Acronyms and Abbreviations: Difference between revisions

From CMMC Toolkit Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(15 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Source of Reference: The official [https://dodcio.defense.gov/CMMC/Documentation/ CMMC Glossary] from the Department of Defense Chief Information Officer (DoD CIO).'''
For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you.
== A ==
== A ==
{|
{|
|AA||Audit and Accountability
|AA||Audit and Accountability
|-
|-
|ABAC||Attribute-Based Access Control
|ABAC||[https://en.wikipedia.org/wiki/Attribute-based_access_control Attribute-Based Access Control]
|-
|-
|AC||Access Control
|AC||[https://cmmcwiki.org/index.php/Model_Glossary#A Access Control]
|-
|-
|ACSC||Australian Cyber Security Centre
|ACSC||[https://en.wikipedia.org/wiki/Australian_Cyber_Security_Centre Australian Cyber Security Centre]
|-
|-
|AES||Advanced Encryption Standard
|AES||[https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard]
|-
|-
|AIA||Aerospace Industries Association
|AIA||[https://en.wikipedia.org/wiki/Aerospace_Industries_Association Aerospace Industries Association]
|-
|-
|AM||Asset Management
|AM||[https://cmmcwiki.org/index.php/Model_Glossary#A Asset Management]
|-
|-
|API||Application Programming Interface
|API||[https://en.wikipedia.org/wiki/API Application Programming Interface]
|-
|-
|APT||Advanced Persistent Threat
|APT||[https://cmmcwiki.org/index.php/Model_Glossary#A Advanced Persistent Threat]
|-
|-
|AT||Awareness and Training
|AT||[https://cmmcwiki.org/index.php/Model_Glossary#A Awareness and Training]
|-
|-
|AU||Audit and Accountability
|AU||Audit and Accountability
Line 26: Line 30:
== B ==
== B ==
{|
{|
|BYOD||Bring Your Own Device
|BYOD||[https://en.wikipedia.org/wiki/Bring_your_own_device Bring Your Own Device]
|}
|}


Line 33: Line 37:
|C2M2||Cybersecurity Capability Maturity Model
|C2M2||Cybersecurity Capability Maturity Model
|-
|-
|C3PAO||CMMC Third-Party Assessment Organization
|C3PAO||[https://cmmcab.org/c3pao-lp/ CMMC Third-Party Assessment Organization]
|-
|-
|CA||Security Assessment
|CA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment]
|-
|-
|CD-ROM||Compact Disc Read-Only Memory
|CD-ROM||[https://en.wikipedia.org/wiki/CD-ROM Compact Disc Read-Only Memory]
|-
|-
|CDI||Covered Defense Information
|CDI||[https://cmmcwiki.org/index.php/Model_Glossary#C Covered Defense Information]
|-
|-
|CDI||Covered Defense Information
|CEA||[https://en.wikipedia.org/wiki/Council_of_Economic_Advisers Council of Economic Advisers]
|-
|-
|CEA||Council of Economic Advisers
|CERT||[https://en.wikipedia.org/wiki/Computer_emergency_response_team Computer Emergency Response Team]
|-
|CERT||Computer Emergency Response Team
|-
|-
|CERT RMM||CERT® Resilience Management Model
|CERT RMM||CERT® Resilience Management Model
|-
|-
|CFR||Code of Federal Regulations
|CFR||[https://en.wikipedia.org/wiki/Code_of_Federal_Regulations Code of Federal Regulations]
|-
|-
CI||Configuration Item
|CI||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Item]
|-
|-
CIO||Chief Information Officer
|CIO||[https://en.wikipedia.org/wiki/Chief_information_officer Chief Information Officer]
|-
|-
CIS||Computer Information System
|CIS||Computer Information System
|-
|-
CIS||Center for Internet Security
|CIS||[https://en.wikipedia.org/wiki/Center_for_Internet_Security Center for Internet Security]
|-
|-
CISA||Cybersecurity and Infrastructure Security Agency
|CISA||[https://en.wikipedia.org/wiki/Cybersecurity_and_Infrastructure_Security_Agency Cybersecurity and Infrastructure Security Agency]
|-
|-
CM||Configuration Management
|CM||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Management]
|-
|-
CMMC||Cybersecurity Maturity Model Certification
|CMMC||[https://www.acq.osd.mil/cmmc/index.html Cybersecurity Maturity Model Certification]
|-
|-
CNSSD||Committee on National Security Systems Directive
|CNSSD||[Committee on National Security Systems Directive Committee on National Security Systems] Directive
|-
|-
CNSSI||Committee on National Security Systems Instructions
|CNSSI||[Committee on National Security Systems Directive Committee on National Security Systems] Instructions
|-
|-
|COMSEC||Communications Security
|COMSEC||[https://en.wikipedia.org/wiki/Communications_security Communications Security]
|-
|-
CPI||Critical Program Information
|CPI||Critical Program Information
|-
|-
CSF||Cybersecurity Framework
|CSF||[https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework Cybersecurity Framework]
|-
|-
CSIS||Center for Strategic and International Studies
|CSIS||[https://en.wikipedia.org/wiki/Center_for_Strategic_and_International_Studies Center for Strategic and International Studies]
|-
|-
CSP||Credential Service Provider
|CSP||[https://en.wikipedia.org/wiki/Credential_service_provider Credential Service Provider]
|-
|-
CTI||Controlled Technical Information
|CTI||Controlled Technical Information
|-
|-
CUI||Controlled Unclassified Information
|CUI||[https://cmmcwiki.org/index.php/Model_Glossary#C Controlled Unclassified Information]
|-
|-
CVE||Common Vulnerabilities and Exposures
|CVE||[https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilities and Exposures]
|-
|-
CVMP||Cryptographic Module Validation Program
|CVMP||[https://en.wikipedia.org/wiki/Cryptographic_Module_Validation_Program Cryptographic Module Validation Program]
|-
|-
CWE||Common Weakness Enumeration
|CWE||[https://en.wikipedia.org/wiki/Common_Weakness_Enumeration Common Weakness Enumeration]
|}
|}


