Information Security Abbrevations

Below is a list of commonly used abbrevations. These are not unique just to penetration testing or information security; We have included those associated with anything related to a penetration test project.

Yeahhub Logo
AAA Authentication, Authorization, and Accounting
AC Actual Cost
ACDF Access Control Decision Function
ACI Access Control Information
ACL Access Control List
ACWP Actual Cost of Work Performed
AD Active Directory/Activity Description
ADM Arrow Diagramming Method
AES Advanced Encryption Standard
AF Actual Finish Date
ADRP Army's DISN Router Program
ADSL Asymmetric Digital Subscriber Line
AFIWC Air Force Information Warfare Center
AH Authentication Header
AIS Automated Information System
API Application Program Interface
ASCII American Standard Code for Information Interchange
ANS1 Abstract Syntax Notation
ARP Address Resolution Protocol
AS Actual Start Date
ATM Asynchronous Transfer Mode
AV Antivirus
BAC Budget at Completion
BAPI Biometrics Application Program Interface
BCA Bridge Certificate Authority
BCWP Budgeted Cost of Work Performed
BCWS Budgeted Cost of Work Scheduled
BIOS Basic Input/Output System
BN Backbone Network
BOM Bill of Materials
BOOTP Boot Protocol
BSD Berkley Software Design
C&A Certification and Accreditation
C/AII Corporate/Agency Information Infrastructure
C2 Command and Control
C4I Command, Control, Communications, Computer, and Intelligence
CA Certification Authority/Control Account
CALEA Communications Assistance for Law Enforcement Act
CAN Campus Area Network
CAP Control Account Plan
CAPI Cryptographic Application Programming Interface
CAT Common Authentication Technology
CAW Certificate Authority Workstation
CC Common Criteria
CCB Change Control Board
CCE Common Configuration Enumeration
CCI Controlled Cryptographic Item
CDMA Code Division Multiple Access
CDR Critical Design Review
CDSA Common Data Security Architecture
CERT Computer Emergency Response Team
CFD Common Fill Devices
CGE Cisco Global Exploiter
CGI Common Gateway Interface
CH Correspondence Host
CI Cryptographic Interface/Configuration Item
CIO Chief Information Officer
CIAC Computer Incident Advisory Capability
CIDF Common Instruction Detection Framework
CIK Crypto-Ignition Key
CIRT Computer Incident Response Team
CISO Chief Information Security Officer
CKL Compromised Key List
CM Configuration Management
CMA Certificate Management Authority
CMI Certificate Management Infrastructure
CMIP Common Management Information Protocol
CMP Certificate Management Protocols
CMS Certificate Management Systems
CMUA Certificate Management User Agent
COA Course of Action
COE Common Operating Environment
COMSEC Communications Security
CONOPS Concept of Operations
COQ Cost of Quality
CORBA Common Object Request Broker Architecture
COTS Commercial-Off-The-Shelf
CP Certificate Policy/Critical Path
CPF Cost Plus Fee
CPI Cost Performance Index
CPM Critical Path Method
CPS Certification Practice Statement
CRL Certificate Revocation List
CSA Computer Security Act
CSP Cryptographic Service Provider
CSRA Critical Security Requirement Areas
CSSM Common Security Services Manager
CTO Chief Technology Officer
CV Compliance Validation/Cost Variance
CVE Common Vulnerability and Exposures
CVI Compliance Validation Inspection
CVSD Continuously Variable Slope Detection
CVSS Common Vulnerability Scoring System
CWBS Contract Work Breakdown Structure
CWE Common Weakness Enumeration
DAA Designated Approving Authority
DAC Discretionary Access Control
DAP Directory Access Protocol
DD Data Date
DER Distinguished Encoding Rules
DES Data Encryption Standard
DHCP Dynamic Host Control Protocol
DIT Directory Information Tree
DMS Defense Messaging System
DMZ Demilitarized Zone
DN Distinguished Name
DNS Domain Name Server
DNSSEC Domain Name System Security
DOS Denial of Service
DSA Directory Service Agents
DU Duration
EAC Estimate at Completion
EAL Evaluation Assurance Level
ECAs External Certificate Authorities
EF Early Finish Date
EKMS Electronic Key Management System
EMV Expected Monetary Value
ESM Encapsulating Security Management
ES Early Start Date
ESP Encapsulating Security Payload
ETC Estimate to Complete
EUT End User Terminal
EV Expected Value/Earned Value
FedCIRC Federal Computer Incident Response Center
FF Finish-to-Finish/Free Float
FFP Firm-Fixed-Price
FIPS Federal Information Processing Standards
FIRST Forum of Incident Response and Security Team
FISMA Federal Information Processing Standards
FMEA Failure Mode and Effect Analysis
FPIF Fixed-Price-Incentive-Fee
FrSIRT French Security Incident Response Team
FS Finish-to-Start
FSRS Functional Security Requirements for Specification
FTP File Transfer Protocol
FW Firewall
GSAKMP Group Service Association Key Management Protocol
GUI Graphical User Interface
GULS General Upper Layer Security
HAG High Assurance Guard
HF High Frequency
HTML Hyper Text Markup Language
HTTP Hyper Text Transfer Protocol
I&A Identification and Authentication
IA Information Assurance
IAM INFOSEC Assessment Methodology
IATF Information Assurance Technical Framework
IBAC Identity Based Access Control
IC Intelligence Community
ICMP Internet Control Message Protocol
ICRLA Indirect Certificate Revocation List Authority
ID Identifier
IDPS Intrusion Detection and Prevention System
IDS Intrusion Detection System
IDUP Independent Data Unit Protection
