Acronyms and Abbreviations: Difference between revisions

From CMMC Toolkit Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Source of Reference: The official [https://www.acq.osd.mil/cmmc/documentation.html CMMC Glossary] from the Office of the Under Secretary of Defense Acquisition & Sustainment.'''
'''Source of Reference: The official [https://dodcio.defense.gov/CMMC/Documentation/ CMMC Glossary] from the Department of Defense Chief Information Officer (DoD CIO).'''


For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you.
For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you.
Line 7: Line 7:
|AA||Audit and Accountability
|AA||Audit and Accountability
|-
|-
|ABAC||Attribute-Based Access Control
|ABAC||[https://en.wikipedia.org/wiki/Attribute-based_access_control Attribute-Based Access Control]
|-
|-
|AC||Access Control
|AC||[https://cmmcwiki.org/index.php/Model_Glossary#A Access Control]
|-
|-
|ACSC||Australian Cyber Security Centre
|ACSC||[https://en.wikipedia.org/wiki/Australian_Cyber_Security_Centre Australian Cyber Security Centre]
|-
|-
|AES||Advanced Encryption Standard
|AES||[https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard]
|-
|-
|AIA||Aerospace Industries Association
|AIA||[https://en.wikipedia.org/wiki/Aerospace_Industries_Association Aerospace Industries Association]
|-
|-
|AM||Asset Management
|AM||[https://cmmcwiki.org/index.php/Model_Glossary#A Asset Management]
|-
|-
|API||Application Programming Interface
|API||[https://en.wikipedia.org/wiki/API Application Programming Interface]
|-
|-
|APT||Advanced Persistent Threat
|APT||[https://cmmcwiki.org/index.php/Model_Glossary#A Advanced Persistent Threat]
|-
|-
|AT||Awareness and Training
|AT||[https://cmmcwiki.org/index.php/Model_Glossary#A Awareness and Training]
|-
|-
|AU||Audit and Accountability
|AU||Audit and Accountability
Line 30: Line 30:
== B ==
== B ==
{|
{|
|BYOD||Bring Your Own Device
|BYOD||[https://en.wikipedia.org/wiki/Bring_your_own_device Bring Your Own Device]
|}
|}


Line 37: Line 37:
|C2M2||Cybersecurity Capability Maturity Model
|C2M2||Cybersecurity Capability Maturity Model
|-
|-
|C3PAO||CMMC Third-Party Assessment Organization
|C3PAO||[https://cmmcab.org/c3pao-lp/ CMMC Third-Party Assessment Organization]
|-
|-
|CA||Security Assessment
|CA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment]
|-
|-
|CD-ROM||Compact Disc Read-Only Memory
|CD-ROM||[https://en.wikipedia.org/wiki/CD-ROM Compact Disc Read-Only Memory]
|-
|-
|CDI||Covered Defense Information
|CDI||[https://cmmcwiki.org/index.php/Model_Glossary#C Covered Defense Information]
|-
|-
|CEA||Council of Economic Advisers
|CEA||[https://en.wikipedia.org/wiki/Council_of_Economic_Advisers Council of Economic Advisers]
|-
|-
|CERT||Computer Emergency Response Team
|CERT||[https://en.wikipedia.org/wiki/Computer_emergency_response_team Computer Emergency Response Team]
|-
|-
|CERT RMM||CERT® Resilience Management Model
|CERT RMM||CERT® Resilience Management Model
|-
|-
|CFR||Code of Federal Regulations
|CFR||[https://en.wikipedia.org/wiki/Code_of_Federal_Regulations Code of Federal Regulations]
|-
|-
|CI||Configuration Item
|CI||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Item]
|-
|-
|CIO||Chief Information Officer
|CIO||[https://en.wikipedia.org/wiki/Chief_information_officer Chief Information Officer]
|-
|-
|CIS||Computer Information System
|CIS||Computer Information System
|-
|-
|CIS||Center for Internet Security
|CIS||[https://en.wikipedia.org/wiki/Center_for_Internet_Security Center for Internet Security]
|-
|-
|CISA||Cybersecurity and Infrastructure Security Agency
|CISA||[https://en.wikipedia.org/wiki/Cybersecurity_and_Infrastructure_Security_Agency Cybersecurity and Infrastructure Security Agency]
|-
|-
|CM||Configuration Management
|CM||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Management]
|-
|-
|CMMC||Cybersecurity Maturity Model Certification
|CMMC||[https://www.acq.osd.mil/cmmc/index.html Cybersecurity Maturity Model Certification]
|-
|-
|CNSSD||Committee on National Security Systems Directive
|CNSSD||[Committee on National Security Systems Directive Committee on National Security Systems] Directive
|-
|-
|CNSSI||Committee on National Security Systems Instructions
|CNSSI||[Committee on National Security Systems Directive Committee on National Security Systems] Instructions
|-
|-
|COMSEC||Communications Security
|COMSEC||[https://en.wikipedia.org/wiki/Communications_security Communications Security]
|-
|-
|CPI||Critical Program Information
|CPI||Critical Program Information
|-
|-
|CSF||Cybersecurity Framework
|CSF||[https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework Cybersecurity Framework]
|-
|-
|CSIS||Center for Strategic and International Studies
|CSIS||[https://en.wikipedia.org/wiki/Center_for_Strategic_and_International_Studies Center for Strategic and International Studies]
|-
|-
|CSP||Credential Service Provider
|CSP||[https://en.wikipedia.org/wiki/Credential_service_provider Credential Service Provider]
|-
|-
|CTI||Controlled Technical Information
|CTI||Controlled Technical Information
|-
|-
|CUI||Controlled Unclassified Information
|CUI||[https://cmmcwiki.org/index.php/Model_Glossary#C Controlled Unclassified Information]
|-
|-
|CVE||Common Vulnerabilities and Exposures
|CVE||[https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilities and Exposures]
|-
|-
|CVMP||Cryptographic Module Validation Program
|CVMP||[https://en.wikipedia.org/wiki/Cryptographic_Module_Validation_Program Cryptographic Module Validation Program]
|-
|-
|CWE||Common Weakness Enumeration
|CWE||[https://en.wikipedia.org/wiki/Common_Weakness_Enumeration Common Weakness Enumeration]
|}
|}


