| access control decision function |
访问控制判决功能 |
ADF |
| access control decision information |
访问控制判决信息 |
ADI |
| access control enforcement function |
访问控制实施功能 |
AEF |
| access control entries |
访问控制入口 |
ACE |
| access control information |
访问控制信息 |
|
| access control list |
访问控制列表 |
ACL |
| account security |
账户安全 |
|
| advance persistent threat |
高级持续性威胁 |
APT |
| agile development |
敏捷开发 |
|
| anti-phishing project |
反钓鱼项目 |
|
| api security |
接口安全 |
|
| application programming interface |
应用编程接口 |
API |
| artificial intelligent |
人工智能 |
AI |
| assets management |
资产管理 |
|
| asynchronous transfer mode |
异步传输模式 |
|
| attribute-based access control |
基于属性的访问控制模型 |
ABAC |
| authentication authorization accounting |
认证、授权、计帐 |
3A |
| authentication authorization accounting audit |
统一安全管理平台解决方案 |
4A |
| back-end system |
后端系统 |
|
| border gateway protocol |
边界网关协议 |
BGP |
| bring your own device |
携带自己的办公设备 |
BYOD |
| business assessment |
业务评估 |
BA |
| business continuity institute |
业务持续性协会 |
BCI |
| business continuity management |
业务连续性管理 |
BCM |
| business continuity planning |
业务连续性计划 |
BCP |
| business email compromise |
商业邮件失陷 |
|
| business impact assessment |
业务影响评估 |
BIA |
| business security |
业务安全 |
|
| captcha security |
验证码安全 |
|
| capture the flag |
夺旗赛 |
CTF |
| certificate |
证书 |
CA |
| chain of blocks |
区块链 |
|
| cloud access security broker |
云访问安全代理 |
CASB |
| cloud security |
云安全 |
|
| cloud security posture management |
云安全配置管理 |
CSPM |
| cloud workload protection platforms |
云工作负载保护平台 |
CWPP |
| code audit |
代码审计 |
|
| common body of knowledge |
通用知识协议 |
CBK |
| complex event process |
复杂事件驱动 |
CEP |
| confidentiality integrity availability |
保密性 完整性 可用性 |
CIA |
| container security |
容器安全 |
|
| content disarm and reconstruction |
内容拆解与重建 |
|
| continuous delivery or development |
持续交付或部署 |
CD |
| continuous integration |
持续集成 |
CI |
| cryptography |
密码学 |
|
| cyber security |
网络空间安全 |
|
| data encryption standard |
数据加密标准 |
DES |
| data lifecycle management |
数据生命周期管理 |
DLM |
| data loss prevention |
数据丢失保护 |
DLP |
| data mining |
数据挖掘 |
|
| data security |
数据安全 |
|
| denial of service |
拒绝服务 |
DoS |
| deception |
欺骗技术 |
|
| development security operations |
DevSecOps |
|
| disaster recovery planning |
灾难恢复计划 |
DRP |
| discretionary access control |
自主访问控制 |
DAC |
| distributed denial of service |
分布式拒绝服务 |
DDoS |
| domain name system |
域名服务 |
DNS |
| elastic and scalable |
弹性可伸缩 |
|
| elastic computing |
弹性计算 |
|
| endpoint detection and response |
终端检测与响应 |
EDR |
| endpoint protection platform |
终端防护平台 |
EPP |
| endpoint security |
终端安全 |
|
| enterprise mobility management |
企业移动管理 |
EMM |
| enterprise resource planning |
企业资源计划 |
ERP |
| enterprise risk management |
企业风险管理 |
ERM |
| extraction transformation loading |
提取 转化 加载 |
ETL |
| file transfer protocol |
文件传输协议 |
FTP |
| firewall |
防火墙 |
|
| free computing |
自由计算 |
|
| front-end system |
前端系统 |
|
| general data protection regulation |
一般数据保护条例 |
GDPR |
| governance risk and compliance |
治理风险与合规性 |
|
| high availability |
高可用性 |
HA |
| human computer interaction |
人机交互 |
HCI |
| human machine interface |
人机界面 |
HMI |
| identify access management |
身份识别与访问控制 |
IAM |
| incident response |
事件响应 |
|
| industrial control system |
工业控制系统 |
ICS |
