Acronyms and Abbreviations

From CMMC Toolkit Wiki
Revision as of 00:11, 21 February 2022 by Wikiadmin (talk | contribs)
Jump to navigation Jump to search

Source of Reference: The official CMMC Glossary from the Office of the Under Secretary of Defense Acquisition & Sustainment.

For inquiries and reporting errors on this wiki, please contact us. Thank you.

A

AA Audit and Accountability
ABAC Attribute-Based Access Control
AC Access Control
ACSC Australian Cyber Security Centre
AES Advanced Encryption Standard
AIA Aerospace Industries Association
AM Asset Management
API Application Programming Interface
APT Advanced Persistent Threat
AT Awareness and Training
AU Audit and Accountability

B

BYOD Bring Your Own Device

C

C2M2 Cybersecurity Capability Maturity Model
C3PAO CMMC Third-Party Assessment Organization
CA Security Assessment
CD-ROM Compact Disc Read-Only Memory
CDI Covered Defense Information
CEA Council of Economic Advisers
CERT Computer Emergency Response Team
CERT RMM CERT® Resilience Management Model
CFR Code of Federal Regulations
CI Configuration Item
CIO Chief Information Officer
CIS Computer Information System
CIS Center for Internet Security
CISA Cybersecurity and Infrastructure Security Agency
CM Configuration Management
CMMC Cybersecurity Maturity Model Certification
CNSSD Committee on National Security Systems Directive
CNSSI Committee on National Security Systems Instructions
COMSEC Communications Security
CPI Critical Program Information
CSF Cybersecurity Framework
CSIS Center for Strategic and International Studies
CSP Credential Service Provider
CTI Controlled Technical Information
CUI Controlled Unclassified Information
CVE Common Vulnerabilities and Exposures
CVMP Cryptographic Module Validation Program
CWE Common Weakness Enumeration

D

D/A Department/Agency
DCISE DIB Collaborative Information Sharing Environment
DCS Distributed Control System
DD Represents any two-character CMMC Domain acronym
DFARS Defense Federal Acquisition Regulation Supplement
DHC Device Health Check
DIB Defense Industrial Base
DKIM Domain Key Identified Mail
DMARC Domain-based Message Authentication, Reporting, and Conformance
DMZ Demilitarized Zone
DNS Domain Name System
DNSSEC Domain Name System Security
DoD Department of Defense
DoDI Department of Defense Instruction
DPCI Derived PIV Credential Issuers
DVD Digital Versatile Disc

E

E.O. Executive Order
eSATA External Serial Advanced Technology Attachment
ESP External Service Provider

F

FAQ Frequently Asked Question
FAR Federal Acquisition Regulation
FBI Federal Bureau of Investigation
FCI Federal Contract Information
FDDI Fiber Distributed Data Interface
FDE Full Disk Encryption
FedRAMP Federal Risk and Authorization Management Program
FFRDC Federally Funded Research and Development Center
FIPS Federal Information Processing Standard
FTP File Transfer Protocol

G

GDPR General Data Protection Regulation

H

HIPAA Health Insurance Portability and Accountability Act
HSPD Homeland Security Presidential Directive
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
HVA High-Value Asset

I

IA Information Assurance
IA Identification and Authentication
IBAC Identity-Based Access Control
IC3 Internet Crime Complaint Center
ICAM Identity, Credential, and Access Management
ICS Industrial Control System
ID Identification
IDA Identification and Authentication
IDPS Intrusion Detection and Prevention Systems
IEC International Electrotechnical Commission
IETF Internet Engineering Task Force
IIoT Industrial Internet of Things
IoT Internet of Things
IP Internet Protocol
IPSec Internet Protocol Security
IR Incident Response
IS Information System
ISAC Information Sharing and Analysis Center
ISAO Information Sharing and Analysis Organization
ISCM Information Security Continuous Monitoring
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
IT Information Technology
ITIL Information Technology Infrastructure Library

L

L# Level Number
LAN Local Area Network
LSI Large-Scale Integration

M

MA Maintenance
MAC Media Access Control
MC Maturity Capability
MC## Maturity Capability Number
MDM Mobile Device Management
MEP Manufacturing Extension Partnership
MFA Multifactor Authentication
ML Maturity Level
ML# Maturity Level Number
MMC Multimedia Card
MP Media Protection
N/A Not Applicable (NA)
NARA National Archives and Records Administration
NAS Networked Attached Storage
NAS National Aerospace Standard
NCSC National Cyber Security Centre
NIST National Institute of Standards and Technology
NISTIR NIST Interagency (or Internal) Report
NPE Non-Person Entity
NSA National Security Agency
NSA/CSS NSA Central Security Service
NSPD National Security Presidential Directive
NSTISSD National Security Telecommunications and Information Systems Security Directive
NTP Network Time Protocol
NYSSCPA New York State Society of CPAs

O

OMB Office of Management and Budget
OS Operating System
OSC Organization Seeking Certification
OT Operational Technology
OUSD A&S Office of the Under Secretary of Defense for Acquisition and Sustainment

P

PCI Personal Identity Verification Card Issuers
PDA Personal Digital Assistant
PE Physical Protection
PGP Pretty Good Privacy
PII Personally Identifiable Information
PIV Personal Identify Verification
PKI Public Key Infrastructure
PLC Programmable Logic Controller
POC Point of Contact
POTS Plain Old Telephone Service
PP Physical Protection
PPD Presidential Policy Directive
PS Personnel Security
PUB Publication

R

Rev RF RFC RM RMM RMM RPO RTO SA SaaS SAS SC SHA SI SIEM SOC SP SPF SSC SSD SSP SSP TLS Acronyms and Abbreviations CMMC Glossary and Acronyms  Version 2.0 U.S. UARC UK UMD URL USB UTC UUENCODE VLAN VoIP Vol. VPN WAP WPA2-PSK xD
RADIUS Remote Authentication Dial-in User Service RE Recovery
Revision
Radio Frequency
Request for Comments
Risk Management
Resilience Management Model
Risk Management Model
Recovery Point Objectives
Recovery Time Objectives
Situational Awareness
Software as a Service
Security Assessment
System and Communications Protection SCADA Supervisory Control and Data Acquisition SCRM Supply Chain Risk Management
Security Hash Algorithm
System and Information Integrity
Security Integration and Event Management SMS Short Message Service
Security Operations Center
Special Publication
Sender Policy Framework
Secure Socket Layer
Solid-State Disk
System Security Plan
Sector Specific Plan
Transport Layer Security
34  



TTP

Tactics, Techniques, and Procedures
United States
University Affiliated Research Center
United Kingdom
Universal Media Disc
Uniform Resource Locator
Universal Serial Bus
Coordinated Universal Time
Unix-to-Unix Encode
Virtual Local Area Network
Voice over Internet Protocol
Volume
Virtual Private Network
Wireless Access Point
WiFi Protected Access-Pre-shared Key
Extreme Digital (flash memory card device)