Line 96: Line 96:
|D/A||Department/Agency
|D/A||Department/Agency
|-
|-
|DCISE||DIB Collaborative Information Sharing Environment
|DCISE||[https://en.wikipedia.org/wiki/Department_of_Defense_Cyber_Crime_Center#DIB_Cybersecurity DIB Collaborative Information Sharing Environment]
|-
|-
|DCS||Distributed Control System
|DCS||[https://en.wikipedia.org/wiki/Distributed_control_system Distributed Control System]
|-
|-
|DD||Represents any two-character CMMC Domain acronym
|DD||Represents any two-character CMMC Domain acronym
|-
|-
|DFARS||Defense Federal Acquisition Regulation Supplement
|DFARS||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation#Supplements Defense Federal Acquisition Regulation Supplement]
|-
|-
|DHC||Device Health Check
|DHC||Device Health Check
|-
|-
|DIB||Defense Industrial Base
|DIB||[https://cmmcwiki.org/index.php/Model_Glossary#D Defense Industrial Base]
|-
|-
|DKIM||Domain Key Identified Mail
|DKIM||[https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail DomainKeys Identified Mail]
|-
|-
|DMARC||Domain-based Message Authentication, Reporting, and Conformance
|DMARC||[https://en.wikipedia.org/wiki/DMARC Domain-based Message Authentication, Reporting, and Conformance]
|-
|-
|DMZ||Demilitarized Zone
|DMZ||[https://cmmcwiki.org/index.php/Model_Glossary#D Demilitarized Zone]
|-
|-
|DNS||Domain Name System
|DNS||[https://en.wikipedia.org/wiki/Domain_Name_System Domain Name System]
|-
|-
|DNSSEC||Domain Name System Security
|DNSSEC||[https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions Domain Name System Security]
|-
|-
|DoD||Department of Defense
|DoD||[https://en.wikipedia.org/wiki/Department_of_Defence Department of Defense]
|-
|-
|DoDI||Department of Defense Instruction
|DoDI||Department of Defense Instruction
Line 124: Line 124:
|DPCI||Derived PIV Credential Issuers
|DPCI||Derived PIV Credential Issuers
|-
|-
|DVD||Digital Versatile Disc
|DVD||[https://en.wikipedia.org/wiki/DVD Digital Versatile Disc]
|}
|}


