Acronyms and Abbreviations: Difference between revisions
Jump to navigation
Jump to search
(→B) |
(→C) |
||
| Line 37: | Line 37: | ||
|C2M2||Cybersecurity Capability Maturity Model | |C2M2||Cybersecurity Capability Maturity Model | ||
|- | |- | ||
|C3PAO||CMMC Third-Party Assessment Organization | |C3PAO||[https://cmmcab.org/c3pao-lp/ CMMC Third-Party Assessment Organization] | ||
|- | |- | ||
|CA||Security Assessment | |CA||[https://cmmcwiki.org/index.php/Model_Glossary#S Security Assessment] | ||
|- | |- | ||
|CD-ROM||Compact Disc Read-Only Memory | |CD-ROM||[https://en.wikipedia.org/wiki/CD-ROM Compact Disc Read-Only Memory] | ||
|- | |- | ||
|CDI||Covered Defense Information | |CDI||[https://cmmcwiki.org/index.php/Model_Glossary#C Covered Defense Information] | ||
|- | |- | ||
|CEA||Council of Economic Advisers | |CEA||[https://en.wikipedia.org/wiki/Council_of_Economic_Advisers Council of Economic Advisers] | ||
|- | |- | ||
|CERT||Computer Emergency Response Team | |CERT||[https://en.wikipedia.org/wiki/Computer_emergency_response_team Computer Emergency Response Team] | ||
|- | |- | ||
|CERT RMM||CERT® Resilience Management Model | |CERT RMM||CERT® Resilience Management Model | ||
|- | |- | ||
|CFR||Code of Federal Regulations | |CFR||[https://en.wikipedia.org/wiki/Code_of_Federal_Regulations Code of Federal Regulations] | ||
|- | |- | ||
|CI||Configuration Item | |CI||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Item] | ||
|- | |- | ||
|CIO||Chief Information Officer | |CIO||[https://en.wikipedia.org/wiki/Chief_information_officer Chief Information Officer] | ||
|- | |- | ||
|CIS||Computer Information System | |CIS||Computer Information System | ||
|- | |- | ||
|CIS||Center for Internet Security | |CIS||[https://en.wikipedia.org/wiki/Center_for_Internet_Security Center for Internet Security] | ||
|- | |- | ||
|CISA||Cybersecurity and Infrastructure Security Agency | |CISA||[https://en.wikipedia.org/wiki/Cybersecurity_and_Infrastructure_Security_Agency Cybersecurity and Infrastructure Security Agency] | ||
|- | |- | ||
|CM||Configuration Management | |CM||[https://cmmcwiki.org/index.php/Model_Glossary#C Configuration Management] | ||
|- | |- | ||
|CMMC||Cybersecurity Maturity Model Certification | |CMMC||[https://www.acq.osd.mil/cmmc/index.html Cybersecurity Maturity Model Certification] | ||
|- | |- | ||
|CNSSD||Committee on National Security Systems Directive | |CNSSD||[Committee on National Security Systems Directive Committee on National Security Systems] Directive | ||
|- | |- | ||
|CNSSI||Committee on National Security Systems Instructions | |CNSSI||[Committee on National Security Systems Directive Committee on National Security Systems] Instructions | ||
|- | |- | ||
|COMSEC||Communications Security | |COMSEC||[https://en.wikipedia.org/wiki/Communications_security Communications Security] | ||
|- | |- | ||
|CPI||Critical Program Information | |CPI||Critical Program Information | ||
|- | |- | ||
|CSF||Cybersecurity Framework | |CSF||[https://en.wikipedia.org/wiki/NIST_Cybersecurity_Framework Cybersecurity Framework] | ||
|- | |- | ||
|CSIS||Center for Strategic and International Studies | |CSIS||[https://en.wikipedia.org/wiki/Center_for_Strategic_and_International_Studies Center for Strategic and International Studies] | ||
|- | |- | ||
|CSP||Credential Service Provider | |CSP||[https://en.wikipedia.org/wiki/Credential_service_provider Credential Service Provider] | ||
|- | |- | ||
|CTI||Controlled Technical Information | |CTI||Controlled Technical Information | ||
|- | |- | ||
|CUI||Controlled Unclassified Information | |CUI||[https://cmmcwiki.org/index.php/Model_Glossary#C Controlled Unclassified Information] | ||
|- | |- | ||
|CVE||Common Vulnerabilities and Exposures | |CVE||[https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilities and Exposures] | ||
|- | |- | ||
|CVMP||Cryptographic Module Validation Program | |CVMP||[https://en.wikipedia.org/wiki/Cryptographic_Module_Validation_Program Cryptographic Module Validation Program] | ||
|- | |- | ||
|CWE||Common Weakness Enumeration | |CWE||[https://en.wikipedia.org/wiki/Common_Weakness_Enumeration Common Weakness Enumeration] | ||
|} | |} | ||
Revision as of 19:07, 26 February 2022
Source of Reference: The official CMMC Glossary from the Office of the Under Secretary of Defense Acquisition & Sustainment.
