Acronyms and Abbreviations: Difference between revisions
Jump to navigation
Jump to search
(→B) |
No edit summary |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
'''Source of Reference: The official [https:// | '''Source of Reference: The official [https://dodcio.defense.gov/CMMC/Documentation/ CMMC Glossary] from the Department of Defense Chief Information Officer (DoD CIO).''' | ||
For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. | For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. | ||
Line 37: | Line 37: | ||
|C2M2||Cybersecurity Capability Maturity Model | |C2M2||Cybersecurity Capability Maturity Model | ||
|- | |- | ||
|C3PAO||CMMC Third-Party Assessment Organization | |C3PAO||[https://cmmcab.org/c3pao-lp/ CMMC Third-Party Assessment Organization] | ||
|- | |- | ||
|CA||Security Assessment | |CA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment] | ||
|- | |- | ||
|CD-ROM||Compact Disc Read-Only Memory | |CD-ROM||[https://en.wikipedia.org/wiki/CD-ROM Compact Disc Read-Only Memory] | ||
|- | |- | ||
|CDI||Covered Defense Information | |CDI||[https://cmmcwiki.org/index.php/Model_Glossary#C Covered Defense Information] | ||
|- | |- | ||
|CEA||Council of Economic Advisers | |CEA||[https://en.wikipedia.org/wiki/Council_of_Economic_Advisers Council of Economic Advisers] | ||
|- | |- | ||
|CERT||Computer Emergency Response Team | |CERT||[https://en.wikipedia.org/wiki/Computer_emergency_response_team Computer Emergency Response Team] | ||
|- | |- | ||
|CERT RMM||CERT® Resilience Management Model | |CERT RMM||CERT® Resilience Management Model | ||
|- | |- | ||
|CFR||Code of Federal Regulations | |CFR||[https://en.wikipedia.org/wiki/Code_of_Federal_Regulations Code of Federal Regulations] | ||
|- | |- | ||
|CI||Configuration Item | |CI||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Item] | ||
|- | |- | ||
|CIO||Chief Information Officer | |CIO||[https://en.wikipedia.org/wiki/Chief_information_officer Chief Information Officer] | ||
|- | |- | ||
|CIS||Computer Information System | |CIS||Computer Information System | ||
|- | |- | ||
|CIS||Center for Internet Security | |CIS||[https://en.wikipedia.org/wiki/Center_for_Internet_Security Center for Internet Security] | ||
|- | |- | ||
|CISA||Cybersecurity and Infrastructure Security Agency | |CISA||[https://en.wikipedia.org/wiki/Cybersecurity_and_Infrastructure_Security_Agency Cybersecurity and Infrastructure Security Agency] | ||
|- | |- | ||
|CM||Configuration Management | |CM||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Management] | ||
|- | |- | ||
|CMMC||Cybersecurity Maturity Model Certification | |CMMC||[https://www.acq.osd.mil/cmmc/index.html Cybersecurity Maturity Model Certification] | ||
|- | |- | ||
|CNSSD||Committee on National Security Systems Directive | |CNSSD||[Committee on National Security Systems Directive Committee on National Security Systems] Directive | ||
|- | |- | ||
|CNSSI||Committee on National Security Systems Instructions | |CNSSI||[Committee on National Security Systems Directive Committee on National Security Systems] Instructions | ||
|- | |- | ||
|COMSEC||Communications Security | |COMSEC||[https://en.wikipedia.org/wiki/Communications_security Communications Security] | ||
|- | |- | ||
|CPI||Critical Program Information | |CPI||Critical Program Information | ||
|- | |- | ||
|CSF||Cybersecurity Framework | |CSF||[https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework Cybersecurity Framework] | ||
|- | |- | ||
|CSIS||Center for Strategic and International Studies | |CSIS||[https://en.wikipedia.org/wiki/Center_for_Strategic_and_International_Studies Center for Strategic and International Studies] | ||
|- | |- | ||
|CSP||Credential Service Provider | |CSP||[https://en.wikipedia.org/wiki/Credential_service_provider Credential Service Provider] | ||
