Acronyms to Know for Your Certification Exam

Today is Memorial Day, when we honor and remember the members of our armed forces who made the ultimate sacrifice to keep America free. 

I teach a variety of information technology and cybersecurity courses, and there are tons of acronyms to learn well enough to be able to translate them back into English in order to answer certification exam questions.  Often, the exam question will use the acronym and assume you know the meaning.

I came across a list of 70 acronyms on the SecureWorld blog, and just had to share them with my students and other test preppers out there.  This list is extensive, but not exhaustive, and applies to all the certification exams I have ever taken.  The list is below.

The image is from a blog post by Russell Aaron, The Three Letter Acronym and Why They Suck. He has a much shorter list, but there is no duplication, and you need to know these terms too.  Click through the link to find those TLAs.

Here is a glossary from (ISC)2 for the CISSP certifiction

I have an acronym list of my own, Protocols Flash Cards, and, Ports Flash Cards and you can download it here.

Click here for the downloadable PDF glossary.

# Acronym Stands for Definition
1 APT Advanced Persistent Threat A cyber attack that continuously uses advanced techniques to conduct cyber espionage or crime
2 APWG Anti-Phishing Working Group An international consortium that brings together businesses affected by phishing attacks with security companies, law enforcement, government, trade associations, and others.
3 AV Antivirus A computer program used to prevent, detect, and remove malware.
4 AVIEN Anti-Virus Information Exchange Network A group of Antivirus and security specialists who share information regarding AV companies, products, malware and other threats.
5 CAPTCHA Completely Automated Public Turing Test to Tell Computers and Humans Apart A response test used in computing, especially on websites, to confirm that a user is human instead of a bot.
6 CARO Computer Antivirus Research Organization An organization established in 1990 to study malware.
7 CAVP Cryptographic Algorithm Validation Program This program provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms and individual components. Cryptographic algorithm validation is necessary precursor to cryptographic module validation.
8 CBC Cipher Block Chaining Operation for a block cipher using an initialization vector and a chaining mechanism. This will cause the decryption of a block of cipher text to depend on preceding cipher text blocks.
9 CBC-MAC Cipher Block Chaining Message Authentication Code This constructs a message authentication code from a block cipher. The message is encrypted with some block cipher algorithm in CBC mode. This creates a chain of blocks with each block depending on the correct encryption of the previous block.
10 CERIAS Center for Education and Research in Information Assurance and Security A part of Purdue University dedicated to research and education in information security.
11 CERT Computer Emergency Response Team In this case, an expert group that handles computer security incidents and alerts organizations about them.
12 CHAP Challenge-Handshake Authentication Protocol A protocol for authentication that provides protection against replay attacks through the use of a changing identifier and a variable challenge-value.
13 CIRT Computer Incident Response Team A group that handles events involving computer security and data breaches.
14 CIS Center for Internet Security A 501 nonprofit organization with a mission to “Identify, develop, validate, promote, and sustain best practice solutions for cyber defense and build and lead communities to enable an environment of trust in cyberspace.”
15 CISA Certified Information Systems Auditor Professionals who monitor, audit, control, and assess information systems.
16 CISM Certified Information Systems Security Manager A certification offered by ISACA which “Demonstrates your understanding of the relationship between an information security program and broader business goals and objectives.”
17 CISO Chief Information Security Officer The CISO is the executive responsible for an organization’s information and data security. Increasingly, this person aligns security goals with business enablement or digital transformation. CISOs are also increasingly in a “coaching role” helping the business manage cyber risk. This is according to Ponemon Institute research.
18 CISSP Certified Information Systems Security Professional The CISSP is a security certification for security analysts, offered by ISC(2). It was designed to indicate a person has learned certain standardized knowledge in cybersecurity.
19 CNAP Cybersecurity National Action Plan A U.S. plan to enhance cybersecurity awareness and protections, protect privacy, maintain public safety, and economic and national security.
20 CNCI Comprehensive National Cybersecurity Initiative A U.S. government initiative designed to establish a front line of defense against network intrusion, defend the U.S. against the threats through counterintelligence, and strengthen the cybersecurity environment.
21 CND Computer Network Defense CND is defined by the U.S. military as defined by the US Department of Defense (DoD) as, “Actions taken through the use of computer networks to protect, monitor, analyze, detect, and respond to unauthorized activity within Department of Defense information systems and computer networks.” This style of defense applies to the private sector as well.
22 COBIT Control Objectives for Information and Related Technologies An IT management including practices, tools and models for risk management and compliance.
23 CSEC Cyber Security Education Consortium  The CSEC, also known as the CEC, partners with educators and the broader cybersecurity community to ensure students are prepared to lead and be changemakers in the cybersecurity workforce.
24 CSA Cloud Security Alliance The Cloud Security Alliance is the world’s leading organization for defining best practices in cloud cybersecurity. It also provides a cloud security provider certification program, among other things.