== D ==
== D ==
{|
{|
D/A
|D/A||Department/Agency
|Department/Agency
|-
|-
DCISE
|DCISE||[https://en.wikipedia.org/wiki/Department_of_Defense_Cyber_Crime_Center#DIB_Cybersecurity DIB Collaborative Information Sharing Environment]
|DIB Collaborative Information Sharing Environment
|-
|-
DCS
|DCS||[https://en.wikipedia.org/wiki/Distributed_control_system Distributed Control System]
|Distributed Control System
|-
|-
DD
|DD||Represents any two-character CMMC Domain acronym
|Represents any two-character CMMC Domain acronym
|-
|-
DFARS
|DFARS||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation#Supplements Defense Federal Acquisition Regulation Supplement]
|Defense Federal Acquisition Regulation Supplement
|-
|-
DHC
|DHC||Device Health Check
|Device Health Check
|-
|-
DIB
|DIB||[https://cmmcwiki.org/index.php/Model_Glossary#D Defense Industrial Base]
|Defense Industrial Base
|-
|-
DKIM
|DKIM||[https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail DomainKeys Identified Mail]
|Domain Key Identified Mail
|-
|-
DMARC
|DMARC||[https://en.wikipedia.org/wiki/DMARC Domain-based Message Authentication, Reporting, and Conformance]
|Domain-based Message Authentication, Reporting, and Conformance DMZ
|Demilitarized Zone
|-
|-
DNS
|DMZ||[https://cmmcwiki.org/index.php/Model_Glossary#D Demilitarized Zone]
|Domain Name System
|-
|-
DNSSEC
|DNS||[https://en.wikipedia.org/wiki/Domain_Name_System Domain Name System]
|Domain Name System Security
|-
|-
DoD
|DNSSEC||[https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions Domain Name System Security]
|Department of Defense
|-
|-
DoDI
|DoD||[https://en.wikipedia.org/wiki/Department_of_Defence Department of Defense]
|Department of Defense Instruction
|-
|-
DPCI
|DoDI||Department of Defense Instruction
|Derived PIV Credential Issuers
|-
|-
DVD
|DPCI||Derived PIV Credential Issuers
|Digital Versatile Disc
|-
|DVD||[https://en.wikipedia.org/wiki/DVD Digital Versatile Disc]
|}
 