|- | |- | ||
|CTI||Controlled Technical Information | |CTI||Controlled Technical Information | ||
|- | |- | ||
|CUI||Controlled Unclassified Information | |CUI||[https://cmmcwiki.org/index.php/Model_Glossary#C Controlled Unclassified Information] | ||
|- | |- | ||
|CVE||Common Vulnerabilities and Exposures | |CVE||[https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilities and Exposures] | ||
|- | |- | ||
|CVMP||Cryptographic Module Validation Program | |CVMP||[https://en.wikipedia.org/wiki/Cryptographic_Module_Validation_Program Cryptographic Module Validation Program] | ||
|- | |- | ||
|CWE||Common Weakness Enumeration | |CWE||[https://en.wikipedia.org/wiki/Common_Weakness_Enumeration Common Weakness Enumeration] | ||
|} | |} | ||
Line 96: | Line 96: | ||
|D/A||Department/Agency | |D/A||Department/Agency | ||
|- | |- | ||
|DCISE||DIB Collaborative Information Sharing Environment | |DCISE||[https://en.wikipedia.org/wiki/Department_of_Defense_Cyber_Crime_Center#DIB_Cybersecurity DIB Collaborative Information Sharing Environment] | ||
|- | |- | ||
|DCS||Distributed Control System | |DCS||[https://en.wikipedia.org/wiki/Distributed_control_system Distributed Control System] | ||
|- | |- | ||
|DD||Represents any two-character CMMC Domain acronym | |DD||Represents any two-character CMMC Domain acronym | ||
|- | |- | ||
|DFARS||Defense Federal Acquisition Regulation Supplement | |DFARS||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation#Supplements Defense Federal Acquisition Regulation Supplement] | ||
|- | |- | ||
|DHC||Device Health Check | |DHC||Device Health Check | ||
|- | |- | ||
|DIB||Defense Industrial Base | |DIB||[https://cmmcwiki.org/index.php/Model_Glossary#D Defense Industrial Base] | ||
|- | |- | ||
|DKIM|| | |DKIM||[https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail DomainKeys Identified Mail] | ||
|- | |- | ||
|DMARC||Domain-based Message Authentication, Reporting, and Conformance | |DMARC||[https://en.wikipedia.org/wiki/DMARC Domain-based Message Authentication, Reporting, and Conformance] | ||
|- | |- | ||
|DMZ||Demilitarized Zone | |DMZ||[https://cmmcwiki.org/index.php/Model_Glossary#D Demilitarized Zone] | ||
|- | |- | ||
|DNS||Domain Name System | |DNS||[https://en.wikipedia.org/wiki/Domain_Name_System Domain Name System] | ||
|- | |- | ||
|DNSSEC||Domain Name System Security | |DNSSEC||[https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions Domain Name System Security] | ||
|- | |- | ||
|DoD||Department of Defense | |DoD||[https://en.wikipedia.org/wiki/Department_of_Defence Department of Defense] | ||
|- | |- | ||
|DoDI||Department of Defense Instruction | |DoDI||Department of Defense Instruction | ||
Line 124: | Line 124: | ||
|DPCI||Derived PIV Credential Issuers | |DPCI||Derived PIV Credential Issuers | ||
|- | |- | ||
|DVD||Digital Versatile Disc | |DVD||[https://en.wikipedia.org/wiki/DVD Digital Versatile Disc] | ||
|} | |} | ||
== E == | == E == | ||
{| | {| | ||
|E.O.||Executive Order | |E.O.||[https://en.wikipedia.org/wiki/Executive_order Executive Order] | ||
|- | |- | ||
|eSATA||External Serial Advanced Technology Attachment | |eSATA||External [https://en.wikipedia.org/wiki/Serial_ATA Serial Advanced Technology Attachment] | ||
|- | |- | ||
|ESP||External Service Provider | |ESP||External Service Provider | ||
Line 138: | Line 138: | ||
== F == | == F == | ||
{| | {| | ||
|FAQ||Frequently Asked Question | |FAQ||[https://en.wikipedia.org/wiki/FAQ Frequently Asked Question] | ||
|- | |- | ||
|FAR||Federal Acquisition Regulation | |FAR||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation Federal Acquisition Regulation] | ||
|- | |- | ||
|FBI||Federal Bureau of Investigation | |FBI||[https://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation Federal Bureau of Investigation] | ||
