Bash, the Crucial Exams Chat Bot
AI Bot
CompTIA SecurityX CAS-005 All Acronyms Flashcards
| Front | Back |
| ABAC | Attribute-based Access Control |
| ACL | Access Control List |
| ACME | Automated Certificate Management Environment |
| AEAD | Authenticated Encryption with Associated Data |
| AI | Artificial Intelligence |
| API | Application Programming Interface |
| APT | Advanced Persistent Threat |
| AQL | Ariel Query Language |
| ATT&CK | "Adversarial Tactics, Techniques, and Common Knowledge" |
| BEAST | Browser Exploit against SSL/TLS |
| BIOS | Basic Input/Output System |
| BYOD | Bring Your Own Device |
| C2 | Command and Control |
| CA | Certificate Authority |
| CA/RA | Certificate Authority/Registration Authority |
| CAPEC | Common Attack Pattern Enumeration and Classification |
| CASB | Cloud Access Security Broker |
| CBC | Cipher Block Chaining |
| CCPA | California Consumer Privacy Act |
| CDN | Content Delivery Network |
| CI/CD | Continuous Integration/Continuous Deployment |
| CIS | Center for Internet Security |
| CMDB | Configuration Database Management |
| CNAME | Canonical Name |
| COBIT | Control Objectives for Information and Related Technologies |
| COPPA | Children’s Online Privacy Act |
| COSO | Committee of Sponsoring Organizations of the Treadway Commission |
| CPE | Common Platform Enumeration |
| CPU | Central Processing Unit |
| CRL | Certificate Revocation List |
| CRM | Customer Relationship Manager |
| CSA | Cloud Security Alliance |
| CSPM | Cloud Security Posture Management |
| CSR | Certificate Signing Request |
| CSRF | Cross-site Request Forgery |
| CVE | Common Vulnerabilities and Exposures |
| CVSS | Common Vulnerability Scoring System |
| CWPP | Cloud Workload Protection Platform |
| D3FEND | "Detection, Denial, and Disruption Framework Empowering Network Defense" |
| DAC | Discretionary Access Control |
| DAST | Dynamic Application Security Testing |
| DDoS | Distributed Denial of Service |
| DHCP | Dynamic Host Configuration Protocol |
| DKIM | Domain Keys Identified Mail |
| DLP | Data Loss Prevention |
| DMA | Digital Markets Act |
| DMARC | Domain-based Message Authentication Reporting and Conformance |
| DNS | Domain Name System |
| DNSSEC | Domain Name System Security Extensions |
| DORA | Digital Operational Resilience Act |
| DoS | Denial of Service |
| EAP | Extensible Authentication Protocol |
| ECC | Elliptic Curve Cryptography |
| EDR | Endpoint Detection Response |
| EMI | Electromagnetic Interference |
| EMP | Electromagnetic Pulse |
| EOL | End-of-life |
| FAST | Flexible Authentication via Secure Tunneling |
| FDE | Full Disk Encryption |
| FIDO | Fast Identity Online |
| GDPR | General Data Protection Regulation |
| GPO | Group Policy Objects |
| GRC | "Governance, Risk, and Compliance" |
| HIPS/HIDS | Host-based Intrusion Protection System/Host-based Detection System |
| HKLM | Hkey_Local_Machine |
| HSM | Hardware Security Module |
| HSTS | HTTP Strict Transport Security |
| HTTP | Hypertext Transfer Protocol |
| HTTPS | Hypertext Transfer Protocol Secure |
| HVAC | Heating Ventilation and Air Conditioning |
| IaC | Infrastructure as Code |
| IAM | Identity and Access Management |
| IAST | Interactive Application Security Testing |
| ICS | Industrial Control System |
| IDE | Integrated Development Environment |
| IDS | Intrusion Detection System |
| IEEE | Institute for Electrical and Electronics Engineers |