== E ==
== E ==
{|
{|
|E.O.||Executive Order
|E.O.||[https://en.wikipedia.org/wiki/Executive_order Executive Order]
|-
|-
|eSATA||External Serial Advanced Technology Attachment
|eSATA||External [https://en.wikipedia.org/wiki/Serial_ATA Serial Advanced Technology Attachment]
|-
|-
|ESP||External Service Provider
|ESP||External Service Provider
Line 138: Line 138:
== F ==
== F ==
{|
{|
|FAQ||Frequently Asked Question
|FAQ||[https://en.wikipedia.org/wiki/FAQ Frequently Asked Question]
|-
|-
|FAR||Federal Acquisition Regulation
|FAR||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation Federal Acquisition Regulation]
|-
|-
|FBI||Federal Bureau of Investigation
|FBI||[https://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation Federal Bureau of Investigation]
|-
|-
|FCI||Federal Contract Information
|FCI||[https://cmmcwiki.org/index.php/Model_Glossary#F Federal Contract Information]
|-
|-
|FDDI||Fiber Distributed Data Interface
|FDDI||[https://en.wikipedia.org/wiki/Fiber_Distributed_Data_Interface Fiber Distributed Data Interface]
|-
|-
|FDE||Full Disk Encryption  
|FDE||[https://en.wikipedia.org/wiki/Disk_encryption Full Disk Encryption]
|-
|-
|FedRAMP||Federal Risk and Authorization Management Program
|FedRAMP||[https://en.wikipedia.org/wiki/FedRAMP Federal Risk and Authorization Management Program]
|-
|-
|FFRDC||Federally Funded Research and Development Center
|FFRDC||[https://en.wikipedia.org/wiki/Federally_funded_research_and_development_centers Federally Funded Research and Development Center]
|-
|-
|FIPS||Federal Information Processing Standard
|FIPS||[https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards Federal Information Processing Standard]
|-
|-
|FTP||File Transfer Protocol
|FTP||[https://en.wikipedia.org/wiki/File_Transfer_Protocol File Transfer Protocol]
|}
|}


== G ==
== G ==
{|
{|
|GDPR||General Data Protection Regulation
|GDPR||[https://en.wikipedia.org/wiki/General_Data_Protection_Regulation General Data Protection Regulation]
|}
|}


== H ==
== H ==
{|
{|
|HIPAA||Health Insurance Portability and Accountability Act
|HIPAA||[https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act Health Insurance Portability and Accountability Act]
|-
|-
|HSPD||Homeland Security Presidential Directive
|HSPD||[https://en.wikipedia.org/wiki/Presidential_directive#Homeland_Security_Presidential_Directive Homeland Security Presidential Directive]
|-
|-
|HTTP||Hypertext Transfer Protocol
|HTTP||[https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol Hypertext Transfer Protocol]
|-
|-
|HTTPS||Hypertext Transfer Protocol Secure
|HTTPS||[https://en.wikipedia.org/wiki/HTTPS Hypertext Transfer Protocol Secure]
|-
|-
|HVA||High-Value Asset
|HVA||[https://cmmcwiki.org/index.php/Model_Glossary#H High-Value Asset]
|}
|}