For inquiries and reporting errors on this wiki, please contact us. Thank you.
A
| AA | Audit and Accountability |
| ABAC | Attribute-Based Access Control |
| AC | Access Control |
| ACSC | Australian Cyber Security Centre |
| AES | Advanced Encryption Standard |
| AIA | Aerospace Industries Association |
| AM | Asset Management |
| API | Application Programming Interface |
| APT | Advanced Persistent Threat |
| AT | Awareness and Training |
| AU | Audit and Accountability |
B
| BYOD | Bring Your Own Device |
C
D
| D/A | Department/Agency |
| DCISE | DIB Collaborative Information Sharing Environment |
| DCS | Distributed Control System |
| DD | Represents any two-character CMMC Domain acronym |
| DFARS | Defense Federal Acquisition Regulation Supplement |
| DHC | Device Health Check |
| DIB | Defense Industrial Base |
| DKIM | Domain Key Identified Mail |
| DMARC | Domain-based Message Authentication, Reporting, and Conformance |
| DMZ | Demilitarized Zone |
| DNS | Domain Name System |
| DNSSEC | Domain Name System Security |
| DoD | Department of Defense |
| DoDI | Department of Defense Instruction |
| DPCI | Derived PIV Credential Issuers |
| DVD | Digital Versatile Disc |
E
| E.O. | Executive Order |
| eSATA | External Serial Advanced Technology Attachment |
| ESP | External Service Provider |
F
| FAQ | Frequently Asked Question |
| FAR | Federal Acquisition Regulation |
| FBI | Federal Bureau of Investigation |
| FCI | Federal Contract Information |
| FDDI | Fiber Distributed Data Interface |
| FDE | Full Disk Encryption |
| FedRAMP | Federal Risk and Authorization Management Program |
| FFRDC | Federally Funded Research and Development Center |
| FIPS | Federal Information Processing Standard |
| FTP | File Transfer Protocol |
G
| GDPR | General Data Protection Regulation |
H
| HIPAA | Health Insurance Portability and Accountability Act |
| HSPD | Homeland Security Presidential Directive |
| HTTP | Hypertext Transfer Protocol |
| HTTPS | Hypertext Transfer Protocol Secure |
| HVA | High-Value Asset |
I
| IA | Information Assurance |
| IA | Identification and Authentication |
| IBAC | Identity-Based Access Control |
| IC3 | Internet Crime Complaint Center |
| ICAM | Identity, Credential, and Access Management |
| ICS | Industrial Control System |
| ID | Identification |
| IDA | Identification and Authentication |
| IDPS | Intrusion Detection and Prevention Systems |
| IEC | International Electrotechnical Commission |
| IETF | Internet Engineering Task Force |
| IIoT | Industrial Internet of Things |
| IoT | Internet of Things |
| IP | Internet Protocol |
| IPSec | Internet Protocol Security |
| IR | Incident Response |
| IS | Information System |
| ISAC | Information Sharing and Analysis Center |
| ISAO | Information Sharing and Analysis Organization |
| ISCM | Information Security Continuous Monitoring |
| ISDN | Integrated Services Digital Network |
| ISO | International Organization for Standardization |
| IT | Information Technology |
| ITIL | Information Technology Infrastructure Library |
L
| L# | Level Number |
| LAN | Local Area Network |
| LSI | Large-Scale Integration |
M
| MA | Maintenance |
| MAC | Media Access Control |