| IIS | Internet Information Services |
| IKE | Internet Key Exchange |
| IoC | Indicator of Compromise |
| IoT | Internet of Things |
| IPS | Intrusion Prevention System |
| ISAC | Information Sharing and Analysis Centers |
| ISO/IEC | International Organization for Standardization/International Electrotechnical Commission |
| ISP | Internet Service Provider |
| ITIL | Information Technology Infrastructure Library |
| JSON | JavaScript Object Notation |
| JTAG | Joint Test Action Group |
| LAN | Local Area Network |
| LDAP | Lightweight Directory Access Protocol |
| LGPD | General Data Protection Law |
| LLM | Large Language Model |
| MAC | Mandatory Access Control |
| MDM | Mobile Device Management |
| MFA | Multifactor Authentication |
| MIME | Multipurpose Internet Mail Extensions |
| MX | Mail Exchange |
| NAC | Network Access Control |
| NFS | Network File System |
| NIDS | Network-based Intrusion Detection System |
| NIPS | Network-based Intrusion Prevention System |
| NIST CSF | National Institute of Standards and Technology Cybersecurity Framework |
| NTLM | New Technology LAN Manager |
| OAuth | Open Authorization |
| OCSP | Online Certificate Status Protocol |
| OEM | Original Equipment Manufacturer |
| OS | Operating System |
| OSINT | Open-source Intelligence |
| OT | Operational Technology |
| OTP | One-time Password |
| OVAL | Open Vulnerability Assessment Language |
| OWASP | Open Web Application Security Project |
| PaaS | Platform as a Service |
| PAM | Privileged Access Management |
| PCI DSS | Payment Card Industry Data Security Standard |
| PEAP | Protected Extensible Authentication Protocol |
| PII | Personally Identifiable Information |
| PKI | Public Key Infrastructure |
| PQC | Post-quantum Cryptography |
| PTR | Pointer Record |
| QA | Quality Assurance |
| RACI | "Responsible, Accountable, Consulted, and Informed" |
| RADIUS | Remote Authentication Dial-in User Service |
| RASP | Runtime Application Self-protection |
| RAT | Remote Access Trojan |
| RCE | Remote Code Execution |
| RDP | Remote Desktop Protocol |
| REST | Representational State Transfer |
| RF | Radio Frequency |
| RPO | Recovery Point Objective |
| RSA | Rivest-Shamir-Aldeman Encryption Algorithm |
| RTO | Recovery Time Objective |
| S/MIME | Secure/Multipurpose Internet Mail Extensions |
| SaaS | Software as a Service |
| SAE | Simultaneous Authentication of Equals |
| SAML | Security Assertions Markup Language |
| SAN | Storage Area Network |
| SASE | Secure Access Service Edge |
| SAST | Static Application Security Testing |
| SBoM | Software Bill of Materials |
| SCA | Software Composition Analysis |
| SCADA | Supervisory Control and Data Acquisition |
| SCAP | Security Content Automation Protocol |
| SCCM | System Center Configuration Management |
| SCEP | Simple Certificate Enrollment Protocol |
| SCHANNEL | Secure Channel |
| SD-WAN | Software-defined Wide Area Network |
| SDK | Software Development Kit |
| SDLC | Software Development Life Cycle |
| SDN | Software-defined Network |
| SDR | Software-defined Radio |
| SED | Self-encrypting Drive |
| SIEM | Security Information Event Management |
| SLA | Service-level Agreement |
| SOA | Service-oriented Architecture |
| SOAR | "Security Orchestration, Automation, and Response" |
| SoC | System-on-Chip |
| SOC | Security Operations Center |
| SOC 2 | System and Organization Controls 2 |
| SPF | Sender Policy Framework |
| SSD | Solid-state Drive |
