Acronyms and Abbreviations: Difference between revisions

From CMMC Toolkit Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 129: Line 129:
== E ==
== E ==
{|
{|
|E.O.||Executive Order
|E.O.||[https://en.wikipedia.org/wiki/Executive_order Executive Order]
|-
|-
|eSATA||External Serial Advanced Technology Attachment
|eSATA||External [https://en.wikipedia.org/wiki/Serial_ATA Serial Advanced Technology Attachment]
|-
|-
|ESP||External Service Provider
|ESP||External Service Provider
Line 138: Line 138:
== F ==
== F ==
{|
{|
|FAQ||Frequently Asked Question
|FAQ||[https://en.wikipedia.org/wiki/FAQ Frequently Asked Question]
|-
|-
|FAR||Federal Acquisition Regulation
|FAR||[https://en.wikipedia.org/wiki/Federal_Acquisition_Regulation Federal Acquisition Regulation]
|-
|-
|FBI||Federal Bureau of Investigation
|FBI||[https://en.wikipedia.org/wiki/Federal_Bureau_of_Investigation Federal Bureau of Investigation]
|-
|-
|FCI||Federal Contract Information
|FCI||[https://cmmcwiki.org/index.php/Model_Glossary#F Federal Contract Information]
|-
|-
|FDDI||Fiber Distributed Data Interface
|FDDI||[https://en.wikipedia.org/wiki/Fiber_Distributed_Data_Interface Fiber Distributed Data Interface]
|-
|-
|FDE||Full Disk Encryption  
|FDE||[https://en.wikipedia.org/wiki/Disk_encryption Full Disk Encryption]
|-
|-
|FedRAMP||Federal Risk and Authorization Management Program
|FedRAMP||[https://en.wikipedia.org/wiki/FedRAMP Federal Risk and Authorization Management Program]
|-
|-
|FFRDC||Federally Funded Research and Development Center
|FFRDC||[https://en.wikipedia.org/wiki/Federally_funded_research_and_development_centers Federally Funded Research and Development Center]
|-
|-
|FIPS||Federal Information Processing Standard
|FIPS||[https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards Federal Information Processing Standard]
|-
|-
|FTP||File Transfer Protocol
|FTP||[https://en.wikipedia.org/wiki/File_Transfer_Protocol File Transfer Protocol]
|}
|}


== G ==
== G ==
{|
{|
|GDPR||General Data Protection Regulation
|GDPR||[https://en.wikipedia.org/wiki/General_Data_Protection_Regulation General Data Protection Regulation]
|}
|}


== H ==
== H ==
{|
{|
|HIPAA||Health Insurance Portability and Accountability Act
|HIPAA||[https://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act Health Insurance Portability and Accountability Act]
|-
|-
|HSPD||Homeland Security Presidential Directive
|HSPD||[https://en.wikipedia.org/wiki/Presidential_directive#Homeland_Security_Presidential_Directive Homeland Security Presidential Directive]
|-
|-
|HTTP||Hypertext Transfer Protocol
|HTTP||[https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol Hypertext Transfer Protocol]
|-
|-
|HTTPS||Hypertext Transfer Protocol Secure
|HTTPS||[https://en.wikipedia.org/wiki/HTTPS Hypertext Transfer Protocol Secure]
|-
|-
|HVA||High-Value Asset
|HVA||[https://cmmcwiki.org/index.php/Model_Glossary#H High-Value Asset]
|}
|}