== E ==
{|
|E.O.||[https://en.wikipedia.org/wiki/Executive_order Executive Order]
|-
|-
E.O.
|eSATA||External [https://en.wikipedia.org/wiki/Serial_ATA Serial Advanced Technology Attachment]
|Executive Order
|-
|-
eSATA
|ESP||External Service Provider
|External Serial Advanced Technology Attachment
|}
 
== F ==
{|
|FAQ||[https://en.wikipedia.org/wiki/FAQ Frequently Asked Question]
|-
|-
ESP
|FAR||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation Federal Acquisition Regulation]
|External Service Provider
|-
|-
FAQ
|FBI||[https://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation Federal Bureau of Investigation]
|Frequently Asked Question
|-
|-
FAR
|FCI||[https://cmmcwiki.org/index.php/Model_Glossary#F Federal Contract Information]
|Federal Acquisition Regulation
|-
|-
FBI
|FDDI||[https://en.wikipedia.org/wiki/Fiber_Distributed_Data_Interface Fiber Distributed Data Interface]
|Federal Bureau of Investigation
|-
|-
FCI
|FDE||[https://en.wikipedia.org/wiki/Disk_encryption Full Disk Encryption]
|Federal Contract Information
|-
|-
FDDI
|FedRAMP||[https://en.wikipedia.org/wiki/FedRAMP Federal Risk and Authorization Management Program]
|Fiber Distributed Data Interface
|-
|-
FDE
|FFRDC||[https://en.wikipedia.org/wiki/Federally_funded_research_and_development_centers Federally Funded Research and Development Center]
|Full Disk Encryption
|-
|-
FedRAMP
|FIPS||[https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards Federal Information Processing Standard]
|Federal Risk and Authorization Management Program
|-
|-
|FTP||[https://en.wikipedia.org/wiki/File_Transfer_Protocol File Transfer Protocol]
|}


CMMC Glossary and Acronyms  Version 2.0
== G ==
|31   
{|
|GDPR||[https://en.wikipedia.org/wiki/General_Data_Protection_Regulation General Data Protection Regulation]
|}


 
== H ==
 
{|
 
|HIPAA||[https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act Health Insurance Portability and Accountability Act]
FFRDC
|Federally Funded Research and Development Center  FIPS
|Federal Information Processing Standard
|-
|-
FTP
|HSPD||[https://en.wikipedia.org/wiki/Presidential_directive#Homeland_Security_Presidential_Directive Homeland Security Presidential Directive]
|File Transfer Protocol
|-
|-
GDPR
|HTTP||[https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol Hypertext Transfer Protocol]
|General Data Protection Regulation
|-
|-
HIPAA
|HTTPS||[https://en.wikipedia.org/wiki/HTTPS Hypertext Transfer Protocol Secure]
|Health Insurance Portability and Accountability Act  HSPD
|Homeland Security Presidential Directive
|-
|-
HTTP
|HVA||[https://cmmcwiki.org/index.php/Model_Glossary#H High-Value Asset]
|Hypertext Transfer Protocol
|}
 