== I ==
== I ==
{|
{|
|IA||Information Assurance
|IA||[https://en.wikipedia.org/wiki/Information_assurance Information Assurance]
|-
|-
|IA||Identification and Authentication
|IA||Identification and Authentication
|-
|-
|IBAC||Identity-Based Access Control
|IBAC||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity-Based Access Control]
|-
|-
|IC3||Internet Crime Complaint Center
|IC3||[https://en.wikipedia.org/wiki/Internet_Crime_Complaint_Center Internet Crime Complaint Center]
|-
|-
|ICAM||Identity, Credential, and Access Management
|ICAM||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity, Credential, and Access Management]
|-
|-
|ICS||Industrial Control System
|ICS||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Control System]
|-
|-
|ID||Identification
|ID||[https://cmmcwiki.org/index.php/Model_Glossary#I Identification]
|-
|-
|IDA||Identification and Authentication
|IDA||Identification and Authentication
|-
|-
|IDPS||Intrusion Detection and Prevention Systems
|IDPS||[https://en.wikipedia.org/wiki/Intrusion_detection_system Intrusion Detection and Prevention Systems]
|-
|-
|IEC||International Electrotechnical Commission
|IEC||[https://en.wikipedia.org/wiki/International_Electrotechnical_Commission International Electrotechnical Commission]
|-
|-
|IETF||Internet Engineering Task Force
|IETF||[https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force Internet Engineering Task Force]
|-
|-
|IIoT||Industrial Internet of Things
|IIoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Internet of Things]
|-
|-
|IoT||Internet of Things
|IoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Internet of Things]
|-
|-
|IP||Internet Protocol
|IP||[https://en.wikipedia.org/wiki/Internet_Protocol Internet Protocol]
|-
|-
|IPSec||Internet Protocol Security
|IPSec||[https://en.wikipedia.org/wiki/IPsec Internet Protocol Security]
|-
|-
|IR||Incident Response
|IR||[https://cmmcwiki.org/index.php/Model_Glossary#I Incident Response]
|-
|-
|IS||Information System
|IS||[https://cmmcwiki.org/index.php/Model_Glossary#I Information System]
|-
|-
|ISAC||Information Sharing and Analysis Center
|ISAC||[https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center Information Sharing and Analysis Center]
|-
|-
|ISAO||Information Sharing and Analysis Organization
|ISAO||Information Sharing and Analysis Organization
Line 219: Line 219:
|ISCM||Information Security Continuous Monitoring
|ISCM||Information Security Continuous Monitoring
|-
|-
|ISDN||Integrated Services Digital Network
|ISDN||[https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network Integrated Services Digital Network]
|-
|-
|ISO||International Organization for Standardization
|ISO||[https://en.wikipedia.org/wiki/International_Organization_for_Standardization International Organization for Standardization]
|-
|-
|IT||Information Technology
|IT||[https://en.wikipedia.org/wiki/Information_technology Information Technology]
|-
|-
|ITIL||Information Technology Infrastructure Library
|ITIL||[https://en.wikipedia.org/wiki/ITIL Information Technology Infrastructure Library]
|}
|}


Line 232: Line 232:
|L#||Level Number
|L#||Level Number
|-
|-
|LAN||Local Area Network
|LAN||[https://en.wikipedia.org/wiki/Local_area_network Local Area Network]
|-
|-
|LSI||Large-Scale Integration
|LSI||[https://en.wikipedia.org/wiki/Integrated_circuit#LSI Large-Scale Integration]
|}
|}


== M ==
== M ==
{|
{|
|MA||Maintenance
|MA||[https://cmmcwiki.org/index.php/Model_Glossary#M Maintenance]
|-
|-
|MAC||Media Access Control
|MAC||[https://en.wikipedia.org/wiki/Medium_access_control Media Access Control]
|-
|-
|MC||Maturity Capability
|MC||Maturity Capability
Line 247: Line 247:
|MC##||Maturity Capability Number
|MC##||Maturity Capability Number
|-
|-
|MDM||Mobile Device Management
|MDM||[https://en.wikipedia.org/wiki/Mobile_device_management Mobile Device Management]
|-
|-
|MEP||Manufacturing Extension Partnership
|MEP||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology#MEP Manufacturing Extension Partnership]
|-
|-
|MFA||Multifactor Authentication
|MFA||[https://cmmcwiki.org/index.php/Model_Glossary#M Multifactor Authentication]
|-
|-
|ML||Maturity Level
|ML||Maturity Level
Line 257: Line 257:
|ML#||Maturity Level Number
|ML#||Maturity Level Number
|-
|-
|MMC||Multimedia Card
|MMC||[https://en.wikipedia.org/wiki/MultiMediaCard Multimedia Card]
|-
|-
|MP||Media Protection
|MP||Media Protection
|-
|}
 