| SSH | Secure Shell |
| SSL | Secure Sockets Layer |
| SSO | Single Sign-on |
| STIX | Structured Threat Information eXchange |
| STRIDE | "Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege" |
| TAXII | Trusted Automated Exchange of Indicator Information |
| TIP | Threat Intelligence Platforms |
| TLS | Transport Layer Security |
| TOCTOU | "Time of Check, Time of Use" |
| TOML | "Tom’s Obvious, Minimal Language" |
| TPM | Trusted Platform Module |
| TTPs | "Tactics, Techniques, and Procedures" |
| UBA | User Behavior Analytics |
| UDP | User Datagram Protocol |
| UEBA | User & Entity Behavior Analytics |
| UEFI | Unified Extensible Firmware Interface |
| USB | Universal Serial Bus |
| VDI | Virtual Desktop Environment |
| VLAN | Virtual Local Area Network |
| VPN | Virtual Private Network |
| vTPM | Virtual Trusted Platform Module |
| WAF | Web Application Firewall |
| WIPS | Wireless Intrusion Prevention System |
| WLAN | Wireless Local Area Newtork |
| XCCDF | Extensible Configuration Checklist Description Format |
| XDR | Extended Detection and Response |
| XML | Extensible Markup Language |
| XSS | Cross-site Scripting |
| YAML | Yet Another Markup Language |
| YARA | Yet Another Recursive Acronym |
Front
ACL
Click the card to flip
Back
Access Control List
Front
FDE
Back
Full Disk Encryption
Front
PAM
Back
Privileged Access Management
Front
YAML
Back
Yet Another Markup Language
Front
JSON
Back
JavaScript Object Notation
Front
NFS
Back
Network File System
Front
OCSP
Back
Online Certificate Status Protocol
Front
UDP
Back
User Datagram Protocol
Front
NAC
Back
Network Access Control
Front
QA
Back
Quality Assurance
Front
EOL
Back
End-of-life
Front
FIDO
Back
Fast Identity Online
Front
SaaS
Back
Software as a Service
Front
CPU
Back
Central Processing Unit
Front
IIS
Back
Internet Information Services
Front
SOC
Back
Security Operations Center
Front
TPM
Back
Trusted Platform Module
Front
AI
Back
Artificial Intelligence
Front
TLS
Back
Transport Layer Security
Front
S/MIME
Back
Secure/Multipurpose Internet Mail Extensions
Front
MIME
Back
Multipurpose Internet Mail Extensions
Front
RPO
Back
Recovery Point Objective
Front
SSH
Back
Secure Shell
Front
BIOS
Back
Basic Input/Output System
Front
HVAC
Back
Heating Ventilation and Air Conditioning
Front
NIPS
Back
Network-based Intrusion Prevention System
Front
SCA
Back
Software Composition Analysis
Front
VLAN
Back
Virtual Local Area Network
Front
WAF
Back
Web Application Firewall
Front
RDP
Back
Remote Desktop Protocol
Front
SD-WAN
Back
Software-defined Wide Area Network
Front
GRC
Back
"Governance, Risk, and Compliance"
Front
CVSS
Back
Common Vulnerability Scoring System
Front
CASB
Back
Cloud Access Security Broker
Front
CRM
Back
Customer Relationship Manager
Front
PaaS
Back
Platform as a Service
Front
TAXII
Back
Trusted Automated Exchange of Indicator Information
Front
SDLC
Back
Software Development Life Cycle
Front
UEBA
Back
User & Entity Behavior Analytics
Front
D3FEND
Back
"Detection, Denial, and Disruption Framework Empowering Network Defense"
Front
PKI
Back
Public Key Infrastructure
Front
RAT
Back
Remote Access Trojan
Front
BYOD
Back
Bring Your Own Device
Front
CMDB
Back
Configuration Database Management
Front
DMARC
Back
Domain-based Message Authentication Reporting and Conformance
Front
IEEE
Back
Institute for Electrical and Electronics Engineers
Front
SCADA
Back
Supervisory Control and Data Acquisition
Front
VDI