== I ==
{|
|IA||[https://en.wikipedia.org/wiki/Information_assurance Information Assurance]
|-
|-
HTTPS
|IA||Identification and Authentication
|Hypertext Transfer Protocol Secure
|-
|-
HVA
|IBAC||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity-Based Access Control]
|High-Value Asset
|-
|-
IA
|IC3||[https://en.wikipedia.org/wiki/Internet_Crime_Complaint_Center Internet Crime Complaint Center]
|Information Assurance
|-
|-
IA
|ICAM||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity, Credential, and Access Management]
|Identification and Authentication
|-
|-
IBAC
|ICS||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Control System]
|Identity-Based Access Control
|-
|-
IC3
|ID||[https://cmmcwiki.org/index.php/Model_Glossary#I Identification]
|Internet Crime Complaint Center
|-
|-
ICAM
|IDA||Identification and Authentication
|Identity, Credential, and Access Management
|-
|-
ICS
|IDPS||[https://en.wikipedia.org/wiki/Intrusion_detection_system Intrusion Detection and Prevention Systems]
|Industrial Control System
|-
|-
ID
|IEC||[https://en.wikipedia.org/wiki/International_Electrotechnical_Commission International Electrotechnical Commission]
|Identification
|-
|-
IDA
|IETF||[https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force Internet Engineering Task Force]
|Identification and Authentication
|-
|-
IDPS
|IIoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Internet of Things]
|Intrusion Detection and Prevention Systems
|-
|-
IEC
|IoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Internet of Things]
|International Electrotechnical Commission
|-
|-
IETF
|IP||[https://en.wikipedia.org/wiki/Internet_Protocol Internet Protocol]
|Internet Engineering Task Force
|-
|-
IIoT
|IPSec||[https://en.wikipedia.org/wiki/IPsec Internet Protocol Security]
|Industrial Internet of Things
|-
|-
IoT
|IR||[https://cmmcwiki.org/index.php/Model_Glossary#I Incident Response]
|Internet of Things
|-
|-
IP
|IS||[https://cmmcwiki.org/index.php/Model_Glossary#I Information System]
|Internet Protocol
|-
|-
IPSec
|ISAC||[https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center Information Sharing and Analysis Center]
|Internet Protocol Security
|-
|-
IR
|ISAO||Information Sharing and Analysis Organization
|Incident Response
|-
|-
IS
|ISCM||Information Security Continuous Monitoring
|Information System
|-
|-
ISAC
|ISDN||[https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network Integrated Services Digital Network]
|Information Sharing and Analysis Center
|-
|-
ISAO
|ISO||[https://en.wikipedia.org/wiki/International_Organization_for_Standardization International Organization for Standardization]
|Information Sharing and Analysis Organization
|-
|-
ISCM
|IT||[https://en.wikipedia.org/wiki/Information_technology Information Technology]
|Information Security Continuous Monitoring
|-
|-
ISDN
|ITIL||[https://en.wikipedia.org/wiki/ITIL Information Technology Infrastructure Library]
|Integrated Services Digital Network
|}
|-
ISO
|International Organization for Standardization
|-
IT
|Information Technology
|-
ITIL
|Information Technology Infrastructure Library
|-
L#
|Level Number
|-
LAN
|Local Area Network
|-
LSI
|Large-Scale Integration
|-


 
== L ==
Acronyms and Abbreviations
{|
|L#||Level Number
|-
|-
 
|LAN||[https://en.wikipedia.org/wiki/Local_area_network Local Area Network]
CMMC Glossary and Acronyms  Version 2.0
|32   
 
Acronyms and Abbreviations
|-
|-
|LSI||[https://en.wikipedia.org/wiki/Integrated_circuit#LSI Large-Scale Integration]
|}


MA
== M ==
|Maintenance
{|
|MA||[https://cmmcwiki.org/index.php/Model_Glossary#M Maintenance]
|-
|-
MAC
|MAC||[https://en.wikipedia.org/wiki/Medium_access_control Media Access Control]
|Media Access Control
|-
|-
MC
|MC||Maturity Capability
|Maturity Capability
|-
|-
MC##
|MC##||Maturity Capability Number
|Maturity Capability Number
|-
|-
MDM
|MDM||[https://en.wikipedia.org/wiki/Mobile_device_management Mobile Device Management]
|Mobile Device Management
|-
|-
MEP
|MEP||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology#MEP Manufacturing Extension Partnership]
|Manufacturing Extension Partnership
|-
|-
MFA
|MFA||[https://cmmcwiki.org/index.php/Model_Glossary#M Multifactor Authentication]
|Multifactor Authentication
|-
|-
ML
|ML||Maturity Level
|Maturity Level
|-
|-
ML#
|ML#||Maturity Level Number
|Maturity Level Number
|-
|-
MMC
|MMC||[https://en.wikipedia.org/wiki/MultiMediaCard Multimedia Card]
|Multimedia Card
|-
|-
MP
|MP||Media Protection
|Media Protection
|}
 