|- | |- | ||
|FCI||Federal Contract Information | |FCI||[https://cmmcwiki.org/index.php/Model_Glossary#F Federal Contract Information] | ||
|- | |- | ||
|FDDI||Fiber Distributed Data Interface | |FDDI||[https://en.wikipedia.org/wiki/Fiber_Distributed_Data_Interface Fiber Distributed Data Interface] | ||
|- | |- | ||
|FDE||Full Disk Encryption | |FDE||[https://en.wikipedia.org/wiki/Disk_encryption Full Disk Encryption] | ||
|- | |- | ||
|FedRAMP||Federal Risk and Authorization Management Program | |FedRAMP||[https://en.wikipedia.org/wiki/FedRAMP Federal Risk and Authorization Management Program] | ||
|- | |- | ||
|FFRDC||Federally Funded Research and Development Center | |FFRDC||[https://en.wikipedia.org/wiki/Federally_funded_research_and_development_centers Federally Funded Research and Development Center] | ||
|- | |- | ||
|FIPS||Federal Information Processing Standard | |FIPS||[https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards Federal Information Processing Standard] | ||
|- | |- | ||
|FTP||File Transfer Protocol | |FTP||[https://en.wikipedia.org/wiki/File_Transfer_Protocol File Transfer Protocol] | ||
|} | |} | ||
== G == | == G == | ||
{| | {| | ||
|GDPR||General Data Protection Regulation | |GDPR||[https://en.wikipedia.org/wiki/General_Data_Protection_Regulation General Data Protection Regulation] | ||
|} | |} | ||
== H == | == H == | ||
{| | {| | ||
|HIPAA||Health Insurance Portability and Accountability Act | |HIPAA||[https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act Health Insurance Portability and Accountability Act] | ||
|- | |- | ||
|HSPD||Homeland Security Presidential Directive | |HSPD||[https://en.wikipedia.org/wiki/Presidential_directive#Homeland_Security_Presidential_Directive Homeland Security Presidential Directive] | ||
|- | |- | ||
|HTTP||Hypertext Transfer Protocol | |HTTP||[https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol Hypertext Transfer Protocol] | ||
|- | |- | ||
|HTTPS||Hypertext Transfer Protocol Secure | |HTTPS||[https://en.wikipedia.org/wiki/HTTPS Hypertext Transfer Protocol Secure] | ||
|- | |- | ||
|HVA||High-Value Asset | |HVA||[https://cmmcwiki.org/index.php/Model_Glossary#H High-Value Asset] | ||
|} | |} | ||
== I == | == I == | ||
{| | {| | ||
|IA||Information Assurance | |IA||[https://en.wikipedia.org/wiki/Information_assurance Information Assurance] | ||
|- | |- | ||
|IA||Identification and Authentication | |IA||Identification and Authentication | ||
|- | |- | ||
|IBAC||Identity-Based Access Control | |IBAC||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity-Based Access Control] | ||
|- | |- | ||
|IC3||Internet Crime Complaint Center | |IC3||[https://en.wikipedia.org/wiki/Internet_Crime_Complaint_Center Internet Crime Complaint Center] | ||
|- | |- | ||
|ICAM||Identity, Credential, and Access Management | |ICAM||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity, Credential, and Access Management] | ||
|- | |- | ||
|ICS||Industrial Control System | |ICS||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Control System] | ||
|- | |- | ||
|ID||Identification | |ID||[https://cmmcwiki.org/index.php/Model_Glossary#I Identification] | ||
|- | |- | ||
|IDA||Identification and Authentication | |IDA||Identification and Authentication | ||
|- | |- | ||
|IDPS||Intrusion Detection and Prevention Systems | |IDPS||[https://en.wikipedia.org/wiki/Intrusion_detection_system Intrusion Detection and Prevention Systems] | ||
|- | |- | ||
|IEC||International Electrotechnical Commission | |IEC||[https://en.wikipedia.org/wiki/International_Electrotechnical_Commission International Electrotechnical Commission] | ||
|- | |- | ||
|IETF||Internet Engineering Task Force | |IETF||[https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force Internet Engineering Task Force] | ||
|- | |- | ||
