AAA |
Authentication, Authorization, and Accounting |
AC |
Actual Cost |
ACDF |
Access Control Decision Function |
ACI |
Access Control Information |
ACL |
Access Control List |
ACWP |
Actual Cost of Work Performed |
AD |
Active Directory/Activity Description |
ADM |
Arrow Diagramming Method |
AES |
Advanced Encryption Standard |
AF |
Actual Finish Date |
ADRP |
Army’s DISN Router Program |
ADSL |
Asymmetric Digital Subscriber Line |
AFIWC |
Air Force Information Warfare Center |
AH |
Authentication Header |
AIS |
Automated Information System |
API |
Application Program Interface |
ASCII |
American Standard Code for Information Interchange |
ANS1 |
Abstract Syntax Notation |
ARP |
Address Resolution Protocol |
AS |
Actual Start Date |
ATM |
Asynchronous Transfer Mode |
AV |
Antivirus |
BAC |
Budget at Completion |
BAPI |
Biometrics Application Program Interface |
BCA |
Bridge Certificate Authority |
BCWP |
Budgeted Cost of Work Performed |
BCWS |
Budgeted Cost of Work Scheduled |
BIOS |
Basic Input/Output System |
BN |
Backbone Network |
BOM |
Bill of Materials |
BOOTP |
Boot Protocol |
BSD |
Berkley Software Design |
C&A |
Certification and Accreditation |
C/AII |
Corporate/Agency Information Infrastructure |
C2 |
Command and Control |
C4I |
Command, Control, Communications, Computer, and Intelligence |
CA |
Certification Authority/Control Account |
CALEA |
Communications Assistance for Law Enforcement Act |
CAN |
Campus Area Network |
CAP |
Control Account Plan |
CAPI |
Cryptographic Application Programming Interface |
CAT |
Common Authentication Technology |
CAW |
Certificate Authority Workstation |
CC |
Common Criteria |
CCB |
Change Control Board |
CCE |
Common Configuration Enumeration |
CCI |
Controlled Cryptographic Item |
CDMA |
Code Division Multiple Access |
CDR |
Critical Design Review |
CDSA |
Common Data Security Architecture |
CERT |
Computer Emergency Response Team |
CFD |
Common Fill Devices |
CGE |
Cisco Global Exploiter |
CGI |
Common Gateway Interface |
CH |
Correspondence Host |
CI |
Cryptographic Interface/Configuration Item |
CIO |
Chief Information Officer |
CIAC |
Computer Incident Advisory Capability |
CIDF |
Common Instruction Detection Framework |
CIK |
Crypto-Ignition Key |
CIRT |
Computer Incident Response Team |
CISO |
Chief Information Security Officer |
CKL |
Compromised Key List |
CM |
Configuration Management |
CMA |
Certificate Management Authority |
CMI |
Certificate Management Infrastructure |
CMIP |
Common Management Information Protocol |
CMP |
Certificate Management Protocols |
CMS |
Certificate Management Systems |
CMUA |
Certificate Management User Agent |
COA |
Course of Action |
COE |
Common Operating Environment |
COMSEC |
Communications Security |
CONOPS |
Concept of Operations |
COQ |
Cost of Quality |
CORBA |
Common Object Request Broker Architecture |
COTS |
Commercial-Off-The-Shelf |
CP |
Certificate Policy/Critical Path |
CPF |
Cost Plus Fee |
CPI |
Cost Performance Index |
CPM |
Critical Path Method |
CPS |
Certification Practice Statement |
CRL |
Certificate Revocation List |
CSA |
Computer Security Act |
CSP |
Cryptographic Service Provider |
CSRA |
Critical Security Requirement Areas |
CSSM |
Common Security Services Manager |
CTO |
Chief Technology Officer |
CV |
Compliance Validation/Cost Variance |
CVE |
Common Vulnerability and Exposures |
CVI |
Compliance Validation Inspection |
CVSD |
Continuously Variable Slope Detection |
CVSS |
Common Vulnerability Scoring System |
CWBS |
Contract Work Breakdown Structure |
CWE |
Common Weakness Enumeration |
DAA |
Designated Approving Authority |
DAC |
Discretionary Access Control |
DAP |
Directory Access Protocol |
DD |
Data Date |
DER |
Distinguished Encoding Rules |
DES |
Data Encryption Standard |
DHCP |
Dynamic Host Control Protocol |
DIT |
Directory Information Tree |
DMS |
Defense Messaging System |
DMZ |
Demilitarized Zone |
DN |
Distinguished Name |
DNS |
