Skip to content

Glossary

Cybersecurity, Forensics & Penetration Testing Terms


A

AAA — Authentication, Authorization, and Accounting. Framework for controlling access to network resources.

AMP — Advanced Malware Protection. Cisco's endpoint protection platform.

API — Application Programming Interface. Set of protocols for building and integrating application software.

APM — Application Performance Management. Monitoring and management of software application performance.

APT — Advanced Persistent Threat. Prolonged targeted cyberattack where attackers gain access and remain undetected.

ARP — Address Resolution Protocol. Protocol for mapping IP addresses to MAC addresses.

ATT&CK — Adversarial Tactics, Techniques, and Common Knowledge. MITRE framework for describing cyber adversary behavior.

B

BFD — Bidirectional Forwarding Detection. Network protocol for fast failure detection.

BYOD — Bring Your Own Device. Policy allowing employees to use personal devices for work.

C

CDR — Call Detail Record. Detailed information about telephone calls or VoIP sessions.

CISO — Chief Information Security Officer. Executive responsible for information security.

CIS Controls — Center for Internet Security Critical Security Controls. Prioritized set of cybersecurity best practices.

CoA — Change of Authorization. RADIUS command to change attributes of an authentication session.

CVE — Common Vulnerabilities and Exposures. Publicly disclosed cybersecurity vulnerabilities.

D

DAI — Dynamic ARP Inspection. Security feature that validates ARP packets.

DDoS — Distributed Denial of Service. Attack attempting to make a service unavailable.

DHCP — Dynamic Host Configuration Protocol. Network management protocol for automatic IP address assignment.

DLP — Data Loss Prevention. Tools and processes to prevent data breaches.

DNAC — DNA Center. Cisco's network management and automation platform.

DNS — Domain Name System. Internet's directory system translating domain names to IP addresses.

DPI — Deep Packet Inspection. Advanced packet analysis examining data content.

E

EAP — Extensible Authentication Protocol. Authentication framework used in wireless and point-to-point connections.

EDR — Endpoint Detection and Response. Cybersecurity technology that monitors endpoints for threats.

F

FMC — Firepower Management Center. Cisco's centralized firewall management platform.

FTD — Firepower Threat Defense. Cisco's next-generation firewall platform.

G

GDPR — General Data Protection Regulation. European Union data protection and privacy regulation.

H

HAR — HTTP Archive. File format for tracking web browser interactions.

Hash — Fixed-size alphanumeric string generated by cryptographic algorithm from data.

I

IDS — Intrusion Detection System. Monitors network traffic for suspicious activity.

IOC — Indicator of Compromise. Forensic data suggesting a security breach.

IP — Internet Protocol. Primary protocol for relaying data across networks.

IPS — Intrusion Prevention System. Network security technology that monitors and blocks threats.

IPsec — Internet Protocol Security. Secure network protocol suite authenticating and encrypting packets.

ISE — Identity Services Engine. Cisco's network access control and policy enforcement platform.

ISO 27001 — International standard for information security management systems.

L

LISP — Locator/ID Separation Protocol. Network architecture separating device identity from location.

M

MAB — MAC Authentication Bypass. Network access control method using MAC addresses.

MACsec — Media Access Control Security. IEEE standard for securing data on Ethernet links.

MFA — Multi-Factor Authentication. Authentication requiring multiple verification methods.

MITRE ATT&CK — See ATT&CK.

MTTD — Mean Time to Detect. Average time to discover a security incident.

MTTR — Mean Time to Respond/Recover. Average time to respond to or recover from an incident.

N

NAC — Network Access Control. Security approach restricting network access to authorized devices.

NetFlow — Network protocol for collecting IP traffic information.

NIST CSF — National Institute of Standards and Technology Cybersecurity Framework.

O

OMP — Overlay Management Protocol. Cisco SD-WAN control plane protocol.

P

PCAP — Packet Capture. File format for saving network packet data.

PCI-DSS — Payment Card Industry Data Security Standard. Security standard for credit card processing.

PII — Personally Identifiable Information. Data that can identify an individual.

pxGrid — Platform Exchange Grid. Cisco's multivendor platform for security context sharing.

R

RADIUS — Remote Authentication Dial-In User Service. Networking protocol providing AAA management.

ROE — Rules of Engagement. Guidelines defining scope and conduct of penetration testing.

RTO — Recovery Time Objective. Maximum acceptable time to restore service after disruption.

RPO — Recovery Point Objective. Maximum acceptable data loss measured in time.

S

SASE — Secure Access Service Edge. Cloud-delivered network security and WAN capabilities.

SD-Access — Software-Defined Access. Cisco's automated campus network solution.

SD-WAN — Software-Defined Wide Area Network. Virtual WAN architecture.

SGACL — Security Group Access Control List. TrustSec policy enforcement mechanism.

SGT — Security Group Tag. TrustSec metadata assigned to packets for policy enforcement.

SIEM — Security Information and Event Management. Technology for log collection and analysis.

SIP — Session Initiation Protocol. Signaling protocol for VoIP communications.

SOC — Security Operations Center. Centralized unit dealing with security issues.

SOC 2 — Service Organization Control 2. Audit standard for service providers storing customer data.

SPF — Sender Policy Framework. Email authentication method preventing spoofing.

SSL — Secure Sockets Layer. Cryptographic protocol for secure communications (superseded by TLS).

SWG — Secure Web Gateway. Security solution monitoring internet-bound traffic.

T

TACACS+ — Terminal Access Controller Access-Control System Plus. Protocol for AAA services.

TLS — Transport Layer Security. Cryptographic protocol providing communications security.

TLOC — Transport Location. SD-WAN overlay identifier for WAN edge routers.

TTP — Tactics, Techniques, and Procedures. Patterns of activities and methods used by threat actors.

TrustSec — Cisco's security architecture using SGTs for access control.

U

UEBA — User and Entity Behavior Analytics. Security process examining patterns to detect threats.

UTD — Unified Threat Defense. Cisco SD-WAN integrated security features.

V

VLAN — Virtual Local Area Network. Network partitioning at data link layer.

VPN — Virtual Private Network. Encrypted connection over public network.

VXLAN — Virtual Extensible LAN. Network virtualization technology.

W

WAF — Web Application Firewall. Protection for web applications against attacks.

X

XDR — Extended Detection and Response. Security platform providing unified threat detection.

Z

Zero Trust — Security model requiring verification from everyone accessing network resources.


Last Updated: March 2026 | Total Terms: 100+