== N ==
{|
|N/A||Not Applicable (NA)
|N/A||Not Applicable (NA)
|-
|-
|NARA||National Archives and Records Administration  
|NARA||[https://en.wikipedia.org/wiki/National_Archives_and_Records_Administration National Archives and Records Administration]
|-
|-
|NAS||Networked Attached Storage
|NAS||[https://en.wikipedia.org/wiki/Network-attached_storage Networked Attached Storage]
|-
|-
|NAS||National Aerospace Standard
|NAS||National Aerospace Standard
|-
|-
|NCSC||National Cyber Security Centre
|NCSC||[https://en.wikipedia.org/wiki/National_Cyber_Security_Centre National Cyber Security Centre]
|-
|-
|NIST||National Institute of Standards and Technology
|NIST||[https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology National Institute of Standards and Technology]
|-
|-
|NISTIR||NIST Interagency (or Internal) Report
|NISTIR||NIST Interagency (or Internal) Report
Line 277: Line 280:
|NPE||Non-Person Entity
|NPE||Non-Person Entity
|-
|-
|NSA||National Security Agency
|NSA||[https://en.wikipedia.org/wiki/National_Security_Agency National Security Agency]
|-
|-
|NSA/CSS||NSA Central Security Service
|NSA/CSS||NSA Central Security Service
|-
|-
|NSPD||National Security Presidential Directive
|NSPD||[https://en.wikipedia.org/wiki/National_security_directive National Security Presidential Directive]
|-
|-
|NSTISSD||National Security Telecommunications and Information Systems Security Directive
|NSTISSD||National Security Telecommunications and Information Systems Security Directive
|-
|-
|NTP||Network Time Protocol
|NTP||[https://en.wikipedia.org/wiki/Network_Time_Protocol Network Time Protocol]
|-
|-
|NYSSCPA||New York State Society of CPAs
|NYSSCPA||New York State Society of CPAs
Line 292: Line 295:
== O ==
== O ==
{|
{|
|OMB||Office of Management and Budget
|OMB||[https://en.wikipedia.org/wiki/Office_of_Management_and_Budget Office of Management and Budget]
|-
|-
|OS||Operating System
|OS||[https://en.wikipedia.org/wiki/Operating_system Operating System]
|-
|-
|OSC||Organization Seeking Certification
|OSC||[https://cmmcwiki.org/index.php/Model_Glossary#O Organization Seeking Certification]
|-
|-
|OT||Operational Technology
|OT||[https://cmmcwiki.org/index.php/Model_Glossary#O Operational Technology]
|-
|-
|OUSD A&S||Office of the Under Secretary of Defense for Acquisition and Sustainment
|OUSD A&S||[https://en.wikipedia.org/wiki/Under_Secretary_of_Defense_for_Acquisition_and_Sustainment Office of the Under Secretary of Defense for Acquisition and Sustainment]
|}
|}


Line 307: Line 310:
|PCI||Personal Identity Verification Card Issuers
|PCI||Personal Identity Verification Card Issuers
|-
|-
|PDA||Personal Digital Assistant
|PDA||[https://en.wikipedia.org/wiki/Personal_digital_assistant Personal Digital Assistant]
|-
|-
|PE||Physical Protection
|PE||Physical Protection
|-
|-
|PGP||Pretty Good Privacy
|PGP||[https://en.wikipedia.org/wiki/Pretty_Good_Privacy Pretty Good Privacy]
|-
|-
|PII||Personally Identifiable Information
|PII||[https://cmmcwiki.org/index.php/Model_Glossary#P Personally Identifiable Information]
|-
|-
|PIV||Personal Identify Verification
|PIV||Personal Identify Verification
|-
|-
|PKI||Public Key Infrastructure
|PKI||[https://en.wikipedia.org/wiki/Public_key_infrastructure Public Key Infrastructure]
|-
|-
|PLC||Programmable Logic Controller
|PLC||[https://en.wikipedia.org/wiki/Programmable_logic_controller Programmable Logic Controller]
|-
|-
|POC||Point of Contact
|POC||[https://en.wikipedia.org/wiki/Point_of_contact Point of Contact]
|-
|-
|POTS||Plain Old Telephone Service
|POTS||[https://en.wikipedia.org/wiki/Plain_old_telephone_service Plain Old Telephone Service]
|-
|-
|PP||Physical Protection
|PP||Physical Protection
|-
|-
|PPD||Presidential Policy Directive
|PPD||[https://en.wikipedia.org/wiki/National_security_directive Presidential Policy Directive]
|-
|-
|PS||Personnel Security
|PS||Personnel Security
|-
|-
|PUB||Publication
|PUB||[https://en.wikipedia.org/wiki/Publication Publication]
|}
|}


