||[Committee on National Security Systems Directive Committee on National Security Systems] Directive | ||
|- | |- | ||
|CNSSI||Committee on National Security Systems Instructions | |CNSSI||[Committee on National Security Systems Directive Committee on National Security Systems] Instructions | ||
|- | |- | ||
|COMSEC||Communications Security | |COMSEC||[https://en.wikipedia.org/wiki/Communications_security Communications Security] | ||
|- | |- | ||
|CPI||Critical Program Information | |CPI||Critical Program Information | ||
|- | |- | ||
|CSF||Cybersecurity Framework | |CSF||[https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework Cybersecurity Framework] | ||
|- | |- | ||
|CSIS||Center for Strategic and International Studies | |CSIS||[https://en.wikipedia.org/wiki/Center_for_Strategic_and_International_Studies Center for Strategic and International Studies] | ||
|- | |- | ||
|CSP||Credential Service Provider | |CSP||[https://en.wikipedia.org/wiki/Credential_service_provider Credential Service Provider] | ||
|- | |- | ||
|CTI||Controlled Technical Information | |CTI||Controlled Technical Information | ||
|- | |- | ||
|CUI||Controlled Unclassified Information | |CUI||[https://cmmcwiki.org/index.php/Model_Glossary#C Controlled Unclassified Information] | ||
|- | |- | ||
|CVE||Common Vulnerabilities and Exposures | |CVE||[https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilities and Exposures] | ||
|- | |- | ||
|CVMP||Cryptographic Module Validation Program | |CVMP||[https://en.wikipedia.org/wiki/Cryptographic_Module_Validation_Program Cryptographic Module Validation Program] | ||
|- | |- | ||
|CWE||Common Weakness Enumeration | |CWE||[https://en.wikipedia.org/wiki/Common_Weakness_Enumeration Common Weakness Enumeration] | ||
|} | |} | ||
| Line 94: | Line 96: | ||
|D/A||Department/Agency | |D/A||Department/Agency | ||
|- | |- | ||
|DCISE||DIB Collaborative Information Sharing Environment | |DCISE||[https://en.wikipedia.org/wiki/Department_of_Defense_Cyber_Crime_Center#DIB_Cybersecurity DIB Collaborative Information Sharing Environment] | ||
|- | |- | ||
|DCS||Distributed Control System | |DCS||[https://en.wikipedia.org/wiki/Distributed_control_system Distributed Control System] | ||
|- | |- | ||
|DD||Represents any two-character CMMC Domain acronym | |DD||Represents any two-character CMMC Domain acronym | ||
|- | |- | ||
|DFARS||Defense Federal Acquisition Regulation Supplement | |DFARS||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation#Supplements Defense Federal Acquisition Regulation Supplement] | ||
|- | |- | ||
|DHC||Device Health Check | |DHC||Device Health Check | ||
|- | |- | ||
|DIB||Defense Industrial Base | |DIB||[https://cmmcwiki.org/index.php/Model_Glossary#D Defense Industrial Base] | ||
|- | |- | ||
|DKIM|| | |DKIM||[https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail DomainKeys Identified Mail] | ||
|- | |- | ||
|DMARC||Domain-based Message Authentication, Reporting, and Conformance | |DMARC||[https://en.wikipedia.org/wiki/DMARC Domain-based Message Authentication, Reporting, and Conformance] | ||
|- | |- | ||
|DMZ||Demilitarized Zone | |DMZ||[https://cmmcwiki.org/index.php/Model_Glossary#D Demilitarized Zone] | ||
|- | |- | ||
|DNS||Domain Name System | |DNS||[https://en.wikipedia.org/wiki/Domain_Name_System Domain Name System] | ||
|- | |- | ||
|DNSSEC||Domain Name System Security | |DNSSEC||[https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions Domain Name System Security] | ||
|- | |- | ||