IEEE Institute of Electrical and Electronics Engineers
IEM INFOSEC Evaluation Methodology
IETF Internet Engineering Task Force
IFB Invitation for Bid
IIS Internet Information Server
IKE Internet Key Exchange
ILS Integrated Logistics Support
IMAP Internet Mail Access Protocol
INE Inline Network Encryptor
INFOSEC Information Security
IP Internet Protocol
IPN Information Protection Network
IPS Intrusion Prevention System
IPSec Internet Protocol Security
IPX Internet Packet Exchange
IR Infrared
IS Information Systems
ISAKMP Internet Security Association and Key Management Protocol
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
ISSAF Information System Security Assessment Framework
ISSO Information Systems Security Organization
IT Information Technology
ITL Information Technology Laboratory
IW Information Warfare
KMI Key Management Infrastructure
LAN Local Area Network
LDAP Lightweight Directory Access Protocol
LDM/KP Local Management Device/Key Processor
LF Late Finish Date
LOE Level of Effort
LPD Low Probability of Detection
LPI Low Probability of Intercept
LRA Local Registration Authority
LS Late Start Date
MAC Mandatory Access Control
MAN Metropolitan Area Network
MD5 Message Digest 5
MILS Multiple, Independent Security Levels
MIME Multipurpose Internet Mail Extension
MSN Mission Needs Statement
MoE Measure of Effectiveness
MSP Message Security Protocol
MTA Message Transfer Protocol
MTS Message Transfer System
NAT Network Address Translation
NES Network Encryption System
NIC Network Interface Card
NIS Network Information System
NIPC National Infrastructure Protection Center
NIST National Institute of Standards and Technology
NOS Network Operating System
NSA Network Security Agency
NSF Network Security Framework
NVD National Vulnerability Database
OBS Organizational Breakdown Structure
OD Original Duration
OIG Office of Inspector General
OMB Office of Management and Budget
OPSEC Operational Security
ORD Operational Requirements Documents
OS Operating System
OSI Open Systems Interconnection
OSSTMM Open Source Security Testing Methodology Manual
OWASP Open Web Application Security Project
P2P Peer-to-Peer
PAA Policy Approving Authority
PBX Private Branch Exchange
PC Percent Complete
PCA Policy Creation Authority
PCI Protocol Control Information
PDA Personal Digital Assistant
PDM Precedence Diagramming Method
PERL Practical Extraction and Reporting Language
PF Planned Finish Date
PGP Pretty Good Privacy
PII Personally Identifiable Information
PIN Personal Identification Number
PKCS Public Key Cryptographic Standards
PKI Public Key Infrastructure
PM Project Manager/Project Management
PMA Policy Management Authority
PMBOK Project Management Body of Knowledge
PMIS Project Management Information System
PMO Project Management Office
PMP Project Management Professional
PPP Point-to-Point Protocol
PS Planned Start Date
PSTN Public Switched Telephone Network
PSWBS Project Summary Work Breakdown Structure
PV Planned Value
QA Quality Assurance
QC Quality Control
QOS Quality of Service
RADIUS Remote Access Dial In User Service
RAM Responsibility Assignment Matrix
RBAC Rule Based Access Control
RBR Rule-Based Reasoning
RBS Resource Breakdown Structure/Risk Breakdown Structure
RD Remaining Duration
RFC Request for Comment
RFP Request for Proposal
RFQ Request for Quotation
ROE Rules of Engagement
RTM Requirements Traceability Matrix
S/MIME Secure/Multipurpose Internet Mail Extension
SCADA Supervisory Control and Data Acquisition
SCAP Security Content Automation Protocol
SDD Secure Data Device
SDE Secure Data Exchange
SDLC System Development Life Cycle
SET Secure Electronic Transaction
SF Scheduled Finish Date/Start to Finish
SFTP Secure File Transfer Protocol
SHA Secure Hashing Algorithm
SID System Identfication
SIP Session Initiation Protocol
SKM Symmetric Key Management
SLA Service Level Agreements
SMB Server Message Block
SME Subject Matter Expert
SMI Security Management Infrastructure
SMIB Security Management Information Base
SMTP Simple Mail Transfer Protocol
SNMP Simple Network Management Protocol
SOW Statement of Work
SPG Security Program Group
SPI Schedule Performance Index
SS Scheduled Start Date/Start to Start
SSA System Security Administrator
SSAA System Security Authorization Agreement
SSH Secure Shell
SSID Service Set Identifier
SSL Secure Sockets Layer
SSN Social Security Number
STE Security Test and Evaluation
SV Schedule Variance
SWOT Strengths, Weaknesses, Opportunities, and Threats
TC Target Completion Date
TCB Trusted Computing Base
TCP Transmission Control Protocol
TCP/IP Transmission Control Protocol/Internet Protocol
TDMA Time Division Multiple Access
TF Target Finish Date/Total Float
TFTP Trivial File Transfer Protocol
TLS Transport Layer Security
TM Time and Material
TOE Target of Evaluation
TPEP Trust Product Evaluation Program
TQM Total Quality Management
TS Target Start Date
TTP Trusted Third Party
UDP User Datagram Protocol
URL Uniform Resource Locator
USB Universal Serial Bus
VE Value Engineering
VM Virtual Machine
VoIP Voice over Internet Protocol
VPN Virtual Private Network
WAN Wide Area Network
WBS Work Breakdown Structure
WEP Wired Equivalent Privacy
WIDPS Wireless Intrusion Detection and Prevention System
WIFI Wireless Fidelity
WLAN Wireless Local Area Network
WPA Wi-Fi Protected Access
WVE Wireless Vulnerabilities and Exploits
XML Extensible Markup Language