25 CSO Chief Security Officer In some cases, the Chief Security Officer is in charge of an organization’s entire security posture or strategy. This includes both physical security and cybersecurity. In other cases, this title belongs to the senior most role in charge of cybersecurity.
26 CSSIA Center for Systems Security and Information Assurance The CSSIA is a U.S. leader in training cybersecurity educators. It provides these teachers and professors with real-world learning experiences in information assurance and network security.
27 CVE Common Vulnerabilities and Exposures CVE® is a list of entries—each containing an identification number, a description, and at least one public reference—for publicly known cybersecurity vulnerabilities. CVE Entries are used in numerous cybersecurity products and services from around the world, including the U.S. National Vulnerability Database (NVD).
28 CVSS Common Vulnerability Scoring System An industry standard for rating the severity of security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat.
29 DDoS Distributed Denial of Service A distributed denial-of-service (DDoS) attack attempts to disrupt normal traffic of a targeted server, service or network to make a service such as a website unusable by “flooding” it with malicious traffic or data from multiple sources (often botnets).
30 DLP Data Loss Prevention An information security strategy to protect corporate data. DLP is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users, either inside or outside of an organization.
31 DNS attack Domain Name Server DNS uses the name of a website to redirect traffic to its owned IP address. should take you to Amazon’s website, for example. During this type of attack, which is complex and appears in several ways, cybercriminals can redirect you to another site for their own purposes. This attack takes advantage of the communication back and forth between clients and servers.
32 EDR Endpoint Detection & Response Endpoint Detection & Response solutions are designed to detect and respond to endpoint anomalies. EDR solutions are not designed to replace IDPS solutions or firewalls but extend their functionality by providing in-depth endpoint visibility and analysis. EDR uses different datasets, which facilitates advanced correlations and detection.
33 FISMA Federal Information Security Management Act FISMA is United States legislation which requires each federal agency to develop, document, and implement an agency-wide program to provide information security for its information systems and data. The act recognized the importance of information security to the economic and national security interests of the United States.
34 FISMA Federal Information Security Modernization Act (2014) Laws that assigns responsibilities within the U.S. federal government for setting and complying with policies to secure agencies’ information systems. For example, Department of Homeland Security administers cybersecurity policies and the Office of Management and Budget provides oversight.
35 FISSEA Federal Information Systems Security Educators’ Association An organization run by and for information systems security professionals to assist federal agencies in meeting their information systems security awareness, training, and education responsibilities.
36 GRC Governance, Risk Management, and Compliance Three parts of a strategy for managing an organization’s overall governance, enterprise risk management and compliance with regulations. Cybersecurity people, practices and tools play a key part in GRC for many organizations.
37 HTTPS Secure Hypertext Transfer Protocol An extension of the Hypertext Transfer Protocol. It is used for secure communication over a computer network by encrypting the information you send from your computer to another website, for example. It is a means of ensuring privacy, security and also a way of authenticating that the site you’re on is the one you intended to visit.
38 IA Information Assurance Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
39 IAM Identity and access management IAM is a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources. This helps organizations maintain “least privileged” or “zero trust” account access, where employees only have access to the minimum amount of data needed for their roles.
40 IBE Identity-Based Encryption A type of public-key encryption in which the public key of a user is some unique information about the identity of the user, like a user’s email address, for example.
41 IDS/IDP Intrusion Detection/Intrusion Detection and Prevention Intrusion Detection Systems (IDS) analyze network traffic for signatures that match known cyberattacks. Intrusion Prevention Systems (IPS) analyze packets as well, but can also stop the packet from being delivered based on what kind of attacks it detects, helping to stop the attack.
42 ISACA Information Systems Audit and Control Association ISACA provides certifications for IT security, audit and risk management professionals. ISACA also maintains the COBIT framework for IT management and governance. ISACA was incorporated in 1969 by a small group of individuals who recognized a need for a centralized source of information and guidance in the growing field of auditing controls for computer systems. Today, ISACA serves professionals in 180 countries.
43 ISAKMP Internet Security Association and Key Management Protocol A protocol for establishing Security Associations  and cryptographic keys in an Internet environment. ISAKMP only provides a framework for authentication and key exchange and is designed to be key exchange independent.
44 ISAP Information Security Automation Program The ISAP is a U.S. government agency initiative to enable automation and standardization of technical security operations. Its standards based design may benefit those in the private sector as well.
45 (ISC)² International Information Systems Security Certification Consortium A non-profit organization which specializes in training and certification for cybersecurity professionals. Certifications include the CISSP.