Back
Virtual Desktop Environment
Front
CDN
Back
Content Delivery Network
Front
ECC
Back
Elliptic Curve Cryptography
Front
RCE
Back
Remote Code Execution
Front
CAPEC
Back
Common Attack Pattern Enumeration and Classification
Front
CSRF
Back
Cross-site Request Forgery
Front
CNAME
Back
Canonical Name
Front
CSPM
Back
Cloud Security Posture Management
Front
DMA
Back
Digital Markets Act
Front
SAML
Back
Security Assertions Markup Language
Front
ABAC
Back
Attribute-based Access Control
Front
PEAP
Back
Protected Extensible Authentication Protocol
Front
CA/RA
Back
Certificate Authority/Registration Authority
Front
WIPS
Back
Wireless Intrusion Prevention System
Front
CPE
Back
Common Platform Enumeration
Front
ICS
Back
Industrial Control System
Front
CWPP
Back
Cloud Workload Protection Platform
Front
BEAST
Back
Browser Exploit against SSL/TLS
Front
RTO
Back
Recovery Time Objective
Front
EDR
Back
Endpoint Detection Response
Front
EMP
Back
Electromagnetic Pulse
Front
WLAN
Back
Wireless Local Area Newtork
Front
JTAG
Back
Joint Test Action Group
Front
SSO
Back
Single Sign-on
Front
vTPM
Back
Virtual Trusted Platform Module
Front
CI/CD
Back
Continuous Integration/Continuous Deployment
Front
DDoS
Back
Distributed Denial of Service
Front
LLM
Back
Large Language Model
Front
ACME
Back
Automated Certificate Management Environment
Front
SASE
Back
Secure Access Service Edge
Front
TOML
Back
"Tom’s Obvious, Minimal Language"
Front
ISAC
Back
Information Sharing and Analysis Centers
Front
LAN
Back
Local Area Network
Front
SSL
Back
Secure Sockets Layer
Front
NIDS
Back
Network-based Intrusion Detection System
Front
OS
Back
Operating System
Front
IoT
Back
Internet of Things
Front
MAC
Back
Mandatory Access Control
Front
DNS
Back
Domain Name System
Front
DAST
Back
Dynamic Application Security Testing
Front
DoS
Back
Denial of Service
Front
IoC
Back
Indicator of Compromise
Front
CIS
Back
Center for Internet Security
Front
OAuth
Back
Open Authorization
Front
IaC
Back
Infrastructure as Code
Front
IAST
Back
Interactive Application Security Testing
Front
OEM
Back
Original Equipment Manufacturer
Front
CVE
Back
Common Vulnerabilities and Exposures
Front
SLA
Back
Service-level Agreement
Front
SOA
Back
Service-oriented Architecture
Front
COPPA
Back
Children’s Online Privacy Act
Front
SCHANNEL
Back
Secure Channel
Front
API
Back
Application Programming Interface
Front
APT
Back
Advanced Persistent Threat
Front
MDM
Back
Mobile Device Management
Front
XML
Back
Extensible Markup Language
Front
IDE
Back
Integrated Development Environment
Front
SAE
Back
Simultaneous Authentication of Equals
Front
XCCDF
Back
Extensible Configuration Checklist Description Format
Front
DNSSEC
Back
Domain Name System Security Extensions
Front
EMI
Back
Electromagnetic Interference
Front
SBoM
Back
Software Bill of Materials
Front
TOCTOU
Back
"Time of Check, Time of Use"
Front
EAP
Back
Extensible Authentication Protocol
Front
SAST
Back
Static Application Security Testing
Front
UBA
Back
User Behavior Analytics
Front
SoC
Back
System-on-Chip
Front
GPO
Back
Group Policy Objects
Front
SIEM
Back
Security Information Event Management
Front
DHCP
Back
Dynamic Host Configuration Protocol
Front
HTTPS
Back
Hypertext Transfer Protocol Secure
Front
AQL
Back
Ariel Query Language
Front
COSO
Back
Committee of Sponsoring Organizations of the Treadway Commission
Front
SPF
Back
Sender Policy Framework
Front
MX
Back
Mail Exchange
Front
USB
Back
Universal Serial Bus
Front