== R ==
== R ==
{|
{|
|RADIUS
|RADIUS||[https://en.wikipedia.org/wiki/RADIUS Remote Authentication Dial-in User Service]
|Remote Authentication Dial-in User Service RE
|-
|Recovery
|RE||[https://cmmcwiki.org/index.php/Model_Glossary#R Recovery]
|-
|-
Rev
|Rev||Revision
|Revision
|-
|-
RF
|RF||[https://en.wikipedia.org/wiki/Radio_frequency Radio Frequency]
|Radio Frequency
|-
|-
RFC
|RFC||[https://en.wikipedia.org/wiki/Request_for_Comments Request for Comments]
|Request for Comments
|-
|-
RM
|RM||[https://cmmcwiki.org/index.php/Model_Glossary#R Risk Management]
|Risk Management
|-
|-
RMM
|RMM||Resilience Management Model
|Resilience Management Model
|-
|-
RMM
|RMM||Risk Management Model
|Risk Management Model
|-
|-
RPO
|RPO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Point_Objective Recovery Point Objectives]
|Recovery Point Objectives
|-
|-
RTO
|RTO||[https://en.wikipedia.org/wiki/Disaster_recovery#Recovery_Time_Objective Recovery Time Objectives]
|Recovery Time Objectives
|}
 
== S ==
{|
|SA||[https://cmmcwiki.org/index.php/Model_Glossary#S Situational Awareness]
|-
|-
SA
|SaaS||[https://en.wikipedia.org/wiki/Software_as_a_service Software as a Service]
|Situational Awareness
|-
|-
SaaS
|SAS||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment]
|Software as a Service
|-
|-
SAS
|SC||System and Communications Protection
|Security Assessment
|-
|-
SC
|SCADA||[https://en.wikipedia.org/wiki/SCADA Supervisory Control and Data Acquisition]
|System and Communications Protection  SCADA
|Supervisory Control and Data Acquisition SCRM
|Supply Chain Risk Management
|-
|-
SHA
|SCRM||[https://cmmcwiki.org/index.php/Model_Glossary#S Supply Chain Risk Management]
|Security Hash Algorithm
|-
|-
SI
|SHA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Hash Algorithm]
|System and Information Integrity
|-
|-
SIEM
|SI||System and Information Integrity
|Security Integration and Event Management  SMS
|Short Message Service
|-
|-
SOC
|SIEM||[https://en.wikipedia.org/wiki/Security_information_and_event_management Security Integration and Event Management]
|Security Operations Center
|-
|-
SP
|SMS||[https://en.wikipedia.org/wiki/SMS Short Message Service]
|Special Publication
|-
|-
SPF
|SOC||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Operations Center]
|Sender Policy Framework
|-
|-
SSC
|SP||Special Publication
|Secure Socket Layer
|-
|-
SSD
|SPF||[https://en.wikipedia.org/wiki/Sender_Policy_Framework Sender Policy Framework]
|Solid-State Disk
|-
|-
SSP
|SSC||[https://en.wikipedia.org/wiki/Transport_Layer_Security Secure Socket Layer]
|System Security Plan
|-
|-
SSP
|SSD||[https://en.wikipedia.org/wiki/Solid-state_drive Solid-State Disk]
|Sector Specific Plan
|-
|-
TLS
|SSP||[https://cmmcwiki.org/index.php/Model_Glossary#S System Security Plan]
|Transport Layer Security
|-
|-
|SSP||Sector Specific Plan
|}


 
== T ==
Acronyms and Abbreviations
{|
|TLS||[https://en.wikipedia.org/wiki/Transport_Layer_Security Transport Layer Security]
|-
|-
|TTP||[https://en.wikipedia.org/wiki/Terrorist_Tactics,_Techniques,_and_Procedures Tactics, Techniques, and Procedures]
|}


CMMC Glossary and Acronyms  Version 2.0
== U ==
|34   
{|
 
|U.S.||United States
 
 
 
TTP
|Tactics, Techniques, and Procedures
|-
|-
U.S.
|UARC||[https://en.wikipedia.org/wiki/University_Affiliated_Research_Center University Affiliated Research Center]
|United States
|-
|-
UARC
|UK||United Kingdom
|University Affiliated Research Center
|-
|-
UK
|UMD||[https://en.wikipedia.org/wiki/Universal_Media_Disc Universal Media Disc]
|United Kingdom
|-
|-
UMD
|URL||[https://en.wikipedia.org/wiki/URL Uniform Resource Locator]
|Universal Media Disc
|-
|-
URL
|USB||[https://en.wikipedia.org/wiki/USB Universal Serial Bus]
|Uniform Resource Locator
|-
|-
USB
|UTC||[https://en.wikipedia.org/wiki/Coordinated_Universal_Time Coordinated Universal Time]
|Universal Serial Bus
|-
|-
UTC
|UUENCODE||[https://en.wikipedia.org/wiki/Uuencoding Unix-to-Unix Encode]
|Coordinated Universal Time
|}
 