| information technology infrastructural library |
IT基础结构 |
ITIL |
| infrastructure security |
基础设施安全 |
|
| internet of things |
物联网 |
IOT |
| intrusion detection system |
入侵检测系统 |
IDS |
| intrusion prevention system |
入侵防御系统 |
IPS |
| load balancing |
负载均衡 |
|
| log analysis |
日志分析 |
|
| managed detection and response |
可管理检测与响应 |
MDR |
| mandatory access control |
强制访问控制 |
MAC |
| maximum tolerable downtime |
最长停机时间 |
MTD |
| maximum tolerable period disruption |
最长中断时间 |
MTPD |
| mean time between failure |
平均故障时间间隔 |
MTBF |
| mean time to repair |
平均修复时间 |
MTTR |
| mobile application management |
移动应用管理 |
MAM |
| mobile content management |
移动内容管理 |
MCM |
| mobile device management |
移动设备管理 |
MDM |
| monitoring |
监控 |
|
| multi factor authentication |
多因素认证 |
MFA |
| network access control |
网络准入控制 |
NAC |
| network security |
网络安全 |
|
| network traffic analysis |
网络流量分析 |
NTA |
| one-time password |
一次性密码 |
OTP |
| open source security information management |
开源安全信息管理 |
OSSIM |
| open web application security project |
Web应用程序安全项目 |
OWASP |
| optical character recognition |
文字识别 |
OCR |
| penetration testing |
渗透测试 |
|
| personal identifiable information |
个人身份信息 |
PII |
| personal identification number |
个人识别号 |
PIN |
| privileged account management |
特权账户管理 |
PAM |
| proof of concept |
概念验证 |
POC |
| proxies |
代理 |
|
| public key infrastructure |
公钥基础设施 |
PKI |
| recovery point objective |
恢复点目标 |
RPO |
| recovery time objective |
恢复时间目标 |
RTO |
| return on investment |
投资回报率 |
ROI |
| risk assessment |
风险评估 |
|
| risk and vulnerability assessment |
风险与漏洞评估 |
|
| risk management |
风险管理 |
|
| risk management framework |
风险管理框架 |
RMF |
| role-based access control |
基于角色的访问控制 |
RBAC |
| routers |
路由器 |
|
| runtime application self protection |
程序运行自我保护 |
RASP |
| search processing language |
搜索处理语言 |
SPL |
| security domain |
安全域 |
|
| secure email gateway |
安全邮件网关 |
SEG |
| security awareness |
态势感知 |
SA |
| security development lifecycle |
安全开发生命周期 |
SDL |
| security event management |
安全事件管理 |
SEM |
| security incident |
安全事故 |
|
| security information and event management |
安全信息与事件管理 |
SIEM |
| security information management |
安全信息管理 |
SIM |
| security isolation |
安全隔离 |
|
| security operation center |
安全运营中心 |
SOC |
| security orchestration automation and response |
安全编排和自动化响应 |
SOAR |
| security response center |
安全响应中心 |
SRC |
| security testing |
安全测试 |
|
| service leve agreement |
服务界别协议 |
SLA |
| service oriented architecture |
面向服务的体系结构 |
SOA |
| single sign on |
单点登录 |
SSO |
| software composition analysis |
软件成分分析 |
SCA |
| software defined network |
软件定义网络 |
SDN |
| software defined perimeter |
软件定义边界 |
SDP |
| software defined security |
软件定义安全 |
SDS |
| switches |
交换机 |
|
| threat intelligence |
威胁情报 |
TI |
| total cost of ownship |
总拥有成本 |
TCO |
| trojan horse |
特洛伊木马 |
|
| trusted computing base |
可信计算基 |
|
| trusted third stamp |
可信第三方 |
|
| two factor authentication |
双因素认证 |
|
| unified endpoint management |
统一端点管理 |
UEM |
| unified identity management |
统一身份管理 |
UIM |
| unified threat management |
统一威胁管理 |
UTM |
| user and entity behavior analytics |
用户和事件行为分析 |
UEBA |
| virtual private network |
虚拟专用网络 |
VPN |
| wireless access point |
无线访问接入点 |
WAP |
| work recovery time |
工作恢复时间 |
WRT |
| zero trust |
零信任 |
|