|IIoT||Industrial Internet of Things | |IIoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Internet of Things] | ||
|- | |- | ||
|IoT||Internet of Things | |IoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Internet of Things] | ||
|- | |- | ||
|IP||Internet Protocol | |IP||[https://en.wikipedia.org/wiki/Internet_Protocol Internet Protocol] | ||
|- | |- | ||
|IPSec||Internet Protocol Security | |IPSec||[https://en.wikipedia.org/wiki/IPsec Internet Protocol Security] | ||
|- | |- | ||
|IR||Incident Response | |IR||[https://cmmcwiki.org/index.php/Model_Glossary#I Incident Response] | ||
|- | |- | ||
|IS||Information System | |IS||[https://cmmcwiki.org/index.php/Model_Glossary#I Information System] | ||
|- | |- | ||
|ISAC||Information Sharing and Analysis Center | |ISAC||[https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center Information Sharing and Analysis Center] | ||
|- | |- | ||
|ISAO||Information Sharing and Analysis Organization | |ISAO||Information Sharing and Analysis Organization | ||
Line 219: | Line 219: | ||
|ISCM||Information Security Continuous Monitoring | |ISCM||Information Security Continuous Monitoring | ||
|- | |- | ||
|ISDN||Integrated Services Digital Network | |ISDN||[https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network Integrated Services Digital Network] | ||
|- | |- | ||
|ISO||International Organization for Standardization | |ISO||[https://en.wikipedia.org/wiki/International_Organization_for_Standardization International Organization for Standardization] | ||
|- | |- | ||
|IT||Information Technology | |IT||[https://en.wikipedia.org/wiki/Information_technology Information Technology] | ||
|- | |- | ||
|ITIL||Information Technology Infrastructure Library | |ITIL||[https://en.wikipedia.org/wiki/ITIL Information Technology Infrastructure Library] | ||
|} | |} | ||
Line 232: | Line 232: | ||
|L#||Level Number | |L#||Level Number | ||
|- | |- | ||
|LAN||Local Area Network | |LAN||[https://en.wikipedia.org/wiki/Local_area_network Local Area Network] | ||
|- | |- | ||
|LSI||Large-Scale Integration | |LSI||[https://en.wikipedia.org/wiki/Integrated_circuit#LSI Large-Scale Integration] | ||
|} | |} | ||
== M == | == M == | ||
{| | {| | ||
|MA||Maintenance | |MA||[https://cmmcwiki.org/index.php/Model_Glossary#M Maintenance] | ||
|- | |- | ||
|MAC||Media Access Control | |MAC||[https://en.wikipedia.org/wiki/Medium_access_control Media Access Control] | ||
|- | |- | ||
|MC||Maturity Capability | |MC||Maturity Capability | ||
Line 247: | Line 247: | ||
|MC##||Maturity Capability Number | |MC##||Maturity Capability Number | ||
|- | |- | ||
|MDM||Mobile Device Management | |MDM||[https://en.wikipedia.org/wiki/Mobile_device_management Mobile Device Management] | ||
|- | |- | ||
|MEP||Manufacturing Extension Partnership | |MEP||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology#MEP Manufacturing Extension Partnership] | ||
|- | |- | ||
|MFA||Multifactor Authentication | |MFA||[https://cmmcwiki.org/index.php/Model_Glossary#M Multifactor Authentication] | ||
|- | |- | ||
|ML||Maturity Level | |ML||Maturity Level | ||
Line 257: | Line 257: | ||
|ML#||Maturity Level Number | |ML#||Maturity Level Number | ||
|- | |- | ||
|MMC||Multimedia Card | |MMC||[https://en.wikipedia.org/wiki/MultiMediaCard Multimedia Card] | ||
|- | |- | ||
|MP||Media Protection | |MP||Media Protection | ||
| | |} | ||
== N == | |||
{| | |||
|N/A||Not Applicable (NA) | |N/A||Not Applicable (NA) | ||
|- | |- | ||
|NARA||National Archives and Records Administration | |NARA||[https://en.wikipedia.org/wiki/National_Archives_and_Records_Administration National Archives and Records Administration] | ||
|- | |- | ||
|NAS||Networked Attached Storage | |NAS||[https://en.wikipedia.org/wiki/Network-attached_storage Networked Attached Storage] | ||