== N ==
{|
|N/A||Not Applicable (NA)
|-
|-
N/A
|NARA||[https://en.wikipedia.org/wiki/National_Archives_and_Records_Administration National Archives and Records Administration]
|Not Applicable (NA)
|-
|-
NARA
|NAS||[https://en.wikipedia.org/wiki/Network-attached_storage Networked Attached Storage]
|National Archives and Records Administration
|-
|-
NAS
|NAS||National Aerospace Standard
|Networked Attached Storage
|-
|-
NAS
|NCSC||[https://en.wikipedia.org/wiki/National_Cyber_Security_Centre National Cyber Security Centre]
|National Aerospace Standard
|-
|-
NCSC
|NIST||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology National Institute of Standards and Technology]
|National Cyber Security Centre
|-
|-
NIST
|NISTIR||NIST Interagency (or Internal) Report
|National Institute of Standards and Technology
|-
|-
NISTIR
|NPE||Non-Person Entity
|NIST Interagency (or Internal) Report
|-
|-
NPE
|NSA||[https://en.wikipedia.org/wiki/National_Security_Agency National Security Agency]
|Non-Person Entity
|-
|-
NSA
|NSA/CSS||NSA Central Security Service
|National Security Agency
|-
|-
NSA/CSS
|NSPD||[https://en.wikipedia.org/wiki/National_security_directive National Security Presidential Directive]
|NSA Central Security Service
|-
|-
NSPD
|NSTISSD||National Security Telecommunications and Information Systems Security Directive
|National Security Presidential Directive
|-
|-
NSTISSD
|NTP||[https://en.wikipedia.org/wiki/Network_Time_Protocol Network Time Protocol]
|National Security Telecommunications and Information Systems Security Directive  NTP
|Network Time Protocol
|-
|-
NYSSCPA
|NYSSCPA||New York State Society of CPAs
|New York State Society of CPAs
|}
 
== O ==
{|
|OMB||[https://en.wikipedia.org/wiki/Office_of_Management_and_Budget Office of Management and Budget]
|-
|-
OMB
|OS||[https://en.wikipedia.org/wiki/Operating_system Operating System]
|Office of Management and Budget
|-
|-
OS
|OSC||[https://cmmcwiki.org/index.php/Model_Glossary#O Organization Seeking Certification]
|Operating System
|-
|-
OSC
|OT||[https://cmmcwiki.org/index.php/Model_Glossary#O Operational Technology]
|Organization Seeking Certification
|-
|-
OT
|OUSD A&S||[https://en.wikipedia.org/wiki/Under_Secretary_of_Defense_for_Acquisition_and_Sustainment Office of the Under Secretary of Defense for Acquisition and Sustainment]
|Operational Technology
|}
 
== P ==
{|
|PCI||Personal Identity Verification Card Issuers
|-
|-
OUSD A&S
|PDA||[https://en.wikipedia.org/wiki/Personal_digital_assistant Personal Digital Assistant]
|Office of the Under Secretary of Defense for Acquisition and Sustainment
|-
|-
PCI
|PE||Physical Protection
|Personal Identity Verification Card Issuers
|-
|-
PDA
|PGP||[https://en.wikipedia.org/wiki/Pretty_Good_Privacy Pretty Good Privacy]
|Personal Digital Assistant
|-
|-
PE
|PII||[https://cmmcwiki.org/index.php/Model_Glossary#P Personally Identifiable Information]
|Physical Protection
|-
|-
PGP
|PIV||Personal Identify Verification
|Pretty Good Privacy
|-
|-
PII
|PKI||[https://en.wikipedia.org/wiki/Public_key_infrastructure Public Key Infrastructure]
|Personally Identifiable Information
|-
|-
PIV
|PLC||[https://en.wikipedia.org/wiki/Programmable_logic_controller Programmable Logic Controller]
|Personal Identify Verification
|-
|-
 
|POC||[https://en.wikipedia.org/wiki/Point_of_contact Point of Contact]
CMMC Glossary and Acronyms  Version 2.0
|33   
 
 
 
 
PKI
|Public Key Infrastructure
|-
|-
PLC
|POTS||[https://en.wikipedia.org/wiki/Plain_old_telephone_service Plain Old Telephone Service]
|Programmable Logic Controller
|-
|-
POC
|PP||Physical Protection
|Point of Contact
|-
|-
POTS
|PPD||[https://en.wikipedia.org/wiki/National_security_directive Presidential Policy Directive]
|Plain Old Telephone Service
|-
|-
PP
|PS||Personnel Security
|Physical Protection
|-
|-
PPD
|PUB||[https://en.wikipedia.org/wiki/Publication Publication]
|Presidential Policy Directive
|}
 
