Glossary¶
Cybersecurity, Forensics & Penetration Testing Terms
A¶
AAA — Authentication, Authorization, and Accounting. Framework for controlling access to network resources.
AMP — Advanced Malware Protection. Cisco's endpoint protection platform.
API — Application Programming Interface. Set of protocols for building and integrating application software.
APM — Application Performance Management. Monitoring and management of software application performance.
APT — Advanced Persistent Threat. Prolonged targeted cyberattack where attackers gain access and remain undetected.
ARP — Address Resolution Protocol. Protocol for mapping IP addresses to MAC addresses.
ATT&CK — Adversarial Tactics, Techniques, and Common Knowledge. MITRE framework for describing cyber adversary behavior.
B¶
BFD — Bidirectional Forwarding Detection. Network protocol for fast failure detection.
BYOD — Bring Your Own Device. Policy allowing employees to use personal devices for work.
C¶
CDR — Call Detail Record. Detailed information about telephone calls or VoIP sessions.
CISO — Chief Information Security Officer. Executive responsible for information security.
CIS Controls — Center for Internet Security Critical Security Controls. Prioritized set of cybersecurity best practices.
CoA — Change of Authorization. RADIUS command to change attributes of an authentication session.
CVE — Common Vulnerabilities and Exposures. Publicly disclosed cybersecurity vulnerabilities.
D¶
DAI — Dynamic ARP Inspection. Security feature that validates ARP packets.
DDoS — Distributed Denial of Service. Attack attempting to make a service unavailable.
DHCP — Dynamic Host Configuration Protocol. Network management protocol for automatic IP address assignment.
DLP — Data Loss Prevention. Tools and processes to prevent data breaches.
DNAC — DNA Center. Cisco's network management and automation platform.
DNS — Domain Name System. Internet's directory system translating domain names to IP addresses.
DPI — Deep Packet Inspection. Advanced packet analysis examining data content.
E¶
EAP — Extensible Authentication Protocol. Authentication framework used in wireless and point-to-point connections.
EDR — Endpoint Detection and Response. Cybersecurity technology that monitors endpoints for threats.
F¶
FMC — Firepower Management Center. Cisco's centralized firewall management platform.
FTD — Firepower Threat Defense. Cisco's next-generation firewall platform.
G¶
GDPR — General Data Protection Regulation. European Union data protection and privacy regulation.
H¶
HAR — HTTP Archive. File format for tracking web browser interactions.
Hash — Fixed-size alphanumeric string generated by cryptographic algorithm from data.
I¶
IDS — Intrusion Detection System. Monitors network traffic for suspicious activity.
IOC — Indicator of Compromise. Forensic data suggesting a security breach.
IP — Internet Protocol. Primary protocol for relaying data across networks.
IPS — Intrusion Prevention System. Network security technology that monitors and blocks threats.
IPsec — Internet Protocol Security. Secure network protocol suite authenticating and encrypting packets.
ISE — Identity Services Engine. Cisco's network access control and policy enforcement platform.
ISO 27001 — International standard for information security management systems.
L¶
LISP — Locator/ID Separation Protocol. Network architecture separating device identity from location.
M¶
MAB — MAC Authentication Bypass. Network access control method using MAC addresses.
MACsec — Media Access Control Security. IEEE standard for securing data on Ethernet links.
MFA — Multi-Factor Authentication. Authentication requiring multiple verification methods.
MITRE ATT&CK — See ATT&CK.
MTTD — Mean Time to Detect. Average time to discover a security incident.
MTTR — Mean Time to Respond/Recover. Average time to respond to or recover from an incident.
N¶
NAC — Network Access Control. Security approach restricting network access to authorized devices.
NetFlow — Network protocol for collecting IP traffic information.
NIST CSF — National Institute of Standards and Technology Cybersecurity Framework.
O¶
OMP — Overlay Management Protocol. Cisco SD-WAN control plane protocol.
P¶
PCAP — Packet Capture. File format for saving network packet data.
PCI-DSS — Payment Card Industry Data Security Standard. Security standard for credit card processing.
PII — Personally Identifiable Information. Data that can identify an individual.
pxGrid — Platform Exchange Grid. Cisco's multivendor platform for security context sharing.
R¶
RADIUS — Remote Authentication Dial-In User Service. Networking protocol providing AAA management.
ROE — Rules of Engagement. Guidelines defining scope and conduct of penetration testing.
RTO — Recovery Time Objective. Maximum acceptable time to restore service after disruption.
RPO — Recovery Point Objective. Maximum acceptable data loss measured in time.
S¶
SASE — Secure Access Service Edge. Cloud-delivered network security and WAN capabilities.
SD-Access — Software-Defined Access. Cisco's automated campus network solution.
SD-WAN — Software-Defined Wide Area Network. Virtual WAN architecture.
SGACL — Security Group Access Control List. TrustSec policy enforcement mechanism.
SGT — Security Group Tag. TrustSec metadata assigned to packets for policy enforcement.
SIEM — Security Information and Event Management. Technology for log collection and analysis.
SIP — Session Initiation Protocol. Signaling protocol for VoIP communications.
SOC — Security Operations Center. Centralized unit dealing with security issues.
SOC 2 — Service Organization Control 2. Audit standard for service providers storing customer data.
SPF — Sender Policy Framework. Email authentication method preventing spoofing.
SSL — Secure Sockets Layer. Cryptographic protocol for secure communications (superseded by TLS).
SWG — Secure Web Gateway. Security solution monitoring internet-bound traffic.
T¶
TACACS+ — Terminal Access Controller Access-Control System Plus. Protocol for AAA services.
TLS — Transport Layer Security. Cryptographic protocol providing communications security.
TLOC — Transport Location. SD-WAN overlay identifier for WAN edge routers.
TTP — Tactics, Techniques, and Procedures. Patterns of activities and methods used by threat actors.
TrustSec — Cisco's security architecture using SGTs for access control.
U¶
UEBA — User and Entity Behavior Analytics. Security process examining patterns to detect threats.
UTD — Unified Threat Defense. Cisco SD-WAN integrated security features.
V¶
VLAN — Virtual Local Area Network. Network partitioning at data link layer.
VPN — Virtual Private Network. Encrypted connection over public network.
VXLAN — Virtual Extensible LAN. Network virtualization technology.
W¶
WAF — Web Application Firewall. Protection for web applications against attacks.
X¶
XDR — Extended Detection and Response. Security platform providing unified threat detection.
Z¶
Zero Trust — Security model requiring verification from everyone accessing network resources.
Last Updated: March 2026 | Total Terms: 100+