|- | |- | ||
|NAS||National Aerospace Standard | |NAS||National Aerospace Standard | ||
|- | |- | ||
|NCSC||National Cyber Security Centre | |NCSC||[https://en.wikipedia.org/wiki/National_Cyber_Security_Centre National Cyber Security Centre] | ||
|- | |- | ||
|NIST||National Institute of Standards and Technology | |NIST||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology National Institute of Standards and Technology] | ||
|- | |- | ||
|NISTIR||NIST Interagency (or Internal) Report | |NISTIR||NIST Interagency (or Internal) Report | ||
Line 277: | Line 280: | ||
|NPE||Non-Person Entity | |NPE||Non-Person Entity | ||
|- | |- | ||
|NSA||National Security Agency | |NSA||[https://en.wikipedia.org/wiki/National_Security_Agency National Security Agency] | ||
|- | |- | ||
|NSA/CSS||NSA Central Security Service | |NSA/CSS||NSA Central Security Service | ||
|- | |- | ||
|NSPD||National Security Presidential Directive | |NSPD||[https://en.wikipedia.org/wiki/National_security_directive National Security Presidential Directive] | ||
|- | |- | ||
|NSTISSD||National Security Telecommunications and Information Systems Security Directive | |NSTISSD||National Security Telecommunications and Information Systems Security Directive | ||
|- | |- | ||
|NTP||Network Time Protocol | |NTP||[https://en.wikipedia.org/wiki/Network_Time_Protocol Network Time Protocol] | ||
|- | |- | ||
|NYSSCPA||New York State Society of CPAs | |NYSSCPA||New York State Society of CPAs | ||
Line 292: | Line 295: | ||
== O == | == O == | ||
{| | {| | ||
|OMB||Office of Management and Budget | |OMB||[https://en.wikipedia.org/wiki/Office_of_Management_and_Budget Office of Management and Budget] | ||
|- | |- | ||
|OS||Operating System | |OS||[https://en.wikipedia.org/wiki/Operating_system Operating System] | ||
|- | |- | ||
|OSC||Organization Seeking Certification | |OSC||[https://cmmcwiki.org/index.php/Model_Glossary#O Organization Seeking Certification] | ||
|- | |- | ||
|OT||Operational Technology | |OT||[https://cmmcwiki.org/index.php/Model_Glossary#O Operational Technology] | ||
|- | |- | ||
|OUSD A&S||Office of the Under Secretary of Defense for Acquisition and Sustainment | |OUSD A&S||[https://en.wikipedia.org/wiki/Under_Secretary_of_Defense_for_Acquisition_and_Sustainment Office of the Under Secretary of Defense for Acquisition and Sustainment] | ||
|} | |} | ||
Line 307: | Line 310: | ||
|PCI||Personal Identity Verification Card Issuers | |PCI||Personal Identity Verification Card Issuers | ||
|- | |- | ||
|PDA||Personal Digital Assistant | |PDA||[https://en.wikipedia.org/wiki/Personal_digital_assistant Personal Digital Assistant] | ||
|- | |- | ||
|PE||Physical Protection | |PE||Physical Protection | ||
|- | |- | ||
|PGP||Pretty Good Privacy | |PGP||[https://en.wikipedia.org/wiki/Pretty_Good_Privacy Pretty Good Privacy] | ||
|- | |- | ||
|PII||Personally Identifiable Information | |PII||[https://cmmcwiki.org/index.php/Model_Glossary#P Personally Identifiable Information] | ||
|- | |- | ||
|PIV||Personal Identify Verification | |PIV||Personal Identify Verification | ||
|- | |- | ||
|PKI||Public Key Infrastructure | |PKI||[https://en.wikipedia.org/wiki/Public_key_infrastructure Public Key Infrastructure] | ||
|- | |- | ||
|PLC||Programmable Logic Controller | |PLC||[https://en.wikipedia.org/wiki/Programmable_logic_controller Programmable Logic Controller] | ||
|- | |- | ||
|POC||Point of Contact | |POC||[https://en.wikipedia.org/wiki/Point_of_contact Point of Contact] | ||
|- | |- | ||
|POTS||Plain Old Telephone Service | |POTS||[https://en.wikipedia.org/wiki/Plain_old_telephone_service Plain Old Telephone Service] | ||
|- | |- | ||
|PP||Physical Protection | |PP||Physical Protection | ||
|- | |- | ||
|PPD||Presidential Policy Directive | |PPD||[https://en.wikipedia.org/wiki/National_security_directive Presidential Policy Directive] | ||