== V ==
{|
|VLAN||[https://en.wikipedia.org/wiki/Virtual_LAN Virtual Local Area Network]
|-
|-
UUENCODE
|VoIP||[https://en.wikipedia.org/wiki/Voice_over_IP Voice over Internet Protocol]
|Unix-to-Unix Encode
|-
|-
VLAN
|Vol.||Volume
|Virtual Local Area Network
|-
|-
VoIP
|VPN||[https://en.wikipedia.org/wiki/Virtual_private_network Virtual Private Network]
|Voice over Internet Protocol
|}
|-
 
Vol.
== W ==
|Volume
{|
|-
|WAP||[https://en.wikipedia.org/wiki/Wireless_access_point Wireless Access Point]
VPN
|Virtual Private Network
|-
WAP
|Wireless Access Point
|-
WPA2-PSK
|WiFi Protected Access-Pre-shared Key
|-
xD
|Extreme Digital (flash memory card device)
|-
|-
|WPA2-PSK||[https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access WiFi Protected Access-Pre-shared Key]
|}
== X ==
{|
|xD||[https://en.wikipedia.org/wiki/XD-Picture_Card Extreme Digital] (flash memory card device)
|}
|}

Latest revision as of 23:31, 30 November 2022

Source of Reference: The official CMMC Glossary from the Department of Defense Chief Information Officer (DoD CIO).

For inquiries and reporting errors on this wiki, please contact us. Thank you.

A

AA Audit and Accountability
ABAC Attribute-Based Access Control
AC Access Control
ACSC Australian Cyber Security Centre
AES Advanced Encryption Standard
AIA Aerospace Industries Association
AM Asset Management
API Application Programming Interface
APT Advanced Persistent Threat
AT Awareness and Training
AU Audit and Accountability

B

BYOD Bring Your Own Device

C

C2M2 Cybersecurity Capability Maturity Model
C3PAO CMMC Third-Party Assessment Organization
CA Security Assessment
CD-ROM Compact Disc Read-Only Memory
CDI Covered Defense Information
CEA Council of Economic Advisers
CERT Computer Emergency Response Team
CERT RMM CERT® Resilience Management Model
CFR Code of Federal Regulations
CI Configuration Item
CIO Chief Information Officer
CIS Computer Information System
CIS Center for Internet Security
CISA Cybersecurity and Infrastructure Security Agency
CM Configuration Management
CMMC Cybersecurity Maturity Model Certification
CNSSD [Committee on National Security Systems Directive Committee on National Security Systems] Directive
CNSSI [Committee on National Security Systems Directive Committee on National Security Systems] Instructions
COMSEC Communications Security
CPI Critical Program Information
CSF Cybersecurity Framework
CSIS Center for Strategic and International Studies
CSP Credential Service Provider
CTI Controlled Technical Information
CUI Controlled Unclassified Information
CVE Common Vulnerabilities and Exposures
CVMP Cryptographic Module Validation Program
CWE Common Weakness Enumeration

D

D/A Department/Agency
DCISE DIB Collaborative Information Sharing Environment
DCS Distributed Control System
DD Represents any two-character CMMC Domain acronym
DFARS Defense Federal Acquisition Regulation Supplement
DHC Device Health Check
DIB Defense Industrial Base
DKIM DomainKeys Identified Mail
DMARC Domain-based Message Authentication, Reporting, and Conformance
DMZ Demilitarized Zone
DNS Domain Name System
DNSSEC Domain Name System Security
DoD Department of Defense
DoDI Department of Defense Instruction
DPCI Derived PIV Credential Issuers
DVD Digital Versatile Disc

E

E.O. Executive Order
eSATA External Serial Advanced Technology Attachment
ESP External Service Provider