== I ==
== I ==
{|
{|
|IA||Information Assurance
|IA||[https://en.wikipedia.org/wiki/Information_assurance Information Assurance]
|-
|-
|IA||Identification and Authentication
|IA||Identification and Authentication
|-
|-
|IBAC||Identity-Based Access Control
|IBAC||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity-Based Access Control]
|-
|-
|IC3||Internet Crime Complaint Center
|IC3||[https://en.wikipedia.org/wiki/Internet_Crime_Complaint_Center Internet Crime Complaint Center]
|-
|-
|ICAM||Identity, Credential, and Access Management
|ICAM||[https://cmmcwiki.org/index.php/Model_Glossary#I Identity, Credential, and Access Management]
|-
|-
|ICS||Industrial Control System
|ICS||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Control System]
|-
|-
|ID||Identification
|ID||[https://cmmcwiki.org/index.php/Model_Glossary#I Identification]
|-
|-
|IDA||Identification and Authentication
|IDA||Identification and Authentication
|-
|-
|IDPS||Intrusion Detection and Prevention Systems
|IDPS||[https://en.wikipedia.org/wiki/Intrusion_detection_system Intrusion Detection and Prevention Systems]
|-
|-
|IEC||International Electrotechnical Commission
|IEC||[https://en.wikipedia.org/wiki/International_Electrotechnical_Commission International Electrotechnical Commission]
|-
|-
|IETF||Internet Engineering Task Force
|IETF||[https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force Internet Engineering Task Force]
|-
|-
|IIoT||Industrial Internet of Things
|IIoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Industrial Internet of Things]
|-
|-
|IoT||Internet of Things
|IoT||[https://cmmcwiki.org/index.php/Model_Glossary#I Internet of Things]
|-
|-
|IP||Internet Protocol
|IP||[https://en.wikipedia.org/wiki/Internet_Protocol Internet Protocol]
|-
|-
|IPSec||Internet Protocol Security
|IPSec||[https://en.wikipedia.org/wiki/IPsec Internet Protocol Security]
|-
|-
|IR||Incident Response
|IR||[https://cmmcwiki.org/index.php/Model_Glossary#I Incident Response]
|-
|-
|IS||Information System
|IS||[https://cmmcwiki.org/index.php/Model_Glossary#I Information System]
|-
|-
|ISAC||Information Sharing and Analysis Center
|ISAC||[https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center Information Sharing and Analysis Center]
|-
|-
|ISAO||Information Sharing and Analysis Organization
|ISAO||Information Sharing and Analysis Organization
Line 219: Line 219:
|ISCM||Information Security Continuous Monitoring
|ISCM||Information Security Continuous Monitoring
|-
|-
|ISDN||Integrated Services Digital Network
|ISDN||[https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network Integrated Services Digital Network]
|-
|-
|ISO||International Organization for Standardization
|ISO||[https://en.wikipedia.org/wiki/International_Organization_for_Standardization International Organization for Standardization]
|-
|-
|IT||Information Technology
|IT||[https://en.wikipedia.org/wiki/Information_technology Information Technology]
|-
|-
|ITIL||Information Technology Infrastructure Library
|ITIL||[https://en.wikipedia.org/wiki/ITIL Information Technology Infrastructure Library]
|}
|}


Line 232: Line 232:
|L#||Level Number
|L#||Level Number
|-
|-
|LAN||Local Area Network
|LAN||[https://en.wikipedia.org/wiki/Local_area_network Local Area Network]
|-
|-
|LSI||Large-Scale Integration
|LSI||[https://en.wikipedia.org/wiki/Integrated_circuit#LSI Large-Scale Integration]
|}
|}



Revision as of 23:39, 26 February 2022

Source of Reference: The official CMMC Glossary from the Office of the Under Secretary of Defense Acquisition & Sustainment.

For inquiries and reporting errors on this wiki, please contact us. Thank you.

A

AA Audit and Accountability
ABAC Attribute-Based Access Control
AC Access Control
ACSC Australian Cyber Security Centre
AES Advanced Encryption Standard
AIA Aerospace Industries Association
AM Asset Management
API Application Programming Interface
APT Advanced Persistent Threat
AT Awareness and Training
AU Audit and Accountability

B

BYOD Bring Your Own Device

C

C2M2 Cybersecurity Capability Maturity Model
C3PAO CMMC Third-Party Assessment Organization
CA Security Assessment
CD-ROM Compact Disc Read-Only Memory
CDI Covered Defense Information
CEA Council of Economic Advisers
CERT Computer Emergency Response Team
CERT RMM CERT® Resilience Management Model
CFR Code of Federal Regulations
CI Configuration Item
CIO Chief Information Officer
CIS Computer Information System
CIS Center for Internet Security
CISA Cybersecurity and Infrastructure Security Agency
CM Configuration Management
CMMC Cybersecurity Maturity Model Certification
CNSSD [Committee on National Security Systems Directive Committee on National Security Systems] Directive
CNSSI [Committee on National Security Systems Directive Committee on National Security Systems] Instructions
COMSEC Communications Security
CPI Critical Program Information
CSF Cybersecurity Framework
CSIS Center for Strategic and International Studies
CSP Credential Service Provider
CTI Controlled Technical Information
CUI Controlled Unclassified Information
CVE Common Vulnerabilities and Exposures
CVMP Cryptographic Module Validation Program
CWE Common Weakness Enumeration

D

D/A Department/Agency
DCISE DIB Collaborative Information Sharing Environment
DCS Distributed Control System
DD Represents any two-character CMMC Domain acronym
DFARS Defense Federal Acquisition Regulation Supplement
DHC Device Health Check
DIB Defense Industrial Base
DKIM DomainKeys Identified Mail
DMARC Domain-based Message Authentication, Reporting, and Conformance
DMZ Demilitarized Zone
DNS Domain Name System
DNSSEC Domain Name System Security
DoD Department of Defense
DoDI Department of Defense Instruction
DPCI Derived PIV Credential Issuers
DVD Digital Versatile Disc

