Acronyms#
Note
This page is supplementary material for the NIST SP 1800-35 publication.
AAA |
Authentication, Authorization, and Accounting |
ACL |
Access Control List |
AD |
Active Directory |
AD FS |
Active Directory Federation Services |
AG |
(Okta) Access Gateway |
AI |
Artificial Intelligence |
AMI |
Amazon Machine Image |
AP |
Access Point |
API |
Application Programming Interface |
APM |
(F5 BIG-IP) Access Policy Manager |
APNs |
Apple Push Notification service |
ATP |
(Microsoft Azure) Advanced Threat Protection, (Palo Alto Networks) Advanced Threat Prevention |
AURL |
(Palo Alto Networks) Advanced URL Filtering |
AWS |
Amazon Web Services |
BCE |
(Google) BeyondCorp Enterprise |
BYOD |
Bring Your Own Device |
C&C |
Command-and-Control |
CA |
Certificate Authority, (Zscaler) Central Authority |
CASB |
Cloud Access Security Broker |
CCECG |
(Palo Alto Networks) Common Criteria Evaluated Configuration Guide |
CDM |
Continuous Diagnostics and Mitigation |
CDSS |
(Palo Alto Networks) Cloud-Delivered Security Services |
CEF |
Common Event Format |
CESA |
Cisco Endpoint Security Analytics |
CI/CD |
Continuous Integration/Continuous Delivery |
CIE |
(Palo Alto Networks) Cloud Identity Engine |
CIEM |
Cloud Infrastructure Entitlement Management |
CLI |
Command Line Interface |
CP4S |
(IBM) Cloud Pak for Security |
CRADA |
Cooperative Research and Development Agreement |
CSE |
Cisco Secure Endpoint |
CSW |
Cisco Secure Workload |
CVE |
Common Vulnerabilities and Exposures |
DDoS |
Distributed Denial of Service |
DHCP |
Dynamic Host Configuration Protocol |
DISA |
Defense Information Systems Agency |
DLP |
Data Loss Prevention |
DMZ |
Demilitarized Zone |
DN |
Domain Name |
DNS |
Domain Name System |
DTLS |
Datagram Transport Layer Security |
E1B1 |
Enterprise 1 Build 1 |
E1B2 |
Enterprise 1 Build 2 |
E1B3 |
Enterprise 1 Build 3 |
E1B4 |
Enterprise 1 Build 4 |
E1B5 |
Enterprise 1 Build 5 |
E1B6 |
Enterprise 1 Build 6 |
E2B1 |
Enterprise 2 Build 1 |
E2B3 |
Enterprise 2 Build 3 |
E2B4 |
Enterprise 2 Build 4 |
E2B5 |
Enterprise 2 Build 5 |
E3B1 |
Enterprise 3 Build 1 |
E3B2 |
Enterprise 3 Build 2 |
E3B3 |
Enterprise 3 Build 3 |
E3B4 |
Enterprise 3 Build 4 |
E3B5 |
Enterprise 3 Build 5 |
E4B3 |
Enterprise 4 Build 3 |
E4B4 |
Enterprise 4 Build 4 |
EBS |
(Amazon) Elastic Block Store |
EC2 |
(Amazon) Elastic Compute Cloud |
ECS |
(Amazon) Elastic Container Service |
EDR |
Endpoint Detection and Response |
EIG |
Enhanced Identity Governance |
EKS |
(Amazon) Elastic Kubernetes Service |
EMM |
Enterprise Mobility Management |
EO |
Executive Order |
ePO |
(Trellix) ePolicy Orchestrator |
EPP |
Endpoint Protection Platform |
ETA |
(Cisco) Encrypted Traffic Analytics |
E/W |
East/West |
FedRAMP |
Federal Risk and Authorization Management Program |
FIDO U2F |
Fast Identity Online Universal 2nd Factor |
FIPS |
Federal Information Processing Standards |
FQDN |
Fully Qualified Domain Name |
FTD |
(Cisco) Firepower Threat Defense |
FTUE |
First-Time User-Experience |
FWaaS |
Firewall as a Service |
GA |
General Availability |
GCP |
Google Cloud Platform |
GDE |
(IBM Security) Guardium Data Encryption |
GIN |
(Symantec) Global Intelligence Network |
GP |
(Palo Alto Networks) GlobalProtect |
GPO |
Group Policy Object |
HDAP |
High-Availability Directory Access Protocol |
HIP |
Host Information Profile |
HR |
Human Resources |
HTTP |
Hypertext Transfer Protocol |
HTTPS |
Hypertext Transfer Protocol Secure |
IaaS |
Infrastructure as a Service |
IaC |
Infrastructure as Code |
IAM |
(AWS) Identity and Access Management |
IAP |
Identity-Aware Proxy |
IBM |
International Business Machines Corporation |
ICA |
Intermediate Certificate Authority |
ICAM |
Identity, Credential, and Access Management |
IDaaS |
Identity as a Service |
IdP |
Identity Provider |
IGA |
(Symantec) Identity Governance and Administration |
IIS |
Internet Information Services |
IL4 |
(Department of Defense) Impact Level 4 |
IoMT |
Internet of Medical Things |
IN UEM |
Ivanti Neurons for Unified Endpoint Management |
IoT |
Internet of Things |
IP |
Internet Protocol |
IPsec |
Internet Protocol Security |
IPv4 |
Internet Protocol version 4 |
IPv6 |
Internet Protocol version 6 |
ISE |
(Cisco) Identity Services Engine |
IT |
Information Technology |
ITL |
Information Technology Lab |
ITOps |