|DoD||Department of Defense | |DoD||[https://en.wikipedia.org/wiki/Department_of_Defence Department of Defense] | ||
|- | |- | ||
|DoDI||Department of Defense Instruction | |DoDI||Department of Defense Instruction | ||
| Line 122: | Line 124: | ||
|DPCI||Derived PIV Credential Issuers | |DPCI||Derived PIV Credential Issuers | ||
|- | |- | ||
|DVD||Digital Versatile Disc | |DVD||[https://en.wikipedia.org/wiki/DVD Digital Versatile Disc] | ||
|} | |} | ||
== E == | == E == | ||
{| | {| | ||
|E.O.||Executive Order | |E.O.||[https://en.wikipedia.org/wiki/Executive_order Executive Order] | ||
|- | |- | ||
|eSATA||External Serial Advanced Technology Attachment | |eSATA||External [https://en.wikipedia.org/wiki/Serial_ATA Serial Advanced Technology Attachment] | ||
|- | |- | ||
|ESP||External Service Provider | |ESP||External Service Provider | ||
| Line 136: | Line 138: | ||
== F == | == F == | ||
{| | {| | ||
|FAQ | |FAQ||[https://en.wikipedia.org/wiki/FAQ Frequently Asked Question] | ||
|Frequently Asked Question | |||
|- | |- | ||
FAR | |FAR||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation Federal Acquisition Regulation] | ||
|Federal Acquisition Regulation | |||
|- | |- | ||
FBI | |FBI||[https://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation Federal Bureau of Investigation] | ||
|Federal Bureau of Investigation | |||
|- | |- | ||
FCI | |FCI||[https://cmmcwiki.org/index.php/Model_Glossary#F Federal Contract Information] | ||
|Federal Contract Information | |||
|- | |- | ||
FDDI | |FDDI||[https://en.wikipedia.org/wiki/Fiber_Distributed_Data_Interface Fiber Distributed Data Interface] | ||
|Fiber Distributed Data Interface | |||
|- | |- | ||
FDE | |FDE||[https://en.wikipedia.org/wiki/Disk_encryption Full Disk Encryption] | ||
|Full Disk Encryption | |||
|- | |- | ||
FedRAMP | |FedRAMP||[https://en.wikipedia.org/wiki/FedRAMP Federal Risk and Authorization Management Program] | ||
|Federal Risk and Authorization Management Program | |||
|- | |- | ||
|FFRDC||[https://en.wikipedia.org/wiki/Federally_funded_research_and_development_centers Federally Funded Research and Development Center] | |||
|- | |||
|FIPS||[https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards Federal Information Processing Standard] | |||
|- | |||
|FTP||[https://en.wikipedia.org/wiki/File_Transfer_Protocol File Transfer Protocol] | |||
|} | |||
== G == | |||
| | {| | ||
|GDPR||[https://en.wikipedia.org/wiki/General_Data_Protection_Regulation General Data Protection Regulation] | |||
|} | |||
== H == | |||
{| | |||
|HIPAA||[https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act Health Insurance Portability and Accountability Act] | |||
| | |||
|- | |- | ||
|HSPD||[https://en.wikipedia.org/wiki/Presidential_directive#Homeland_Security_Presidential_Directive Homeland Security Presidential Directive] | |||
| | |||
|- | |- | ||
|HTTP||[https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol Hypertext Transfer Protocol] | |||
| | |||
|- | |- | ||
|HTTPS||[https://en.wikipedia.org/wiki/HTTPS Hypertext Transfer Protocol Secure] | |||
| | |||
| | |||
|- | |- | ||
|HVA||[https://cmmcwiki.org/index.php/Model_Glossary#H High-Value Asset] | |||
| | |} | ||
== I == | |||
{| | |||
|IA||[https://en.wikipedia.org/wiki/Information_assurance Information Assurance] | |||
|- | |- | ||
|IA||Identification and Authentication | |||
| | |||
|- | |- | ||
|IBAC||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity-Based Access Control] | |||
| | |||
|- | |- | ||
|IC3||[https://en.wikipedia.org/wiki/Internet_Crime_Complaint_Center Internet Crime Complaint Center] | |||
| | |||