Domain Name Server |
DNSSEC |
Domain Name System Security |
DOS |
Denial of Service |
DSA |
Directory Service Agents |
DU |
Duration |
EAC |
Estimate at Completion |
EAL |
Evaluation Assurance Level |
ECAs |
External Certificate Authorities |
EF |
Early Finish Date |
EKMS |
Electronic Key Management System |
EMV |
Expected Monetary Value |
ESM |
Encapsulating Security Management |
ES |
Early Start Date |
ESP |
Encapsulating Security Payload |
ETC |
Estimate to Complete |
EUT |
End User Terminal |
EV |
Expected Value/Earned Value |
FedCIRC |
Federal Computer Incident Response Center |
FF |
Finish-to-Finish/Free Float |
FFP |
Firm-Fixed-Price |
FIPS |
Federal Information Processing Standards |
FIRST |
Forum of Incident Response and Security Team |
FISMA |
Federal Information Processing Standards |
FMEA |
Failure Mode and Effect Analysis |
FPIF |
Fixed-Price-Incentive-Fee |
FrSIRT |
French Security Incident Response Team |
FS |
Finish-to-Start |
FSRS |
Functional Security Requirements for Specification |
FTP |
File Transfer Protocol |
FW |
Firewall |
GSAKMP |
Group Service Association Key Management Protocol |
GUI |
Graphical User Interface |
GULS |
General Upper Layer Security |
HAG |
High Assurance Guard |
HF |
High Frequency |
HTML |
Hyper Text Markup Language |
HTTP |
Hyper Text Transfer Protocol |
I&A |
Identification and Authentication |
IA |
Information Assurance |
IAM |
INFOSEC Assessment Methodology |
IATF |
Information Assurance Technical Framework |
IBAC |
Identity Based Access Control |
IC |
Intelligence Community |
ICMP |
Internet Control Message Protocol |
ICRLA |
Indirect Certificate Revocation List Authority |
ID |
Identifier |
IDPS |
Intrusion Detection and Prevention System |
IDS |
Intrusion Detection System |
IDUP |
Independent Data Unit Protection |
IEEE |
Institute of Electrical and Electronics Engineers |
IEM |
INFOSEC Evaluation Methodology |
IETF |
Internet Engineering Task Force |
IFB |
Invitation for Bid |
IIS |
Internet Information Server |
IKE |
Internet Key Exchange |
ILS |
Integrated Logistics Support |
IMAP |
Internet Mail Access Protocol |
INE |
Inline Network Encryptor |
INFOSEC |
Information Security |
IP |
Internet Protocol |
IPN |
Information Protection Network |
IPS |
Intrusion Prevention System |
IPSec |
Internet Protocol Security |
IPX |
Internet Packet Exchange |
IR |
Infrared |
IS |
Information Systems |
ISAKMP |
Internet Security Association and Key Management Protocol |
ISDN |
Integrated Services Digital Network |
ISO |
International Organization for Standardization |
ISSAF |
Information System Security Assessment Framework |
ISSO |
Information Systems Security Organization |
IT |
Information Technology |
ITL |
Information Technology Laboratory |
IW |
Information Warfare |
KMI |
Key Management Infrastructure |
LAN |
Local Area Network |
LDAP |
Lightweight Directory Access Protocol |
LDM/KP |
Local Management Device/Key Processor |
LF |
Late Finish Date |
LOE |
Level of Effort |
LPD |
Low Probability of Detection |
LPI |
Low Probability of Intercept |
LRA |
Local Registration Authority |
LS |
Late Start Date |
MAC |
Mandatory Access Control |
MAN |
Metropolitan Area Network |
MD5 |
Message Digest 5 |
MILS |
Multiple, Independent Security Levels |
MIME |
Multipurpose Internet Mail Extension |
MSN |
Mission Needs Statement |
MoE |
Measure of Effectiveness |
MSP |
Message Security Protocol |
MTA |
Message Transfer Protocol |
MTS |
Message Transfer System |
NAT |
Network Address Translation |
NES |
Network Encryption System |
NIC |
Network Interface Card |
NIS |
Network Information System |
NIPC |
National Infrastructure Protection Center |
NIST |
National Institute of Standards and Technology |
NOS |
Network Operating System |
NSA |
Network Security Agency |
NSF |
Network Security Framework |
NVD |
National Vulnerability Database |
OBS |
Organizational Breakdown Structure |
OD |
Original Duration |
OIG |
Office of Inspector General |
OMB |