HIPS/HIDS
Back
Host-based Intrusion Protection System/Host-based Detection System
Front
STRIDE
Back
"Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege"
Front
SED
Back
Self-encrypting Drive
Front
DLP
Back
Data Loss Prevention
Front
RASP
Back
Runtime Application Self-protection
Front
C2
Back
Command and Control
Front
CCPA
Back
California Consumer Privacy Act
Front
LGPD
Back
General Data Protection Law
Front
OWASP
Back
Open Web Application Security Project
Front
IPS
Back
Intrusion Prevention System
Front
CRL
Back
Certificate Revocation List
Front
CSR
Back
Certificate Signing Request
Front
LDAP
Back
Lightweight Directory Access Protocol
Front
ATT&CK
Back
"Adversarial Tactics, Techniques, and Common Knowledge"
Front
STIX
Back
Structured Threat Information eXchange
Front
NIST CSF
Back
National Institute of Standards and Technology Cybersecurity Framework
Front
SSD
Back
Solid-state Drive
Front
IAM
Back
Identity and Access Management
Front
SCEP
Back
Simple Certificate Enrollment Protocol
Front
IKE
Back
Internet Key Exchange
Front
RADIUS
Back
Remote Authentication Dial-in User Service
Front
SDK
Back
Software Development Kit
Front
SDN
Back
Software-defined Network
Front
CSA
Back
Cloud Security Alliance
Front
GDPR
Back
General Data Protection Regulation
Front
FAST
Back
Flexible Authentication via Secure Tunneling
Front
DAC
Back
Discretionary Access Control
Front
OSINT
Back
Open-source Intelligence
Front
XDR
Back
Extended Detection and Response
Front
SCCM
Back
System Center Configuration Management
Front
AEAD
Back
Authenticated Encryption with Associated Data
Front
CBC
Back
Cipher Block Chaining
Front
DKIM
Back
Domain Keys Identified Mail
Front
ISO/IEC
Back
International Organization for Standardization/International Electrotechnical Commission
Front
PQC
Back
Post-quantum Cryptography
Front
REST
Back
Representational State Transfer
Front
TTPs
Back
"Tactics, Techniques, and Procedures"
Front
HTTP
Back
Hypertext Transfer Protocol
Front
PCI DSS
Back
Payment Card Industry Data Security Standard
Front
PTR
Back
Pointer Record
Front
SOC 2
Back
System and Organization Controls 2
Front
VPN
Back
Virtual Private Network
Front
COBIT
Back
Control Objectives for Information and Related Technologies
Front
OT
Back
Operational Technology
Front
RSA
Back
Rivest-Shamir-Aldeman Encryption Algorithm
Front
MFA
Back
Multifactor Authentication
Front
SDR
Back
Software-defined Radio
Front
NTLM
Back
New Technology LAN Manager
Front
TIP
Back
Threat Intelligence Platforms
Front
XSS
Back
Cross-site Scripting
Front
RF
Back
Radio Frequency
Front
UEFI
Back
Unified Extensible Firmware Interface
Front
HKLM
Back
Hkey_Local_Machine
Front
HSM
Back
Hardware Security Module
Front
HSTS
Back
HTTP Strict Transport Security
Front
IDS
Back
Intrusion Detection System
Front
SAN
Back
Storage Area Network
Front
SOAR
Back
"Security Orchestration, Automation, and Response"
Front
CA
Back
Certificate Authority
Front
DORA
Back
Digital Operational Resilience Act
Front
PII
Back
Personally Identifiable Information
Front
ISP
Back
Internet Service Provider
Front
OVAL
Back
Open Vulnerability Assessment Language
Front
RACI
Back
"Responsible, Accountable, Consulted, and Informed"
Front
YARA
Back
Yet Another Recursive Acronym
Front
ITIL
Back
Information Technology Infrastructure Library
Front
OTP
Back
One-time Password
Front
SCAP
Back
Security Content Automation Protocol
1/191
Every acronym included in the CompTIA SecurityX CAS-005 exam objectives.