|- | |- | ||
|ICAM||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity, Credential, and Access Management] | |||
| | |||
|- | |- | ||
|ICS||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Control System] | |||
| | |||
|- | |- | ||
|ID||[https://cmmcwiki.org/index.php/Model_Glossary#I Identification] | |||
| | |||
|- | |- | ||
|IDA||Identification and Authentication | |||
| | |||
|- | |- | ||
|IDPS||[https://en.wikipedia.org/wiki/Intrusion_detection_system Intrusion Detection and Prevention Systems] | |||
| | |||
|- | |- | ||
|IEC||[https://en.wikipedia.org/wiki/International_Electrotechnical_Commission International Electrotechnical Commission] | |||
| | |||
|- | |- | ||
|IETF||[https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force Internet Engineering Task Force] | |||
| | |||
|- | |- | ||
|IIoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Internet of Things] | |||
| | |||
|- | |- | ||
|IoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Internet of Things] | |||
| | |||
|- | |- | ||
|IP||[https://en.wikipedia.org/wiki/Internet_Protocol Internet Protocol] | |||
|Internet | |||
|- | |- | ||
|IPSec||[https://en.wikipedia.org/wiki/IPsec Internet Protocol Security] | |||
| | |||
|- | |- | ||
|IR||[https://cmmcwiki.org/index.php/Model_Glossary#I Incident Response] | |||
| | |||
|- | |- | ||
|IS||[https://cmmcwiki.org/index.php/Model_Glossary#I Information System] | |||
| | |||
|- | |- | ||
|ISAC||[https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center Information Sharing and Analysis Center] | |||
| | |||
|- | |- | ||
|ISAO||Information Sharing and Analysis Organization | |||
| | |||
|- | |- | ||
|ISCM||Information Security Continuous Monitoring | |||
|Information | |||
|- | |- | ||
|ISDN||[https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network Integrated Services Digital Network] | |||
| | |||
|- | |- | ||
|ISO||[https://en.wikipedia.org/wiki/International_Organization_for_Standardization International Organization for Standardization] | |||
| | |||
|- | |- | ||
|IT||[https://en.wikipedia.org/wiki/Information_technology Information Technology] | |||
|Information | |||
|- | |- | ||
|ITIL||[https://en.wikipedia.org/wiki/ITIL Information Technology Infrastructure Library] | |||
| | |} | ||
| | |||
| | |||
ITIL | |||
| | |||
== L == | |||
{| | |||
|L#||Level Number | |||
|- | |- | ||
|LAN||[https://en.wikipedia.org/wiki/Local_area_network Local Area Network] | |||
|- | |- | ||
|LSI||[https://en.wikipedia.org/wiki/Integrated_circuit#LSI Large-Scale Integration] | |||
|} | |||
MA | == M == | ||
|Maintenance | {| | ||
|MA||[https://cmmcwiki.org/index.php/Model_Glossary#M Maintenance] | |||
|- | |- | ||
MAC | |MAC||[https://en.wikipedia.org/wiki/Medium_access_control Media Access Control] | ||
|Media Access Control | |||
|- | |- | ||
MC | |MC||Maturity Capability | ||
|Maturity Capability | |||
|- | |- | ||
MC## | |MC##||Maturity Capability Number | ||
|Maturity Capability Number | |||
|- | |- | ||
MDM | |MDM||[https://en.wikipedia.org/wiki/Mobile_device_management Mobile Device Management] | ||
|Mobile Device Management | |||
|- | |- | ||
MEP | |MEP||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology#MEP Manufacturing Extension Partnership] | ||
|Manufacturing Extension Partnership | |||
|- | |- | ||
MFA | |MFA||[https://cmmcwiki.org/index.php/Model_Glossary#M Multifactor Authentication] | ||
|Multifactor Authentication | |||
|- | |- | ||
ML | |ML||Maturity Level | ||
|Maturity Level | |||
|- | |- | ||
ML# | |ML#||Maturity Level Number | ||
|Maturity Level Number | |||
