Bash, the Crucial Exams Chat Bot
AI Bot
CompTIA SecurityX CAS-005 All Acronyms Flashcards
CompTIA SecurityX CAS-005 (V5) Flashcards
Study our CompTIA SecurityX CAS-005 All Acronyms flashcards for the CompTIA SecurityX CAS-005 (V5) exam with 191+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| ABAC | Attribute-based Access Control |
| ACL | Access Control List |
| ACME | Automated Certificate Management Environment |
| AEAD | Authenticated Encryption with Associated Data |
| AI | Artificial Intelligence |
| API | Application Programming Interface |
| APT | Advanced Persistent Threat |
| AQL | Ariel Query Language |
| ATT&CK | "Adversarial Tactics, Techniques, and Common Knowledge" |
| BEAST | Browser Exploit against SSL/TLS |
| BIOS | Basic Input/Output System |
| BYOD | Bring Your Own Device |
| C2 | Command and Control |
| CA | Certificate Authority |
| CA/RA | Certificate Authority/Registration Authority |
| CAPEC | Common Attack Pattern Enumeration and Classification |
| CASB | Cloud Access Security Broker |
| CBC | Cipher Block Chaining |
| CCPA | California Consumer Privacy Act |
| CDN | Content Delivery Network |
| CI/CD | Continuous Integration/Continuous Deployment |
| CIS | Center for Internet Security |
| CMDB | Configuration Database Management |
| CNAME | Canonical Name |
| COBIT | Control Objectives for Information and Related Technologies |
| COPPA | Children’s Online Privacy Act |
| COSO | Committee of Sponsoring Organizations of the Treadway Commission |
| CPE | Common Platform Enumeration |
| CPU | Central Processing Unit |
| CRL | Certificate Revocation List |
| CRM | Customer Relationship Manager |
| CSA | Cloud Security Alliance |
| CSPM | Cloud Security Posture Management |
| CSR | Certificate Signing Request |
| CSRF | Cross-site Request Forgery |
| CVE | Common Vulnerabilities and Exposures |
| CVSS | Common Vulnerability Scoring System |
| CWPP | Cloud Workload Protection Platform |
| D3FEND | "Detection, Denial, and Disruption Framework Empowering Network Defense" |
| DAC | Discretionary Access Control |
| DAST | Dynamic Application Security Testing |
| DDoS | Distributed Denial of Service |
| DHCP | Dynamic Host Configuration Protocol |
| DKIM | Domain Keys Identified Mail |
| DLP | Data Loss Prevention |
| DMA | Digital Markets Act |
| DMARC | Domain-based Message Authentication Reporting and Conformance |
| DNS | Domain Name System |
| DNSSEC | Domain Name System Security Extensions |
| DORA | Digital Operational Resilience Act |
| DoS | Denial of Service |
| EAP | Extensible Authentication Protocol |
| ECC | Elliptic Curve Cryptography |
| EDR | Endpoint Detection Response |
| EMI | Electromagnetic Interference |
| EMP | Electromagnetic Pulse |
| EOL | End-of-life |
| FAST | Flexible Authentication via Secure Tunneling |
| FDE | Full Disk Encryption |
| FIDO | Fast Identity Online |
| GDPR | General Data Protection Regulation |
| GPO | Group Policy Objects |
| GRC | "Governance, Risk, and Compliance" |
| HIPS/HIDS | Host-based Intrusion Protection System/Host-based Detection System |
| HKLM | Hkey_Local_Machine |
| HSM | Hardware Security Module |
| HSTS | HTTP Strict Transport Security |
| HTTP | Hypertext Transfer Protocol |
| HTTPS | Hypertext Transfer Protocol Secure |
| HVAC | Heating Ventilation and Air Conditioning |
| IaC | Infrastructure as Code |
| IAM | Identity and Access Management |
| IAST | Interactive Application Security Testing |
| ICS | Industrial Control System |
| IDE | Integrated Development Environment |
| IDS | Intrusion Detection System |
| IEEE | Institute for Electrical and Electronics Engineers |
| IIS | Internet Information Services |
| IKE | Internet Key Exchange |
| IoC | Indicator of Compromise |
| IoT | Internet of Things |
| IPS | Intrusion Prevention System |
| ISAC | Information Sharing and Analysis Centers |
| ISO/IEC | International Organization for Standardization/International Electrotechnical Commission |
| ISP | Internet Service Provider |
| ITIL | Information Technology Infrastructure Library |
| JSON | JavaScript Object Notation |
| JTAG | Joint Test Action Group |
| LAN | Local Area Network |
| LDAP | Lightweight Directory Access Protocol |
| LGPD | General Data Protection Law |
| LLM | Large Language Model |
| MAC | Mandatory Access Control |
| MDM | Mobile Device Management |
| MFA | Multifactor Authentication |
| MIME | Multipurpose Internet Mail Extensions |
| MX | Mail Exchange |
| NAC | Network Access Control |
| NFS | Network File System |
| NIDS | Network-based Intrusion Detection System |
| NIPS | Network-based Intrusion Prevention System |
| NIST CSF | National Institute of Standards and Technology Cybersecurity Framework |