Information Technology Operations |
JDBC |
Java Database Connectivity |
KCD |
Kerberos Constrained Delegation |
LDAP |
Lightweight Directory Access Protocol |
LDAPS |
Lightweight Directory Access Protocol Secure |
LTM |
(F5 BIG-IP) Local Traffic Manager |
MAM |
Mobile Application Management |
MDM |
Mobile Device Management |
MES |
(Lookout) Mobile Endpoint Security |
MFA |
Multifactor Authentication |
ML |
Machine Learning |
MSV |
Mandiant Security Validation |
MTD |
Mobile Threat Defense |
mTLS |
Mutual Transport Layer Security |
MU SPN |
Mobile User Security Processing Node |
NCCoE |
National Cybersecurity Center of Excellence |
NDR |
Network Detection and Response |
NGAV |
Next-Generation Antivirus |
NGFW |
Next-Generation Firewall |
NIST |
National Institute of Standards and Technology |
NNM |
(Tenable) Nessus Network Monitor |
NPE |
Non-Person Entity |
NPS |
Network Policy Server |
N/S |
North/South |
NSG |
Network Security Group |
NTA |
Network Traffic Analysis |
NTP |
Network Time Protocol |
NVM |
(Cisco) Network Visibility Module |
OAuth |
Open Authorization |
OIDC |
OpenID Connect |
OMB |
Office of Management and Budget |
OS |
Operating System |
OT |
Operational Technology |
OU |
Organizational Unit |
OTP |
One-Time Password |
OVA |
Okta Verify App, Open Virtual Appliance |
PA |
Policy Administrator |
PaaS |
Platform as a Service |
PAN |
Palo Alto Networks |
PAW |
(Intune) Privilege Access Workstations |
PDCe |
Primary Domain Controller Emulator |
PDP |
Policy Decision Point |
PE |
Policy Engine |
PEP |
Policy Enforcement Point |
PII |
Personally Identifiable Information |
PIP |
Policy Information Point |
PKI |
Public Key Infrastructure |
QoS |
Quality of Service |
QR |
Quick Response |
RADIUS |
Remote Authentication Dial-In User Service |
R&D |
Research and Development |
RDBMS |
Relational Database Management System |
RDP |
Remote Desktop Protocol |
RDS |
Remote Desktop Server |
REST |
Representational State Transfer |
RN SPN |
Remote Network Security Processing Node |
S3 |
(Amazon) Simple Storage Service |
SaaS |
Software as a Service |
SAML |
Security Assertion Markup Language |
SASE |
Secure Access Service Edge |
SAW |
(Microsoft) Secure Admin Workstation |
SCC |
SCAP Compliance Checker |
SC SPN |
Service Connection Security Processing Node |
SCIM |
System for Cross-Domain Identity Management |
SDLC |
Software Development Lifecycle |
SDP |
Software-Defined Perimeter |
SD-WAN |
Software-Defined Wide Area Network |
SFTP |
SSH File Transfer Protocol |
SIEM |
Security Information and Event Management |
SMB |
Server Message Block |
SMS |
Short Message Service |
SMTP |
Simple Mail Transfer Protocol |
SNA |
(Cisco) Secure Network Analytics |
SOAR |
Security Orchestration, Automation, and Response |
SoD |
Separation of Duties |
SP |
Special Publication |
SPA |
Single Packet Authentication |
SQL |
Structured Query Language |
SRE |
Site Reliability Engineer |
SSE |
(Skyhigh Security) Security Service Edge |
SSH |
Secure Shell |
SSL |
Secure Sockets Layer |
SSO |
Single Sign-On |
SSPR |
Single Sign-On Password Reset |
STIG |
Security Technical Implementation Guide |
SWG |
Secure Web Gateway |
TCP |
Transmission Control Protocol |
TGW |
Transit Gateway |
TLS |
Transport Layer Security |
TOTP |
Time-Based One-Time Pad |
TTP |
Tactics, Techniques, and Procedures |
UAC |
User Account Control |
UAG |
(VMware) Unified Access Gateway |
UDP |
User Datagram Protocol |
UEM |
Unified Endpoint Management |
UI |
User Interface |
URL |
Uniform Resource Locator |
USB |
Universal Serial Bus |
VDI |
Virtual Desktop Infrastructure |
VDS |
(VMware) vSphere Distributed Switch |
VIP |
(Symantec) Validation and ID Protection |
VLAN |
Virtual Local Area Network |
VM |
Virtual Machine |
VNET |
Virtual Network |
VPC |
Virtual Private Cloud |
VPN |
Virtual Private Network |
vSAN |
Virtual Storage Area Network |
VSI |
Virtual Server Instance |
WAF |
Web Application Firewall |
WF |
(Palo Alto Networks) Wildfire |
WSS |
(Symantec) Web Security Service |
WSUS |
(Microsoft) Windows Server Update Service |
XDR |
Extended Detection and Response |
XSS |
Cross-Site Scripting |
ZCC |
Zscaler Client Connector |
ZIA |
Zscaler Internet Access |
ZPA |
Zscaler Private Access |
ZSO |
(Ivanti) Zero Sign-On |
ZTA |
Zero Trust Architecture |
ZTNA |
Zero Trust Network Access |