|- | |- | ||
MMC | |MMC||[https://en.wikipedia.org/wiki/MultiMediaCard Multimedia Card] | ||
|Multimedia Card | |||
|- | |- | ||
MP | |MP||Media Protection | ||
|Media Protection | |} | ||
== N == | |||
{| | |||
|N/A||Not Applicable (NA) | |||
|- | |- | ||
|NARA||[https://en.wikipedia.org/wiki/National_Archives_and_Records_Administration National Archives and Records Administration] | |||
|- | |- | ||
|NAS||[https://en.wikipedia.org/wiki/Network-attached_storage Networked Attached Storage] | |||
| | |||
|- | |- | ||
NAS | |NAS||National Aerospace Standard | ||
| | |||
|- | |- | ||
|NCSC||[https://en.wikipedia.org/wiki/National_Cyber_Security_Centre National Cyber Security Centre] | |||
|National | |||
|- | |- | ||
|NIST||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology National Institute of Standards and Technology] | |||
|National | |||
|- | |- | ||
NIST | |NISTIR||NIST Interagency (or Internal) Report | ||
|- | |- | ||
|NPE||Non-Person Entity | |||
| | |||
|- | |- | ||
|NSA||[https://en.wikipedia.org/wiki/National_Security_Agency National Security Agency] | |||
| | |||
|- | |- | ||
NSA | |NSA/CSS||NSA Central Security Service | ||
| | |||
|- | |- | ||
|NSPD||[https://en.wikipedia.org/wiki/National_security_directive National Security Presidential Directive] | |||
|- | |- | ||
|NSTISSD||National Security Telecommunications and Information Systems Security Directive | |||
|National Security | |||
|- | |- | ||
|NTP||[https://en.wikipedia.org/wiki/Network_Time_Protocol Network Time Protocol] | |||
| | |||
|Network Time Protocol | |||
|- | |- | ||
NYSSCPA | |NYSSCPA||New York State Society of CPAs | ||
|New York State Society of CPAs | |} | ||
== O == | |||
{| | |||
|OMB||[https://en.wikipedia.org/wiki/Office_of_Management_and_Budget Office of Management and Budget] | |||
|- | |- | ||
|OS||[https://en.wikipedia.org/wiki/Operating_system Operating System] | |||
| | |||
|- | |- | ||
|OSC||[https://cmmcwiki.org/index.php/Model_Glossary#O Organization Seeking Certification] | |||
| | |||
|- | |- | ||
|OT||[https://cmmcwiki.org/index.php/Model_Glossary#O Operational Technology] | |||
| | |||
|- | |- | ||
|OUSD A&S||[https://en.wikipedia.org/wiki/Under_Secretary_of_Defense_for_Acquisition_and_Sustainment Office of the Under Secretary of Defense for Acquisition and Sustainment] | |||
| | |} | ||
== P == | |||
{| | |||
|PCI||Personal Identity Verification Card Issuers | |||
|- | |- | ||
|PDA||[https://en.wikipedia.org/wiki/Personal_digital_assistant Personal Digital Assistant] | |||
| | |||
|- | |- | ||
|PE||Physical Protection | |||
| | |||
|- | |- | ||
|PGP||[https://en.wikipedia.org/wiki/Pretty_Good_Privacy Pretty Good Privacy] | |||
| | |||
|- | |- | ||
|PII||[https://cmmcwiki.org/index.php/Model_Glossary#P Personally Identifiable Information] | |||
| | |||
|- | |- | ||
|PIV||Personal Identify Verification | |||
| | |||
|- | |- | ||
|PKI||[https://en.wikipedia.org/wiki/Public_key_infrastructure Public Key Infrastructure] | |||
| | |||
|- | |- | ||
|PLC||[https://en.wikipedia.org/wiki/Programmable_logic_controller Programmable Logic Controller] | |||
| | |||
|- | |- | ||
|POC||[https://en.wikipedia.org/wiki/Point_of_contact Point of Contact] | |||
| | |||
| | |||
|- | |- | ||
|POTS||[https://en.wikipedia.org/wiki/Plain_old_telephone_service Plain Old Telephone Service] | |||
| | |||
|- | |- | ||
|PP||Physical Protection | |||
| | |||
|- | |- | ||
|PPD||[https://en.wikipedia.org/wiki/National_security_directive Presidential Policy Directive] | |||
| | |||
|- | |- | ||
|PS||Personnel Security | |||