|- | |- | ||
|PS||Personnel Security | |PS||Personnel Security | ||
|- | |- | ||
|PUB||Publication | |PUB||[https://en.wikipedia.org/wiki/Publication Publication] | ||
|} | |} | ||
== R == | == R == | ||
{| | {| | ||
|RADIUS||Remote Authentication Dial-in User Service | |RADIUS||[https://en.wikipedia.org/wiki/RADIUS Remote Authentication Dial-in User Service] | ||
|- | |- | ||
|RE||Recovery | |RE||[https://cmmcwiki.org/index.php/Model_Glossary#R Recovery] | ||
|- | |- | ||
|Rev||Revision | |Rev||Revision | ||
|- | |- | ||
|RF||Radio Frequency | |RF||[https://en.wikipedia.org/wiki/Radio_frequency Radio Frequency] | ||
|- | |- | ||
|RFC||Request for Comments | |RFC||[https://en.wikipedia.org/wiki/Request_for_Comments Request for Comments] | ||
|- | |- | ||
|RM||Risk Management | |RM||[https://cmmcwiki.org/index.php/Model_Glossary#R Risk Management] | ||
|- | |- | ||
|RMM||Resilience Management Model | |RMM||Resilience Management Model | ||
Line 352: | Line 355: | ||
|RMM||Risk Management Model | |RMM||Risk Management Model | ||
|- | |- | ||
|RPO||Recovery Point Objectives | |RPO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Point_Objective Recovery Point Objectives] | ||
|- | |- | ||
|RTO||Recovery Time Objectives | |RTO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Time_Objective Recovery Time Objectives] | ||
|} | |} | ||
== S == | == S == | ||
{| | {| | ||
|SA||Situational Awareness | |SA||[https://cmmcwiki.org/index.php/Model_Glossary#S Situational Awareness] | ||
|- | |- | ||
|SaaS||Software as a Service | |SaaS||[https://en.wikipedia.org/wiki/Software_as_a_service Software as a Service] | ||
|- | |- | ||
|SAS||Security Assessment | |SAS||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment] | ||
|- | |- | ||
|SC||System and Communications Protection | |SC||System and Communications Protection | ||
|- | |- | ||
|SCADA||Supervisory Control and Data Acquisition | |SCADA||[https://en.wikipedia.org/wiki/SCADA Supervisory Control and Data Acquisition] | ||
|- | |- | ||
|SCRM||Supply Chain Risk Management | |SCRM||[https://cmmcwiki.org/index.php/Model_Glossary#S Supply Chain Risk Management] | ||
|- | |- | ||
|SHA||Security Hash Algorithm | |SHA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Hash Algorithm] | ||
|- | |- | ||
|SI||System and Information Integrity | |SI||System and Information Integrity | ||
|- | |- | ||
|SIEM||Security Integration and Event Management | |SIEM||[https://en.wikipedia.org/wiki/Security_information_and_event_management Security Integration and Event Management] | ||
|- | |- | ||
|SMS||Short Message Service | |SMS||[https://en.wikipedia.org/wiki/SMS Short Message Service] | ||
|- | |- | ||
|SOC||Security Operations Center | |SOC||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Operations Center] | ||
|- | |- | ||
|SP||Special Publication | |SP||Special Publication | ||
|- | |- | ||
|SPF||Sender Policy Framework | |SPF||[https://en.wikipedia.org/wiki/Sender_Policy_Framework Sender Policy Framework] | ||
|- | |- | ||
|SSC||Secure Socket Layer | |SSC||[https://en.wikipedia.org/wiki/Transport_Layer_Security Secure Socket Layer] | ||
|- | |- | ||
|SSD||Solid-State Disk | |SSD||[https://en.wikipedia.org/wiki/Solid-state_drive Solid-State Disk] | ||
|- | |- | ||
|SSP||System Security Plan | |SSP||[https://cmmcwiki.org/index.php/Model_Glossary#S System Security Plan] | ||
|- | |- | ||
|SSP||Sector Specific Plan | |SSP||Sector Specific Plan | ||
Line 396: | Line 399: | ||
== T == | == T == | ||
{| | {| | ||
|TLS||Transport Layer Security | |TLS||[https://en.wikipedia.org/wiki/Transport_Layer_Security Transport Layer Security] | ||
|- | |- | ||
|TTP||Tactics, Techniques, and Procedures | |TTP||[https://en.wikipedia.org/wiki/Terrorist_Tactics,_Techniques,_and_Procedures Tactics, Techniques, and Procedures] | ||