F

FAQ Frequently Asked Question
FAR Federal Acquisition Regulation
FBI Federal Bureau of Investigation
FCI Federal Contract Information
FDDI Fiber Distributed Data Interface
FDE Full Disk Encryption
FedRAMP Federal Risk and Authorization Management Program
FFRDC Federally Funded Research and Development Center
FIPS Federal Information Processing Standard
FTP File Transfer Protocol

G

GDPR General Data Protection Regulation

H

HIPAA Health Insurance Portability and Accountability Act
HSPD Homeland Security Presidential Directive
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
HVA High-Value Asset

I

IA Information Assurance
IA Identification and Authentication
IBAC Identity-Based Access Control
IC3 Internet Crime Complaint Center
ICAM Identity, Credential, and Access Management
ICS Industrial Control System
ID Identification
IDA Identification and Authentication
IDPS Intrusion Detection and Prevention Systems
IEC International Electrotechnical Commission
IETF Internet Engineering Task Force
IIoT Industrial Internet of Things
IoT Internet of Things
IP Internet Protocol
IPSec Internet Protocol Security
IR Incident Response
IS Information System
ISAC Information Sharing and Analysis Center
ISAO Information Sharing and Analysis Organization
ISCM Information Security Continuous Monitoring
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
IT Information Technology
ITIL Information Technology Infrastructure Library

L

L# Level Number
LAN Local Area Network
LSI Large-Scale Integration

M

MA Maintenance
MAC Media Access Control
MC Maturity Capability
MC## Maturity Capability Number
MDM Mobile Device Management
MEP Manufacturing Extension Partnership
MFA Multifactor Authentication
ML Maturity Level
ML# Maturity Level Number
MMC Multimedia Card
MP Media Protection

N

N/A Not Applicable (NA)
NARA National Archives and Records Administration
NAS Networked Attached Storage
NAS National Aerospace Standard
NCSC National Cyber Security Centre
NIST National Institute of Standards and Technology
NISTIR NIST Interagency (or Internal) Report
NPE Non-Person Entity
NSA National Security Agency
NSA/CSS NSA Central Security Service
NSPD National Security Presidential Directive
NSTISSD National Security Telecommunications and Information Systems Security Directive
NTP Network Time Protocol
NYSSCPA New York State Society of CPAs

O

OMB Office of Management and Budget
OS Operating System
OSC Organization Seeking Certification
OT Operational Technology
OUSD A&S Office of the Under Secretary of Defense for Acquisition and Sustainment

P

PCI Personal Identity Verification Card Issuers
PDA Personal Digital Assistant
PE Physical Protection
PGP Pretty Good Privacy
PII Personally Identifiable Information
PIV Personal Identify Verification
PKI Public Key Infrastructure
PLC Programmable Logic Controller
POC Point of Contact
POTS Plain Old Telephone Service
PP Physical Protection
PPD Presidential Policy Directive
PS Personnel Security
PUB Publication

R

RADIUS Remote Authentication Dial-in User Service
RE Recovery
Rev Revision
RF Radio Frequency
RFC Request for Comments
RM Risk Management
RMM Resilience Management Model
RMM Risk Management Model
RPO Recovery Point Objectives
RTO Recovery Time Objectives

S

SA Situational Awareness
SaaS Software as a Service
SAS Security Assessment
SC System and Communications Protection
SCADA Supervisory Control and Data Acquisition
SCRM Supply Chain Risk Management
SHA Security Hash Algorithm
SI System and Information Integrity
SIEM Security Integration and Event Management
SMS Short Message Service
SOC Security Operations Center
SP Special Publication
SPF Sender Policy Framework
SSC Secure Socket Layer
SSD Solid-State Disk
SSP System Security Plan
SSP Sector Specific Plan

T

TLS Transport Layer Security
TTP Tactics, Techniques, and Procedures

U

U.S. United States
UARC University Affiliated Research Center
UK United Kingdom
UMD Universal Media Disc
URL Uniform Resource Locator
USB Universal Serial Bus
UTC Coordinated Universal Time
UUENCODE Unix-to-Unix Encode

V

VLAN Virtual Local Area Network
VoIP Voice over Internet Protocol
Vol. Volume
VPN Virtual Private Network

W

WAP Wireless Access Point
WPA2-PSK WiFi Protected Access-Pre-shared Key

X

xD Extreme Digital (flash memory card device)