| | |||
|- | |- | ||
|PUB||[https://en.wikipedia.org/wiki/Publication Publication] | |||
| | |} | ||
== R == | |||
{| | |||
|RADIUS||[https://en.wikipedia.org/wiki/RADIUS Remote Authentication Dial-in User Service] | |||
|- | |- | ||
|RE||[https://cmmcwiki.org/index.php/Model_Glossary#R Recovery] | |||
| | |||
|- | |- | ||
|Rev||Revision | |||
| | |||
|- | |- | ||
|RF||[https://en.wikipedia.org/wiki/Radio_frequency Radio Frequency] | |||
| | |||
| | |||
|- | |- | ||
|RFC||[https://en.wikipedia.org/wiki/Request_for_Comments Request for Comments] | |||
| | |||
|- | |- | ||
|RM||[https://cmmcwiki.org/index.php/Model_Glossary#R Risk Management] | |||
| | |||
|- | |- | ||
|RMM||Resilience Management Model | |||
| | |||
|- | |- | ||
|RMM||Risk Management Model | |||
|Risk Management | |||
|- | |- | ||
|RPO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Point_Objective Recovery Point Objectives] | |||
| | |||
|- | |- | ||
|RTO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Time_Objective Recovery Time Objectives] | |||
| | |} | ||
== S == | |||
{| | |||
|SA||[https://cmmcwiki.org/index.php/Model_Glossary#S Situational Awareness] | |||
|- | |- | ||
|SaaS||[https://en.wikipedia.org/wiki/Software_as_a_service Software as a Service] | |||
| | |||
|- | |- | ||
|SAS||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment] | |||
| | |||
|- | |- | ||
|SC||System and Communications Protection | |||
| | |||
|- | |- | ||
|SCADA||[https://en.wikipedia.org/wiki/SCADA Supervisory Control and Data Acquisition] | |||
| | |||
|- | |- | ||
|SCRM||[https://cmmcwiki.org/index.php/Model_Glossary#S Supply Chain Risk Management] | |||
| | |||
|- | |- | ||
|SHA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Hash Algorithm] | |||
| | |||
| | |||
| | |||
|- | |- | ||
|SI||System and Information Integrity | |||
| | |||
|- | |- | ||
|SIEM||[https://en.wikipedia.org/wiki/Security_information_and_event_management Security Integration and Event Management] | |||
| | |||
|- | |- | ||
|SMS||[https://en.wikipedia.org/wiki/SMS Short Message Service] | |||
| | |||
|Short Message Service | |||
|- | |- | ||
SOC | |SOC||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Operations Center] | ||
|Security Operations Center | |||
|- | |- | ||
SP | |SP||Special Publication | ||
|Special Publication | |||
|- | |- | ||
SPF | |SPF||[https://en.wikipedia.org/wiki/Sender_Policy_Framework Sender Policy Framework] | ||
|Sender Policy Framework | |||
|- | |- | ||
SSC | |SSC||[https://en.wikipedia.org/wiki/Transport_Layer_Security Secure Socket Layer] | ||
|Secure Socket Layer | |||
|- | |- | ||
SSD | |SSD||[https://en.wikipedia.org/wiki/Solid-state_drive Solid-State Disk] | ||
|Solid-State Disk | |||
|- | |- | ||
SSP | |SSP||[https://cmmcwiki.org/index.php/Model_Glossary#S System Security Plan] | ||
|System Security Plan | |||
|- | |- | ||
SSP | |SSP||Sector Specific Plan | ||
|Sector Specific Plan | |} | ||
| | |||
== T == | |||
{| | |||
|TLS||[https://en.wikipedia.org/wiki/Transport_Layer_Security Transport Layer Security] | |||
|- | |- | ||
|TTP||[https://en.wikipedia.org/wiki/Terrorist_Tactics,_Techniques,_and_Procedures Tactics, Techniques, and Procedures] | |||
|} | |||
== U == | |||
| | {| | ||
|U.S.||United States | |||
| | |||
|- | |- | ||
|UARC||[https://en.wikipedia.org/wiki/University_Affiliated_Research_Center University Affiliated Research Center] | |||
|- | |- | ||
|UK||United Kingdom | |||
| | |||
|- | |- | ||
|UMD||[https://en.wikipedia.org/wiki/Universal_Media_Disc Universal Media Disc] | |||
| | |||
|- | |- | ||