== R ==
{|
|RADIUS||[https://en.wikipedia.org/wiki/RADIUS Remote Authentication Dial-in User Service]
|-
|-
PS
|RE||[https://cmmcwiki.org/index.php/Model_Glossary#R Recovery]
|Personnel Security
|-
|-
PUB
|Rev||Revision
|Publication
|-
|-
RADIUS
|RF||[https://en.wikipedia.org/wiki/Radio_frequency Radio Frequency]
|Remote Authentication Dial-in User Service  RE
|Recovery
|-
|-
Rev
|RFC||[https://en.wikipedia.org/wiki/Request_for_Comments Request for Comments]
|Revision
|-
|-
RF
|RM||[https://cmmcwiki.org/index.php/Model_Glossary#R Risk Management]
|Radio Frequency
|-
|-
RFC
|RMM||Resilience Management Model
|Request for Comments
|-
|-
RM
|RMM||Risk Management Model
|Risk Management
|-
|-
RMM
|RPO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Point_Objective Recovery Point Objectives]
|Resilience Management Model
|-
|-
RMM
|RTO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Time_Objective Recovery Time Objectives]
|Risk Management Model
|}
 
== S ==
{|
|SA||[https://cmmcwiki.org/index.php/Model_Glossary#S Situational Awareness]
|-
|-
RPO
|SaaS||[https://en.wikipedia.org/wiki/Software_as_a_service Software as a Service]
|Recovery Point Objectives
|-
|-
RTO
|SAS||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment]
|Recovery Time Objectives
|-
|-
SA
|SC||System and Communications Protection
|Situational Awareness
|-
|-
SaaS
|SCADA||[https://en.wikipedia.org/wiki/SCADA Supervisory Control and Data Acquisition]
|Software as a Service
|-
|-
SAS
|SCRM||[https://cmmcwiki.org/index.php/Model_Glossary#S Supply Chain Risk Management]
|Security Assessment
|-
|-
SC
|SHA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Hash Algorithm]
|System and Communications Protection  SCADA
|Supervisory Control and Data Acquisition  SCRM
|Supply Chain Risk Management
|-
|-
SHA
|SI||System and Information Integrity
|Security Hash Algorithm
|-
|-
SI
|SIEM||[https://en.wikipedia.org/wiki/Security_information_and_event_management Security Integration and Event Management]
|System and Information Integrity
|-
|-
SIEM
|SMS||[https://en.wikipedia.org/wiki/SMS Short Message Service]
|Security Integration and Event Management  SMS
|Short Message Service
|-
|-
SOC
|SOC||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Operations Center]
|Security Operations Center
|-
|-
SP
|SP||Special Publication
|Special Publication
|-
|-
SPF
|SPF||[https://en.wikipedia.org/wiki/Sender_Policy_Framework Sender Policy Framework]
|Sender Policy Framework
|-
|-
SSC
|SSC||[https://en.wikipedia.org/wiki/Transport_Layer_Security Secure Socket Layer]
|Secure Socket Layer
|-
|-
SSD
|SSD||[https://en.wikipedia.org/wiki/Solid-state_drive Solid-State Disk]
|Solid-State Disk
|-
|-
SSP
|SSP||[https://cmmcwiki.org/index.php/Model_Glossary#S System Security Plan]
|System Security Plan
|-
|-
SSP
|SSP||Sector Specific Plan
|Sector Specific Plan
|}
|-
TLS
|Transport Layer Security
|-


 
== T ==
Acronyms and Abbreviations
{|
|TLS||[https://en.wikipedia.org/wiki/Transport_Layer_Security Transport Layer Security]
|-
|-
|TTP||[https://en.wikipedia.org/wiki/Terrorist_Tactics,_Techniques,_and_Procedures Tactics, Techniques, and Procedures]
|}


CMMC Glossary and Acronyms  Version 2.0
== U ==
|34   
{|
 
|U.S.||United States
 
 
 
TTP
|Tactics, Techniques, and Procedures
|-
|-
U.S.
|UARC||[https://en.wikipedia.org/wiki/University_Affiliated_Research_Center University Affiliated Research Center]
|United States
|-
|-
UARC
|UK||United Kingdom
|University Affiliated Research Center
|-
|-
UK
|UMD||[https://en.wikipedia.org/wiki/Universal_Media_Disc Universal Media Disc]
|United Kingdom
|-
|-
UMD
|URL||[https://en.wikipedia.org/wiki/URL Uniform Resource Locator]
|Universal Media Disc
|-
|-
URL
|USB||[https://en.wikipedia.org/wiki/USB Universal Serial Bus]
|Uniform Resource Locator
|-
|-
USB
|UTC||[https://en.wikipedia.org/wiki/Coordinated_Universal_Time Coordinated Universal Time]
|Universal Serial Bus
|-
|-
UTC
|UUENCODE||[https://en.wikipedia.org/wiki/Uuencoding Unix-to-Unix Encode]
|Coordinated Universal Time
|}
 