| MC | Maturity Capability |
| MC## | Maturity Capability Number |
| MDM | Mobile Device Management |
| MEP | Manufacturing Extension Partnership |
| MFA | Multifactor Authentication |
| ML | Maturity Level |
| ML# | Maturity Level Number |
| MMC | Multimedia Card |
| MP | Media Protection |
| N/A | Not Applicable (NA) |
| NARA | National Archives and Records Administration |
| NAS | Networked Attached Storage |
| NAS | National Aerospace Standard |
| NCSC | National Cyber Security Centre |
| NIST | National Institute of Standards and Technology |
| NISTIR | NIST Interagency (or Internal) Report |
| NPE | Non-Person Entity |
| NSA | National Security Agency |
| NSA/CSS | NSA Central Security Service |
| NSPD | National Security Presidential Directive |
| NSTISSD | National Security Telecommunications and Information Systems Security Directive |
| NTP | Network Time Protocol |
| NYSSCPA | New York State Society of CPAs |
O
| OMB | Office of Management and Budget |
| OS | Operating System |
| OSC | Organization Seeking Certification |
| OT | Operational Technology |
| OUSD A&S | Office of the Under Secretary of Defense for Acquisition and Sustainment |
P
| PCI | Personal Identity Verification Card Issuers |
| PDA | Personal Digital Assistant |
| PE | Physical Protection |
| PGP | Pretty Good Privacy |
| PII | Personally Identifiable Information |
| PIV | Personal Identify Verification |
| PKI | Public Key Infrastructure |
| PLC | Programmable Logic Controller |
| POC | Point of Contact |
| POTS | Plain Old Telephone Service |
| PP | Physical Protection |
| PPD | Presidential Policy Directive |
| PS | Personnel Security |
| PUB | Publication |
R
| RADIUS | Remote Authentication Dial-in User Service |
| RE | Recovery |
| Rev | Revision |
| RF | Radio Frequency |
| RFC | Request for Comments |
| RM | Risk Management |
| RMM | Resilience Management Model |
| RMM | Risk Management Model |
| RPO | Recovery Point Objectives |
| RTO | Recovery Time Objectives |
S
| SA | Situational Awareness |
| SaaS | Software as a Service |
| SAS | Security Assessment |
| SC | System and Communications Protection |
| SCADA | Supervisory Control and Data Acquisition |
| SCRM | Supply Chain Risk Management |
| SHA | Security Hash Algorithm |
| SI | System and Information Integrity |
| SIEM | Security Integration and Event Management |
| SMS | Short Message Service |
| SOC | Security Operations Center |
| SP | Special Publication |
| SPF | Sender Policy Framework |
| SSC | Secure Socket Layer |
| SSD | Solid-State Disk |
| SSP | System Security Plan |
| SSP | Sector Specific Plan |
T
| TLS | Transport Layer Security |
| TTP | Tactics, Techniques, and Procedures |
U
| U.S. | United States |
| UARC | University Affiliated Research Center |
| UK | United Kingdom |
| UMD | Universal Media Disc |
| URL | Uniform Resource Locator |
| USB | Universal Serial Bus |
| UTC | Coordinated Universal Time |
| UUENCODE | Unix-to-Unix Encode |
V
| VLAN | Virtual Local Area Network |
| VoIP | Voice over Internet Protocol |
| Vol. | Volume |
| VPN | Virtual Private Network |
W
| WAP | Wireless Access Point |
| WPA2-PSK | WiFi Protected Access-Pre-shared Key |
X
| xD | Extreme Digital (flash memory card device) |