|URL||[https://en.wikipedia.org/wiki/URL Uniform Resource Locator] | |||
| | |||
|- | |- | ||
|USB||[https://en.wikipedia.org/wiki/USB Universal Serial Bus] | |||
| | |||
|- | |- | ||
|UTC||[https://en.wikipedia.org/wiki/Coordinated_Universal_Time Coordinated Universal Time] | |||
|Universal | |||
|- | |- | ||
|UUENCODE||[https://en.wikipedia.org/wiki/Uuencoding Unix-to-Unix Encode] | |||
| | |} | ||
== V == | |||
{| | |||
|VLAN||[https://en.wikipedia.org/wiki/Virtual_LAN Virtual Local Area Network] | |||
|- | |- | ||
|VoIP||[https://en.wikipedia.org/wiki/Voice_over_IP Voice over Internet Protocol] | |||
| | |||
|- | |- | ||
|Vol.||Volume | |||
| | |||
|- | |- | ||
|VPN||[https://en.wikipedia.org/wiki/Virtual_private_network Virtual Private Network] | |||
| | |} | ||
| | |||
== W == | |||
| | {| | ||
|WAP||[https://en.wikipedia.org/wiki/Wireless_access_point Wireless Access Point] | |||
| | |||
| | |||
WAP | |||
|Wireless Access Point | |||
|- | |- | ||
|WPA2-PSK||[https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access WiFi Protected Access-Pre-shared Key] | |||
|} | |||
== X == | |||
{| | |||
|xD||[https://en.wikipedia.org/wiki/XD-Picture_Card Extreme Digital] (flash memory card device) | |||
|} | |} | ||
Latest revision as of 23:31, 30 November 2022
Source of Reference: The official CMMC Glossary from the Department of Defense Chief Information Officer (DoD CIO).
For inquiries and reporting errors on this wiki, please contact us. Thank you.
A
| AA | Audit and Accountability |
| ABAC | Attribute-Based Access Control |
| AC | Access Control |
| ACSC | Australian Cyber Security Centre |
| AES | Advanced Encryption Standard |
| AIA | Aerospace Industries Association |
| AM | Asset Management |
| API | Application Programming Interface |
| APT | Advanced Persistent Threat |
| AT | Awareness and Training |
| AU | Audit and Accountability |
B
| BYOD | Bring Your Own Device |
C
D
| D/A | Department/Agency |
| DCISE | DIB Collaborative Information Sharing Environment |
| DCS | Distributed Control System |
| DD | Represents any two-character CMMC Domain acronym |
| DFARS | Defense Federal Acquisition Regulation Supplement |
| DHC | Device Health Check |
| DIB | Defense Industrial Base |
| DKIM | DomainKeys Identified Mail |
| DMARC | Domain-based Message Authentication, Reporting, and Conformance |
| DMZ | Demilitarized Zone |
| DNS | Domain Name System |
| DNSSEC | Domain Name System Security |
| DoD | Department of Defense |
| DoDI | Department of Defense Instruction |
| DPCI | Derived PIV Credential Issuers |
| DVD | Digital Versatile Disc |
E
| E.O. | Executive Order |
| eSATA | External Serial Advanced Technology Attachment |
| ESP | External Service Provider |
F
G
| GDPR | General Data Protection Regulation |
H
| HIPAA | Health Insurance Portability and Accountability Act |
| HSPD | Homeland Security Presidential Directive |
| HTTP | Hypertext Transfer Protocol |
| HTTPS | Hypertext Transfer Protocol Secure |
| HVA | High-Value Asset |
I
| IA | Information Assurance |
| IA | Identification and Authentication |
| IBAC | Identity-Based Access Control |
| IC3 | Internet Crime Complaint Center |
| ICAM | Identity, Credential, and Access Management |
| ICS | Industrial Control System |
| ID | Identification |
| IDA | Identification and Authentication |
| IDPS | Intrusion Detection and Prevention Systems |
| IEC | International Electrotechnical Commission |
| IETF | Internet Engineering Task Force |
| IIoT | Industrial Internet of Things |
| IoT | Internet of Things |
| IP | Internet Protocol |