| NTLM | New Technology LAN Manager |
| OAuth | Open Authorization |
| OCSP | Online Certificate Status Protocol |
| OEM | Original Equipment Manufacturer |
| OS | Operating System |
| OSINT | Open-source Intelligence |
| OT | Operational Technology |
| OTP | One-time Password |
| OVAL | Open Vulnerability Assessment Language |
| OWASP | Open Web Application Security Project |
| PaaS | Platform as a Service |
| PAM | Privileged Access Management |
| PCI DSS | Payment Card Industry Data Security Standard |
| PEAP | Protected Extensible Authentication Protocol |
| PII | Personally Identifiable Information |
| PKI | Public Key Infrastructure |
| PQC | Post-quantum Cryptography |
| PTR | Pointer Record |
| QA | Quality Assurance |
| RACI | "Responsible, Accountable, Consulted, and Informed" |
| RADIUS | Remote Authentication Dial-in User Service |
| RASP | Runtime Application Self-protection |
| RAT | Remote Access Trojan |
| RCE | Remote Code Execution |
| RDP | Remote Desktop Protocol |
| REST | Representational State Transfer |
| RF | Radio Frequency |
| RPO | Recovery Point Objective |
| RSA | Rivest-Shamir-Aldeman Encryption Algorithm |
| RTO | Recovery Time Objective |
| S/MIME | Secure/Multipurpose Internet Mail Extensions |
| SaaS | Software as a Service |
| SAE | Simultaneous Authentication of Equals |
| SAML | Security Assertions Markup Language |
| SAN | Storage Area Network |
| SASE | Secure Access Service Edge |
| SAST | Static Application Security Testing |
| SBoM | Software Bill of Materials |
| SCA | Software Composition Analysis |
| SCADA | Supervisory Control and Data Acquisition |
| SCAP | Security Content Automation Protocol |
| SCCM | System Center Configuration Management |
| SCEP | Simple Certificate Enrollment Protocol |
| SCHANNEL | Secure Channel |
| SD-WAN | Software-defined Wide Area Network |
| SDK | Software Development Kit |
| SDLC | Software Development Life Cycle |
| SDN | Software-defined Network |
| SDR | Software-defined Radio |
| SED | Self-encrypting Drive |
| SIEM | Security Information Event Management |
| SLA | Service-level Agreement |
| SOA | Service-oriented Architecture |
| SOAR | "Security Orchestration, Automation, and Response" |
| SoC | System-on-Chip |
| SOC | Security Operations Center |
| SOC 2 | System and Organization Controls 2 |
| SPF | Sender Policy Framework |
| SSD | Solid-state Drive |
| SSH | Secure Shell |
| SSL | Secure Sockets Layer |
| SSO | Single Sign-on |
| STIX | Structured Threat Information eXchange |
| STRIDE | "Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege" |
| TAXII | Trusted Automated Exchange of Indicator Information |
| TIP | Threat Intelligence Platforms |
| TLS | Transport Layer Security |
| TOCTOU | "Time of Check, Time of Use" |
| TOML | "Tom’s Obvious, Minimal Language" |
| TPM | Trusted Platform Module |
| TTPs | "Tactics, Techniques, and Procedures" |
| UBA | User Behavior Analytics |
| UDP | User Datagram Protocol |
| UEBA | User & Entity Behavior Analytics |
| UEFI | Unified Extensible Firmware Interface |
| USB | Universal Serial Bus |
| VDI | Virtual Desktop Environment |
| VLAN | Virtual Local Area Network |
| VPN | Virtual Private Network |
| vTPM | Virtual Trusted Platform Module |
| WAF | Web Application Firewall |
| WIPS | Wireless Intrusion Prevention System |
| WLAN | Wireless Local Area Newtork |
| XCCDF | Extensible Configuration Checklist Description Format |
| XDR | Extended Detection and Response |
| XML | Extensible Markup Language |
| XSS | Cross-site Scripting |
| YAML | Yet Another Markup Language |
| YARA | Yet Another Recursive Acronym |
Related Study Materials
About the Flashcards
Flashcards for the CompTIA SecurityX exam help you master core cybersecurity and IT terms used on the test. This deck emphasizes identity and access concepts (ABAC, ACL, IAM, MFA, SSO), cryptography and PKI fundamentals (AEAD, RSA, ECC, PQC, CA, OCSP), and common network protocols (DNS, DNSSEC, HTTP/S, DHCP).
Use the cards to review threat types, detection and response tools, cloud and DevSecOps practices, and compliance frameworks. Cards cover attacks and malware (APT, RAT, DDoS, XSS, CSRF, RCE), monitoring and protection platforms (SIEM, EDR, XDR, WAF, NIDS/NIPS, HIDS/HIPS, SOC), cloud controls (CI/CD, IaC, CSPM, SBoM), and governance standards (GDPR, PCI DSS, NIST CSF). Focused practice on terminology, concepts, and key ideas speeds recall for exam day.
Topics covered in this flashcard deck:
- Access control and authentication
- Cryptography and PKI
- Network protocols and services
- Threats and detection
- Cloud and DevSecOps
- Compliance and standards