|} | |} | ||
Line 405: | Line 408: | ||
|U.S.||United States | |U.S.||United States | ||
|- | |- | ||
|UARC||University Affiliated Research Center | |UARC||[https://en.wikipedia.org/wiki/University_Affiliated_Research_Center University Affiliated Research Center] | ||
|- | |- | ||
|UK||United Kingdom | |UK||United Kingdom | ||
|- | |- | ||
|UMD||Universal Media Disc | |UMD||[https://en.wikipedia.org/wiki/Universal_Media_Disc Universal Media Disc] | ||
|- | |- | ||
|URL||Uniform Resource Locator | |URL||[https://en.wikipedia.org/wiki/URL Uniform Resource Locator] | ||
|- | |- | ||
|USB||Universal Serial Bus | |USB||[https://en.wikipedia.org/wiki/USB Universal Serial Bus] | ||
|- | |- | ||
|UTC||Coordinated Universal Time | |UTC||[https://en.wikipedia.org/wiki/Coordinated_Universal_Time Coordinated Universal Time] | ||
|- | |- | ||
|UUENCODE||Unix-to-Unix Encode | |UUENCODE||[https://en.wikipedia.org/wiki/Uuencoding Unix-to-Unix Encode] | ||
|} | |} | ||
== V == | == V == | ||
{| | {| | ||
|VLAN||Virtual Local Area Network | |VLAN||[https://en.wikipedia.org/wiki/Virtual_LAN Virtual Local Area Network] | ||
|- | |- | ||
|VoIP||Voice over Internet Protocol | |VoIP||[https://en.wikipedia.org/wiki/Voice_over_IP Voice over Internet Protocol] | ||
|- | |- | ||
|Vol.||Volume | |Vol.||Volume | ||
|- | |- | ||
|VPN||Virtual Private Network | |VPN||[https://en.wikipedia.org/wiki/Virtual_private_network Virtual Private Network] | ||
|} | |} | ||
== W == | == W == | ||
{| | {| | ||
|WAP||Wireless Access Point | |WAP||[https://en.wikipedia.org/wiki/Wireless_access_point Wireless Access Point] | ||
|- | |- | ||
|WPA2-PSK||WiFi Protected Access-Pre-shared Key | |WPA2-PSK||[https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access WiFi Protected Access-Pre-shared Key] | ||
|} | |} | ||
== X == | == X == | ||
{| | {| | ||
|xD||Extreme Digital (flash memory card device) | |xD||[https://en.wikipedia.org/wiki/XD-Picture_Card Extreme Digital] (flash memory card device) | ||
|} | |} |
Latest revision as of 23:31, 30 November 2022
Source of Reference: The official CMMC Glossary from the Department of Defense Chief Information Officer (DoD CIO).
For inquiries and reporting errors on this wiki, please contact us. Thank you.
A
AA | Audit and Accountability |
ABAC | Attribute-Based Access Control |
AC | Access Control |
ACSC | Australian Cyber Security Centre |
AES | Advanced Encryption Standard |
AIA | Aerospace Industries Association |
AM | Asset Management |
API | Application Programming Interface |
APT | Advanced Persistent Threat |
AT | Awareness and Training |
AU | Audit and Accountability |
B
BYOD | Bring Your Own Device |
C
D
D/A | Department/Agency |
DCISE | DIB Collaborative Information Sharing Environment |
DCS | Distributed Control System |
DD | Represents any two-character CMMC Domain acronym |
DFARS | Defense Federal Acquisition Regulation Supplement |
DHC | Device Health Check |
DIB | Defense Industrial Base |
DKIM | DomainKeys Identified Mail |
DMARC | Domain-based Message Authentication, Reporting, and Conformance |
DMZ | Demilitarized Zone |
DNS | Domain Name System |
DNSSEC | Domain Name System Security |
DoD | Department of Defense |
DoDI | Department of Defense Instruction |
DPCI | Derived PIV Credential Issuers |
DVD | Digital Versatile Disc |
E
E.O. | Executive Order |
eSATA | External Serial Advanced Technology Attachment |
ESP | External Service Provider |
F
G
GDPR | General Data Protection Regulation |
H
HIPAA | Health Insurance Portability and Accountability Act |
HSPD | Homeland Security Presidential Directive |
HTTP | Hypertext Transfer Protocol |
HTTPS | Hypertext Transfer Protocol Secure |
HVA | High-Value Asset |
I
IA | Information Assurance |
IA | Identification and Authentication |
IBAC | Identity-Based Access Control |