| IPSec | Internet Protocol Security |
| IR | Incident Response |
| IS | Information System |
| ISAC | Information Sharing and Analysis Center |
| ISAO | Information Sharing and Analysis Organization |
| ISCM | Information Security Continuous Monitoring |
| ISDN | Integrated Services Digital Network |
| ISO | International Organization for Standardization |
| IT | Information Technology |
| ITIL | Information Technology Infrastructure Library |
L
| L# | Level Number |
| LAN | Local Area Network |
| LSI | Large-Scale Integration |
M
| MA | Maintenance |
| MAC | Media Access Control |
| MC | Maturity Capability |
| MC## | Maturity Capability Number |
| MDM | Mobile Device Management |
| MEP | Manufacturing Extension Partnership |
| MFA | Multifactor Authentication |
| ML | Maturity Level |
| ML# | Maturity Level Number |
| MMC | Multimedia Card |
| MP | Media Protection |
N
| N/A | Not Applicable (NA) |
| NARA | National Archives and Records Administration |
| NAS | Networked Attached Storage |
| NAS | National Aerospace Standard |
| NCSC | National Cyber Security Centre |
| NIST | National Institute of Standards and Technology |
| NISTIR | NIST Interagency (or Internal) Report |
| NPE | Non-Person Entity |
| NSA | National Security Agency |
| NSA/CSS | NSA Central Security Service |
| NSPD | National Security Presidential Directive |
| NSTISSD | National Security Telecommunications and Information Systems Security Directive |
| NTP | Network Time Protocol |
| NYSSCPA | New York State Society of CPAs |
O
P
| PCI | Personal Identity Verification Card Issuers |
| PDA | Personal Digital Assistant |
| PE | Physical Protection |
| PGP | Pretty Good Privacy |
| PII | Personally Identifiable Information |
| PIV | Personal Identify Verification |
| PKI | Public Key Infrastructure |
| PLC | Programmable Logic Controller |
| POC | Point of Contact |
| POTS | Plain Old Telephone Service |
| PP | Physical Protection |
| PPD | Presidential Policy Directive |
| PS | Personnel Security |
| PUB | Publication |
R
| RADIUS | Remote Authentication Dial-in User Service |
| RE | Recovery |
| Rev | Revision |
| RF | Radio Frequency |
| RFC | Request for Comments |
| RM | Risk Management |
| RMM | Resilience Management Model |
| RMM | Risk Management Model |
| RPO | Recovery Point Objectives |
| RTO | Recovery Time Objectives |
S
| SA | Situational Awareness |
| SaaS | Software as a Service |
| SAS | Security Assessment |
| SC | System and Communications Protection |
| SCADA | Supervisory Control and Data Acquisition |
| SCRM | Supply Chain Risk Management |
| SHA | Security Hash Algorithm |
| SI | System and Information Integrity |
| SIEM | Security Integration and Event Management |
| SMS | Short Message Service |
| SOC | Security Operations Center |
| SP | Special Publication |
| SPF | Sender Policy Framework |
| SSC | Secure Socket Layer |
| SSD | Solid-State Disk |
| SSP | System Security Plan |
| SSP | Sector Specific Plan |
T
| TLS | Transport Layer Security |
| TTP | Tactics, Techniques, and Procedures |
U
| U.S. | United States |
| UARC | University Affiliated Research Center |
| UK | United Kingdom |
| UMD | Universal Media Disc |
| URL | Uniform Resource Locator |
| USB | Universal Serial Bus |
| UTC | Coordinated Universal Time |
| UUENCODE | Unix-to-Unix Encode |
V
| VLAN | Virtual Local Area Network |
| VoIP | Voice over Internet Protocol |
| Vol. | Volume |
| VPN | Virtual Private Network |
W
| WAP | Wireless Access Point |
| WPA2-PSK | WiFi Protected Access-Pre-shared Key |
X
| xD | Extreme Digital (flash memory card device) |