Acronyms and Abbreviations
Jump to navigation
Jump to search
Source of Reference: The official CMMC Glossary from the Office of the Under Secretary of Defense for Acquisition & Sustainment.
For inquiries and reporting errors on this wiki, please contact us. Thank you.
A
AA | Audit and Accountability |
ABAC | Attribute-Based Access Control |
AC | Access Control |
ACSC | Australian Cyber Security Centre |
AES | Advanced Encryption Standard |
AIA | Aerospace Industries Association |
AM | Asset Management |
API | Application Programming Interface |
APT | Advanced Persistent Threat |
AT | Awareness and Training |
AU | Audit and Accountability |
B
BYOD | Bring Your Own Device |
C
D
D/A | Department/Agency |
DCISE | DIB Collaborative Information Sharing Environment |
DCS | Distributed Control System |
DD | Represents any two-character CMMC Domain acronym |
DFARS | Defense Federal Acquisition Regulation Supplement |
DHC | Device Health Check |
DIB | Defense Industrial Base |
DKIM | DomainKeys Identified Mail |
DMARC | Domain-based Message Authentication, Reporting, and Conformance |
DMZ | Demilitarized Zone |
DNS | Domain Name System |
DNSSEC | Domain Name System Security |
DoD | Department of Defense |
DoDI | Department of Defense Instruction |
DPCI | Derived PIV Credential Issuers |
DVD | Digital Versatile Disc |
E
E.O. | Executive Order |
eSATA | External Serial Advanced Technology Attachment |
ESP | External Service Provider |
F
G
GDPR | General Data Protection Regulation |
H
HIPAA | Health Insurance Portability and Accountability Act |
HSPD | Homeland Security Presidential Directive |
HTTP | Hypertext Transfer Protocol |
HTTPS | Hypertext Transfer Protocol Secure |
HVA | High-Value Asset |
I
IA | Information Assurance |
IA | Identification and Authentication |
IBAC | Identity-Based Access Control |
IC3 | Internet Crime Complaint Center |
ICAM | Identity, Credential, and Access Management |
ICS | Industrial Control System |
ID | Identification |
IDA | Identification and Authentication |
IDPS | Intrusion Detection and Prevention Systems |
IEC | International Electrotechnical Commission |
IETF | Internet Engineering Task Force |
IIoT | Industrial Internet of Things |
IoT | Internet of Things |
IP | Internet Protocol |
IPSec | Internet Protocol Security |
IR | Incident Response |
IS | Information System |
ISAC | Information Sharing and Analysis Center |
ISAO | Information Sharing and Analysis Organization |
ISCM | Information Security Continuous Monitoring |
ISDN | Integrated Services Digital Network |
ISO | International Organization for Standardization |
IT | Information Technology |
ITIL | Information Technology Infrastructure Library |
L
L# | Level Number |
LAN | Local Area Network |
LSI | Large-Scale Integration |
M
MA | Maintenance |
MAC | Media Access Control |
MC | Maturity Capability |
MC## | Maturity Capability Number |
MDM | Mobile Device Management |
MEP | Manufacturing Extension Partnership |
MFA | Multifactor Authentication |
ML | Maturity Level |
ML# | Maturity Level Number |
MMC | Multimedia Card |
MP | Media Protection |
N
N/A | Not Applicable (NA) |
NARA | National Archives and Records Administration |
NAS | Networked Attached Storage |
NAS | National Aerospace Standard |
NCSC | National Cyber Security Centre |
NIST | National Institute of Standards and Technology |
NISTIR | NIST Interagency (or Internal) Report |
NPE | Non-Person Entity |
NSA | National Security Agency |
NSA/CSS | NSA Central Security Service |
NSPD | National Security Presidential Directive |
NSTISSD | National Security Telecommunications and Information Systems Security Directive |
NTP | Network Time Protocol |
NYSSCPA | New York State Society of CPAs |
O
P
PCI | Personal Identity Verification Card Issuers |
PDA | Personal Digital Assistant |
PE | Physical Protection |
PGP | Pretty Good Privacy |
PII | Personally Identifiable Information |
PIV | Personal Identify Verification |
PKI | Public Key Infrastructure |
PLC | Programmable Logic Controller |
POC | Point of Contact |
POTS | Plain Old Telephone Service |
PP | Physical Protection |
PPD | Presidential Policy Directive |
PS | Personnel Security |
PUB | Publication |
R
RADIUS | Remote Authentication Dial-in User Service |
RE | Recovery |
Rev | Revision |
RF | Radio Frequency |
RFC | Request for Comments |
RM | Risk Management |
RMM | Resilience Management Model |
RMM | Risk Management Model |
RPO | Recovery Point Objectives |
RTO | Recovery Time Objectives |
S
SA | Situational Awareness |
SaaS | Software as a Service |
SAS | Security Assessment |
SC | System and Communications Protection |
SCADA | Supervisory Control and Data Acquisition |
SCRM | Supply Chain Risk Management |
SHA | Security Hash Algorithm |
SI | System and Information Integrity |
SIEM | Security Integration and Event Management |
SMS | Short Message Service |
SOC | Security Operations Center |
SP | Special Publication |
SPF | Sender Policy Framework |
SSC | Secure Socket Layer |
SSD | Solid-State Disk |
SSP | System Security Plan |
SSP | Sector Specific Plan |
T
TLS | Transport Layer Security |
TTP | Tactics, Techniques, and Procedures |
U
U.S. | United States |
UARC | University Affiliated Research Center |
UK | United Kingdom |
UMD | Universal Media Disc |
URL | Uniform Resource Locator |
USB | Universal Serial Bus |
UTC | Coordinated Universal Time |
UUENCODE | Unix-to-Unix Encode |
V
VLAN | Virtual Local Area Network |
VoIP | Voice over Internet Protocol |
Vol. | Volume |
VPN | Virtual Private Network |
W
WAP | Wireless Access Point |
WPA2-PSK | WiFi Protected Access-Pre-shared Key |
X
xD | Extreme Digital (flash memory card device) |