IC3 | Internet Crime Complaint Center |
ICAM | Identity, Credential, and Access Management |
ICS | Industrial Control System |
ID | Identification |
IDA | Identification and Authentication |
IDPS | Intrusion Detection and Prevention Systems |
IEC | International Electrotechnical Commission |
IETF | Internet Engineering Task Force |
IIoT | Industrial Internet of Things |
IoT | Internet of Things |
IP | Internet Protocol |
IPSec | Internet Protocol Security |
IR | Incident Response |
IS | Information System |
ISAC | Information Sharing and Analysis Center |
ISAO | Information Sharing and Analysis Organization |
ISCM | Information Security Continuous Monitoring |
ISDN | Integrated Services Digital Network |
ISO | International Organization for Standardization |
IT | Information Technology |
ITIL | Information Technology Infrastructure Library |
L
L# | Level Number |
LAN | Local Area Network |
LSI | Large-Scale Integration |
M
MA | Maintenance |
MAC | Media Access Control |
MC | Maturity Capability |
MC## | Maturity Capability Number |
MDM | Mobile Device Management |
MEP | Manufacturing Extension Partnership |
MFA | Multifactor Authentication |
ML | Maturity Level |
ML# | Maturity Level Number |
MMC | Multimedia Card |
MP | Media Protection |
N
N/A | Not Applicable (NA) |
NARA | National Archives and Records Administration |
NAS | Networked Attached Storage |
NAS | National Aerospace Standard |
NCSC | National Cyber Security Centre |
NIST | National Institute of Standards and Technology |
NISTIR | NIST Interagency (or Internal) Report |
NPE | Non-Person Entity |
NSA | National Security Agency |
NSA/CSS | NSA Central Security Service |
NSPD | National Security Presidential Directive |
NSTISSD | National Security Telecommunications and Information Systems Security Directive |
NTP | Network Time Protocol |
NYSSCPA | New York State Society of CPAs |
O
P
PCI | Personal Identity Verification Card Issuers |
PDA | Personal Digital Assistant |
PE | Physical Protection |
PGP | Pretty Good Privacy |
PII | Personally Identifiable Information |
PIV | Personal Identify Verification |
PKI | Public Key Infrastructure |
PLC | Programmable Logic Controller |
POC | Point of Contact |
POTS | Plain Old Telephone Service |
PP | Physical Protection |
PPD | Presidential Policy Directive |
PS | Personnel Security |
PUB | Publication |
R
RADIUS | Remote Authentication Dial-in User Service |
RE | Recovery |
Rev | Revision |
RF | Radio Frequency |
RFC | Request for Comments |
RM | Risk Management |
RMM | Resilience Management Model |
RMM | Risk Management Model |
RPO | Recovery Point Objectives |
RTO | Recovery Time Objectives |
S
SA | Situational Awareness |
SaaS | Software as a Service |
SAS | Security Assessment |
SC | System and Communications Protection |
SCADA | Supervisory Control and Data Acquisition |
SCRM | Supply Chain Risk Management |
SHA | Security Hash Algorithm |
SI | System and Information Integrity |
SIEM | Security Integration and Event Management |
SMS | Short Message Service |
SOC | Security Operations Center |
SP | Special Publication |
SPF | Sender Policy Framework |
SSC | Secure Socket Layer |
SSD | Solid-State Disk |
SSP | System Security Plan |
SSP | Sector Specific Plan |
T
TLS | Transport Layer Security |
TTP | Tactics, Techniques, and Procedures |
U
U.S. | United States |
UARC | University Affiliated Research Center |
UK | United Kingdom |
UMD | Universal Media Disc |
URL | Uniform Resource Locator |
USB | Universal Serial Bus |
UTC | Coordinated Universal Time |
UUENCODE | Unix-to-Unix Encode |
V
VLAN | Virtual Local Area Network |
VoIP | Voice over Internet Protocol |
Vol. | Volume |
VPN | Virtual Private Network |
W
WAP | Wireless Access Point |
WPA2-PSK | WiFi Protected Access-Pre-shared Key |
X
xD | Extreme Digital (flash memory card device) |