46 ISO International Organization for Standardization An organization that develops international standards of many types, including two major information security management standards, ISO 27001 and ISO 27002.
47 ISSA Information Systems Security Association ISSA is a not-for-profit, international organization of information security professionals and practitioners.
48 ISSO Information Systems Security Officer Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.
49 ISSPM Information Systems Security Program Manager The ISSPM, sometimes called an IT Security Manager, coordinates and executes security policies and controls, as well as assesses vulnerabilities within a company. They are often responsible for data and network security processing, security systems management, and security violation investigation.
50 JSM Java Security Manager To use Java security to protect a Java application from performing potentially unsafe actions, you can enable a security manager for the JVM in which the application runs. The security manager enforces a security policy, which is a set of permissions (system access privileges) that are assigned to code sources.
51 MS-ISAC Multi-State Information Sharing and Analysis Center The mission of the MS-ISAC is to improve the overall cybersecurity posture of the nation’s state, local, tribal and territorial governments through focused cyber threat prevention, protection, response, and recovery.
52 MSSP Managed Security Services Provider Provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services.
53 NCS National Cryptologic School A school within the National Security Agency. The NCS provides the NSA workforce and its Intelligence Community and Department of Defense partners highly-specialized cryptologic training, as well as courses in leadership, professional development, and over 40 foreign languages.
54 NCSA National Cyber Security Alliance A non-profit working with the Department of Homeland Security, private sector sponsors, and nonprofit collaborators to promote cyber security awareness for home users, small and medium size businesses, and primary and secondary education.
55 NCSAM National Cyber Security Awareness Month NCSAM is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. It occurs each year in October. The security awareness month started with a joint effort by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance.
56 NCSD National Cyber Security Division A division of the Office of Cyber Security & Communications with the mission of collaborating with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures.
57 NICCS National Initiative for Cybersecurity Careers and Studies An online resource for cybersecurity training that connects government employees, students, educators, and industry with cybersecurity training providers throughout the United States.
58 NICE National Initiative for Cybersecurity Education The mission of NICE is to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development.
59 NISPOM National Industrial Security Program Operating Manual The National Industrial Security Program Operating Manual establishes the standard procedures and requirements for all government contractors, with regards to classified information. It covers the entire field of government-industrial security related matters.
60 NIST National Institute of Standards and Technology In cybersecurity circles, NIST is extremely well known for the NIST Cybersecurity Framework, as well the NIST Risk Management Framework (RMF), NIST 800-53 control guidance, NIST Digital Identity Guidelinesand others. The overall NIST mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.” NIST is part of the U.S. Department of Commerce.
61 OPSEC Operational Security OPSEC is a term derived from the U.S. military and is an analytical process used to deny an adversary information that could compromise the secrecy and/or the operational security of a mission.Performing OPSEC related techniques can play a significant role in both offensive and defensive cybersecurity strategies.
62 OSINT Open Source Intelligence OSINT is information drawn from publicly available data that is collected, exploited, and reported to address a specific intelligence requirement. In the intelligence community, the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).
63 PCI-DSS Payment Card Industry Data Security Standard The Payment Card Industry Data Security Standard (PCI-DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
64 SANS System Administration, Networking, and Security Institute A private company that specializes in information security training and security certification.
65 SIEM Security Information and Event Management Security Information and Event Management (SIEM) technology supports threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of event and contextual sources.
66 SOC Security Operations Center A central location or team within an organization that is responsible for monitoring, assessing and defending security issues.
67 SSO Single Sign-On A system which enables users to securely authenticate themselves with multiple applications and websites by logging in with a single set of credentials.
68 TTP Tactics, Techniques, and Procedures The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lower-level, highly detailed description in the context of a technique.
69 UBA / UEBA User Behavior Analytics UBA tracks a system’s users, looking for unusual patterns of behavior. In cybersecurity, the process helps detect insider threats, and other targeted attacks including financial fraud. User behavior analytics solutions look at patterns of human behavior, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns. This guides efforts to correct unintentional behavior that puts business at risk and risky and intentional deceit.
70 VPN Virtual Private Network By connecting through a VPN, all the data you send and receive travels through an encrypted “tunnel” so that no one can see what you are transmitting or decipher it if they do get a hold of it. VPNs also allow you to hide your physical location and IP address, often displaying the IP address of the VPN service, instead.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.