== V ==
{|
|VLAN||[https://en.wikipedia.org/wiki/Virtual_LAN Virtual Local Area Network]
|-
|-
UUENCODE
|VoIP||[https://en.wikipedia.org/wiki/Voice_over_IP Voice over Internet Protocol]
|Unix-to-Unix Encode
|-
|-
VLAN
|Vol.||Volume
|Virtual Local Area Network
|-
|-
VoIP
|VPN||[https://en.wikipedia.org/wiki/Virtual_private_network Virtual Private Network]
|Voice over Internet Protocol
|}
|-
 
Vol.
== W ==
|Volume
{|
|-
|WAP||[https://en.wikipedia.org/wiki/Wireless_access_point Wireless Access Point]
VPN
|Virtual Private Network
|-
WAP
|Wireless Access Point
|-
WPA2-PSK
|WiFi Protected Access-Pre-shared Key
|-
xD
|Extreme Digital (flash memory card device)
|-
|-
|WPA2-PSK||[https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access WiFi Protected Access-Pre-shared Key]
|}
== X ==
{|
|xD||[https://en.wikipedia.org/wiki/XD-Picture_Card Extreme Digital] (flash memory card device)
|}
|}

Latest revision as of 23:31, 30 November 2022

Source of Reference: The official CMMC Glossary from the Department of Defense Chief Information Officer (DoD CIO).

For inquiries and reporting errors on this wiki, please contact us. Thank you.

A

AA Audit and Accountability
ABAC Attribute-Based Access Control
AC Access Control
ACSC Australian Cyber Security Centre
AES Advanced Encryption Standard
AIA Aerospace Industries Association
AM Asset Management
API Application Programming Interface
APT Advanced Persistent Threat
AT Awareness and Training
AU Audit and Accountability

B

BYOD Bring Your Own Device

C

C2M2 Cybersecurity Capability Maturity Model
C3PAO CMMC Third-Party Assessment Organization
CA Security Assessment
CD-ROM Compact Disc Read-Only Memory
CDI Covered Defense Information
CEA Council of Economic Advisers
CERT Computer Emergency Response Team
CERT RMM CERT® Resilience Management Model
CFR Code of Federal Regulations
CI Configuration Item
CIO Chief Information Officer
CIS Computer Information System
CIS Center for Internet Security
CISA Cybersecurity and Infrastructure Security Agency
CM Configuration Management
CMMC Cybersecurity Maturity Model Certification
CNSSD [Committee on National Security Systems Directive Committee on National Security Systems] Directive
CNSSI [Committee on National Security Systems Directive Committee on National Security Systems] Instructions
COMSEC Communications Security
CPI Critical Program Information
CSF Cybersecurity Framework
CSIS Center for Strategic and International Studies
CSP Credential Service Provider
CTI Controlled Technical Information
CUI Controlled Unclassified Information
CVE Common Vulnerabilities and Exposures
CVMP Cryptographic Module Validation Program
CWE Common Weakness Enumeration

D

D/A Department/Agency
DCISE DIB Collaborative Information Sharing Environment
DCS Distributed Control System
DD Represents any two-character CMMC Domain acronym
DFARS Defense Federal Acquisition Regulation Supplement
DHC Device Health Check
DIB Defense Industrial Base
DKIM DomainKeys Identified Mail
DMARC Domain-based Message Authentication, Reporting, and Conformance
DMZ Demilitarized Zone
DNS Domain Name System
DNSSEC Domain Name System Security
DoD Department of Defense
DoDI Department of Defense Instruction
DPCI Derived PIV Credential Issuers
DVD Digital Versatile Disc

E

E.O. Executive Order
eSATA External Serial Advanced Technology Attachment
ESP External Service Provider