Office of Management and Budget |
OPSEC |
Operational Security |
ORD |
Operational Requirements Documents |
OS |
Operating System |
OSI |
Open Systems Interconnection |
OSSTMM |
Open Source Security Testing Methodology Manual |
OWASP |
Open Web Application Security Project |
P2P |
Peer-to-Peer |
PAA |
Policy Approving Authority |
PBX |
Private Branch Exchange |
PC |
Percent Complete |
PCA |
Policy Creation Authority |
PCI |
Protocol Control Information |
PDA |
Personal Digital Assistant |
PDM |
Precedence Diagramming Method |
PERL |
Practical Extraction and Reporting Language |
PF |
Planned Finish Date |
PGP |
Pretty Good Privacy |
PII |
Personally Identifiable Information |
PIN |
Personal Identification Number |
PKCS |
Public Key Cryptographic Standards |
PKI |
Public Key Infrastructure |
PM |
Project Manager/Project Management |
PMA |
Policy Management Authority |
PMBOK |
Project Management Body of Knowledge |
PMIS |
Project Management Information System |
PMO |
Project Management Office |
PMP |
Project Management Professional |
PPP |
Point-to-Point Protocol |
PS |
Planned Start Date |
PSTN |
Public Switched Telephone Network |
PSWBS |
Project Summary Work Breakdown Structure |
PV |
Planned Value |
QA |
Quality Assurance |
QC |
Quality Control |
QOS |
Quality of Service |
RADIUS |
Remote Access Dial In User Service |
RAM |
Responsibility Assignment Matrix |
RBAC |
Rule Based Access Control |
RBR |
Rule-Based Reasoning |
RBS |
Resource Breakdown Structure/Risk Breakdown Structure |
RD |
Remaining Duration |
RFC |
Request for Comment |
RFP |
Request for Proposal |
RFQ |
Request for Quotation |
ROE |
Rules of Engagement |
RTM |
Requirements Traceability Matrix |
S/MIME |
Secure/Multipurpose Internet Mail Extension |
SCADA |
Supervisory Control and Data Acquisition |
SCAP |
Security Content Automation Protocol |
SDD |
Secure Data Device |
SDE |
Secure Data Exchange |
SDLC |
System Development Life Cycle |
SET |
Secure Electronic Transaction |
SF |
Scheduled Finish Date/Start to Finish |
SFTP |
Secure File Transfer Protocol |
SHA |
Secure Hashing Algorithm |
SID |
System Identfication |
SIP |
Session Initiation Protocol |
SKM |
Symmetric Key Management |
SLA |
Service Level Agreements |
SMB |
Server Message Block |
SME |
Subject Matter Expert |
SMI |
Security Management Infrastructure |
SMIB |
Security Management Information Base |
SMTP |
Simple Mail Transfer Protocol |
SNMP |
Simple Network Management Protocol |
SOW |
Statement of Work |
SPG |
Security Program Group |
SPI |
Schedule Performance Index |
SS |
Scheduled Start Date/Start to Start |
SSA |
System Security Administrator |
SSAA |
System Security Authorization Agreement |
SSH |
Secure Shell |
SSID |
Service Set Identifier |
SSL |
Secure Sockets Layer |
SSN |
Social Security Number |
STE |
Security Test and Evaluation |
SV |
Schedule Variance |
SWOT |
Strengths, Weaknesses, Opportunities, and Threats |
TC |
Target Completion Date |
TCB |
Trusted Computing Base |
TCP |
Transmission Control Protocol |
TCP/IP |
Transmission Control Protocol/Internet Protocol |
TDMA |
Time Division Multiple Access |
TF |
Target Finish Date/Total Float |
TFTP |
Trivial File Transfer Protocol |
TLS |
Transport Layer Security |
TM |
Time and Material |
TOE |
Target of Evaluation |
TPEP |
Trust Product Evaluation Program |
TQM |
Total Quality Management |
TS |
Target Start Date |
TTP |
Trusted Third Party |
UDP |
User Datagram Protocol |
URL |
Uniform Resource Locator |
USB |
Universal Serial Bus |
VE |
Value Engineering |
VM |
Virtual Machine |
VoIP |
Voice over Internet Protocol |
VPN |
Virtual Private Network |
WAN |
Wide Area Network |
WBS |
Work Breakdown Structure |
WEP |
Wired Equivalent Privacy |
WIDPS |
Wireless Intrusion Detection and Prevention System |
WIFI |
Wireless Fidelity |
WLAN |
Wireless Local Area Network |
WPA |
Wi-Fi Protected Access |
WVE |
Wireless Vulnerabilities and Exploits |
XML |
Extensible Markup Language |