E

E.O. Executive Order
eSATA External Serial Advanced Technology Attachment
ESP External Service Provider

F

FAQ Frequently Asked Question
FAR Federal Acquisition Regulation
FBI Federal Bureau of Investigation
FCI Federal Contract Information
FDDI Fiber Distributed Data Interface
FDE Full Disk Encryption
FedRAMP Federal Risk and Authorization Management Program
FFRDC Federally Funded Research and Development Center
FIPS Federal Information Processing Standard
FTP File Transfer Protocol

G

GDPR General Data Protection Regulation

H

HIPAA Health Insurance Portability and Accountability Act
HSPD Homeland Security Presidential Directive
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
HVA High-Value Asset

I

IA Information Assurance
IA Identification and Authentication
IBAC Identity-Based Access Control
IC3 Internet Crime Complaint Center
ICAM Identity, Credential, and Access Management
ICS Industrial Control System
ID Identification
IDA Identification and Authentication
IDPS Intrusion Detection and Prevention Systems
IEC International Electrotechnical Commission
IETF Internet Engineering Task Force
IIoT Industrial Internet of Things
IoT Internet of Things
IP Internet Protocol
IPSec Internet Protocol Security
IR Incident Response
IS Information System
ISAC Information Sharing and Analysis Center
ISAO Information Sharing and Analysis Organization
ISCM Information Security Continuous Monitoring
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
IT Information Technology
ITIL Information Technology Infrastructure Library

L

L# Level Number
LAN Local Area Network
LSI Large-Scale Integration

M

MA Maintenance
MAC Media Access Control
MC Maturity Capability
MC## Maturity Capability Number
MDM Mobile Device Management
MEP Manufacturing Extension Partnership
MFA Multifactor Authentication
ML Maturity Level
ML# Maturity Level Number
MMC Multimedia Card
MP Media Protection
N/A Not Applicable (NA)
NARA National Archives and Records Administration
NAS Networked Attached Storage
NAS National Aerospace Standard
NCSC National Cyber Security Centre
NIST National Institute of Standards and Technology
NISTIR NIST Interagency (or Internal) Report
NPE Non-Person Entity
NSA National Security Agency
NSA/CSS NSA Central Security Service
NSPD National Security Presidential Directive
NSTISSD National Security Telecommunications and Information Systems Security Directive
NTP Network Time Protocol
NYSSCPA New York State Society of CPAs

O

OMB Office of Management and Budget
OS Operating System
OSC Organization Seeking Certification
OT Operational Technology
OUSD A&S Office of the Under Secretary of Defense for Acquisition and Sustainment

P

PCI Personal Identity Verification Card Issuers
PDA Personal Digital Assistant
PE Physical Protection
PGP Pretty Good Privacy
PII Personally Identifiable Information
PIV Personal Identify Verification
PKI Public Key Infrastructure
PLC Programmable Logic Controller
POC Point of Contact
POTS Plain Old Telephone Service
PP Physical Protection
PPD Presidential Policy Directive
PS Personnel Security
PUB Publication

R

RADIUS Remote Authentication Dial-in User Service
RE Recovery
Rev Revision
RF Radio Frequency
RFC Request for Comments
RM Risk Management
RMM Resilience Management Model
RMM Risk Management Model
RPO Recovery Point Objectives
RTO Recovery Time Objectives

S

SA Situational Awareness
SaaS Software as a Service
SAS Security Assessment
SC System and Communications Protection
SCADA Supervisory Control and Data Acquisition
SCRM Supply Chain Risk Management
SHA Security Hash Algorithm
SI System and Information Integrity
SIEM Security Integration and Event Management
SMS Short Message Service
SOC Security Operations Center
SP Special Publication
SPF Sender Policy Framework
SSC Secure Socket Layer
SSD Solid-State Disk
SSP System Security Plan
SSP Sector Specific Plan

T

TLS Transport Layer Security
TTP Tactics, Techniques, and Procedures

U

U.S. United States
UARC University Affiliated Research Center
UK United Kingdom
UMD Universal Media Disc
URL Uniform Resource Locator
USB Universal Serial Bus
UTC Coordinated Universal Time
UUENCODE Unix-to-Unix Encode

V

VLAN Virtual Local Area Network
VoIP Voice over Internet Protocol
Vol. Volume
VPN Virtual Private Network

W

WAP Wireless Access Point
WPA2-PSK WiFi Protected Access-Pre-shared Key

X

xD Extreme Digital (flash memory card device)