List of acronyms from CompTIA's official exam guide, and more.
Originally created for Cybr's CompTIA Security+ course and practice exams
Bolded terms were terms that I personally saw on my version of the exam. Keep in mind you won’t necessarily get the same questions I got so don’t just study for those terms…I just wanted to give you an idea of what to expect.
Please note:
This list is still a work in progress. I'm working on cleaning it up, and some acronyms don't have definitions yet. Please bear with me as I get that done :)...also, you're welcome to contribute by commenting on this page!
Permissions:
Feel free to use this list however you see fit as long as you do not commercialize it. All I ask for in return is that you give Cybr's course a link back :)
Acronyms
- 3DES (Triple Digital Encryption Standard)
- Deprecated and considered insecure. Replaced by AES
- Symmetric
- Applies the DES cipher algorithm 3 times to each data block
- AAA (Authentication, Authorization, and Accounting)
- Often used to describe RADIUS, or some other form of networking protocol that provides Authentication, Authorization, and Accounting
- ABAC (Attribute-based Access Control)
- Rights granted through policies that combine attributes together
- Active Directory
- Database and identity service used to provide identity management
- Explanation
- ACL (Access Control List)
- Set of rules that allow/permit or deny any traffic flow through routers
- Looks at the packet to determine whether it should be allowed or denied
- Works at layer 3 to provide security by filtering & controlling the flow of traffic from one router to another
- AES (Advanced Encryption Standard)
- Industry-standard for data security
- 128-bit, 192-bit, or 256-bit (strongest) implementations
- AES256 (Advanced Encryption Standards 256bit)
- This is the 256-bit implementation of AES
- The 256 references the bit size of keys
- AH (Authentication Header)
- Used to authenticate origins of packets of data transmitted
- These headers don’t hide any data from attackers, but they do provide proof that the data packets are from a trusted source and that the data hasn’t been tampered with
- Helps protect against replay attacks
- AI (Artificial Intelligence)
- For the exam, be aware of what’s called data poisoning (or tainted training) & adversarial AI
- AIS (Automated Indicator Sharing)
- DHS and CISA free program
- Enables organizations to share and receive machine-readable cyber threat indicators (CTIs) and defensive measures (DMs) in real-time
- Useful to monitor and defend networks against known threats