F

FAQ Frequently Asked Question
FAR Federal Acquisition Regulation
FBI Federal Bureau of Investigation
FCI Federal Contract Information
FDDI Fiber Distributed Data Interface
FDE Full Disk Encryption
FedRAMP Federal Risk and Authorization Management Program
FFRDC Federally Funded Research and Development Center
FIPS Federal Information Processing Standard
FTP File Transfer Protocol

G

GDPR General Data Protection Regulation

H

HIPAA Health Insurance Portability and Accountability Act
HSPD Homeland Security Presidential Directive
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
HVA High-Value Asset

I

IA Information Assurance
IA Identification and Authentication
IBAC Identity-Based Access Control
IC3 Internet Crime Complaint Center
ICAM Identity, Credential, and Access Management
ICS Industrial Control System
ID Identification
IDA Identification and Authentication
IDPS Intrusion Detection and Prevention Systems
IEC International Electrotechnical Commission
IETF Internet Engineering Task Force
IIoT Industrial Internet of Things
IoT Internet of Things
IP Internet Protocol
IPSec Internet Protocol Security
IR Incident Response
IS Information System
ISAC Information Sharing and Analysis Center
ISAO Information Sharing and Analysis Organization
ISCM Information Security Continuous Monitoring
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
IT Information Technology
ITIL Information Technology Infrastructure Library

L

L# Level Number
LAN Local Area Network
LSI Large-Scale Integration

M

MA Maintenance
MAC Media Access Control
MC Maturity Capability
MC## Maturity Capability Number
MDM Mobile Device Management
MEP Manufacturing Extension Partnership
MFA Multifactor Authentication
ML Maturity Level
ML# Maturity Level Number
MMC Multimedia Card
MP Media Protection

N

N/A Not Applicable (NA)
NARA National Archives and Records Administration
NAS Networked Attached Storage
NAS National Aerospace Standard
NCSC National Cyber Security Centre
NIST National Institute of Standards and Technology
NISTIR NIST Interagency (or Internal) Report
NPE Non-Person Entity
NSA National Security Agency
NSA/CSS NSA Central Security Service
NSPD National Security Presidential Directive
NSTISSD National Security Telecommunications and Information Systems Security Directive
NTP Network Time Protocol
NYSSCPA New York State Society of CPAs

O

OMB Office of Management and Budget
OS Operating System
OSC Organization Seeking Certification
OT Operational Technology
OUSD A&S Office of the Under Secretary of Defense for Acquisition and Sustainment

P

PCI Personal Identity Verification Card Issuers
PDA Personal Digital Assistant
PE Physical Protection
PGP Pretty Good Privacy
PII Personally Identifiable Information
PIV Personal Identify Verification
PKI Public Key Infrastructure
PLC Programmable Logic Controller
POC Point of Contact
POTS Plain Old Telephone Service
PP Physical Protection
PPD Presidential Policy Directive
PS Personnel Security
PUB Publication

R

RADIUS Remote Authentication Dial-in User Service
RE Recovery
Rev Revision
RF Radio Frequency
RFC Request for Comments
RM Risk Management
RMM Resilience Management Model
RMM Risk Management Model
RPO Recovery Point Objectives
RTO Recovery Time Objectives

S

SA Situational Awareness
SaaS Software as a Service
SAS Security Assessment
SC System and Communications Protection
SCADA Supervisory Control and Data Acquisition
SCRM Supply Chain Risk Management
SHA Security Hash Algorithm
SI System and Information Integrity
SIEM Security Integration and Event Management
SMS Short Message Service
SOC Security Operations Center
SP Special Publication
SPF Sender Policy Framework
SSC Secure Socket Layer
SSD Solid-State Disk
SSP System Security Plan
SSP Sector Specific Plan

T

TLS Transport Layer Security
TTP Tactics, Techniques, and Procedures

U

U.S. United States
UARC University Affiliated Research Center
UK United Kingdom
UMD Universal Media Disc
URL Uniform Resource Locator
USB Universal Serial Bus
UTC Coordinated Universal Time
UUENCODE Unix-to-Unix Encode

V

VLAN Virtual Local Area Network
VoIP Voice over Internet Protocol
Vol. Volume
VPN Virtual Private Network

W

WAP Wireless Access Point
WPA2-PSK WiFi Protected Access-Pre-shared Key

X

xD Extreme Digital (flash memory card device)