Information Assurance (IA) Acronyms Challenge

​​ These IA/cyber security acronyms represent words the US government (CNSS) thinks IT security pro's should know.

CNSS -- the Committee on National Security Systems -- is in charge of "setting national-level Information Assurance policies, directives, instructions, operational procedures, guidance, and advisories for U.S. Government" military and intelligence organizations. Many of its guidelines are also followed by "observer" agencies, from the Senate to the Fed.
 
Here are the 400 or so acronyms that survived the bureaucratic rigors of the 2010 CNSS review, which deleted acronyms that are too "narrow" and tried to balance "macro terms and micro terms."
 
How many of these do you know off the top of your head? Many are easy, but if you're able to break the 200 mark you may be spending too much time in front of a computer, or at least in IA staff meetings.
 
Check out the bottom of the page for the answers. 

​

 . ACL
​
· . ADP· 

. AES
 . AIG
 
 . AIN
 
 . AK
 
 . AKP
 . AKD/RCU
 . ALC
 . AMS (2)
 . ANDVT
 . ANSI
 . APC
 . APU
 . ASCII
 . ASSIST
 . AS&W
 . ATC
 . ATM
 . ATO
 . AUTODIN
 . AVP
 . BoE
 . BCP
 . BIA
 . BMA
 . C2
 . C 3
 . C3I
 . C4
 . CA (5)
 . C&A
 . CAC
 . CAW
 . CC
 . CCB
 . CCEP
 . CCEVS
 . CCI
 . CCO
 . CD
 . CDS
 . CEOI
 . CEPR
 . CER (2)
 . CERT
 . CFD
 . CIAC
 . CIK
 . CIO
 . CIP
 . CIRC (2)
 . CIRT
 . CISO
 . CKG
 . CKL
 . CMCS
 . CNA
 . CND
 . CNE
 . CNO
 . CNSS
 . CNSSAM
 . CNSSD
 . CNSSI
 . CNSSP
 . COG
 . COI
 . COMPUSEC
 . COMSEC
 . CONOP
 . COOP
 . COR (2)
 . COTS
 . CP
 . CPS
 . CPU
 . CRC
 . CRL
 . Crypt/Crypto
 . CSA
 . CSE
 . CSIRT
 . CSN
 . CSP
 . CSS (4)
 . CSSO
 . CSTVRP
 . CTAK
 . CT&E
 . CTTA
 . CUI
 . CUP
 . CVE
 . DAA (3)
 . DAC
 . DAMA
 . DAR
 . DCID
 . DCS (2)
 . DDoS
 . DDS
 . DEA (not drugs)
 . DES
 . DHCP
 . DIACAP
 . DISN
 . DITSCAP
 . DMA
 . DMS
 . DMZ
 . DN
 . DOC
 . DoS
 . DRP
 . DSA
 . DSN
  . DSVT
 . DTLS
 . DTD
 . DTS
 . DUA
 . EA
 . EAL
 . EAM
 . ECCM
 . ECM
 . ECPL
 . ECU
 . EDAC
 . EFD
 . EFTO
 . EIEMA
 . EKMS
 . ELINT
 . E Model
 . EMSEC
 . EPL
 INFOSEC
 . EPROM
 . ERTZ
 . ETPL
 . FAR
 . FBCA
 . FDIU
 . FEA
 . FIPS
 . FISMA
 . FMR
 . FNMR
 . FOCI
 . FOUO
 . FRR
 . FSRS
 . FSTS
 . FTS
 . FTAM
 . FTLS
 . GCCS
 . GETS
 . GIG
 . GII
 . GOTS
 . GPS
 . GSS
 . GTS
 . GWEN
 . HAIPE
 . HMAC
 . HSPD
 . HTTP
 . IA
 . I&A
 . IAB
 . IAC
 . IAM
 . IAO
 . IATO
 . IATT
 . IAVA
 . IBAC
 . IC
 . ICANN
 . ICVA
 . ICU
 . IDS
 . IEMATS
 . IFF
 . IFFN
 . ILS
 . INFOSEC
 . IO
 . IP
 . IPM
 . IPSec
 . IPSO
 . IRM
 . IS
 . ISA
 . ISDN
 . ISE
 . ISSE
 . ISSM
 . ISSO
 . IT
 . ITAR
 . ITSEC
 . IVA
 . IV&V
 . KAK
 . KDC
 . KEK
 . KG
 . KMC
 . KMI
 . KMID
 . KMODC
 . KMP (2)
 . KMS
 . KOA
 . KP (not kitchen patrol)
 . KPC
 . KPK. KSD

•  . LAN

•  . LEAD

•  . LMD

•  . LMD/KP

•  . LOCK

•  . LPC

•  . LPD

•  . LPI

•  . LRA

•  . LRIP

•  . LSI

•  . MAC (4)

•  . MAN

•  . MER

•  . MGC

•  . MHS

•  . MI

•  . MIB (not the movie)

•  . MIME

•  . MINTERM

•  . MISSI

•  . MitM

•  . MLS

•  . MOU/A

•  . MSE

•  . MSL

•  . NACAM

•  . NACSI

•  . NACSIM

•  . NAK

•  . NCCD

•  . NCS (3)

•  . NCSC

•  . NIAP

•  . NII

•  . NISAC

•  . NIST

•  . NLZ

•  . NSA

•  . NSD

•  . NSDD

•  . NSEP

•  . NSI

•  . NSS

•  . NSTAC

•  . NSTISSAM

•  . NSTISSC

•  . NSTISSD

•  . NSTISSI

•  . NSTISSP

•  . NTCB

•  . NTIA

•  . NTISSAM

•  . NTISSD

•  . NTISSI

•  . NTISSP
•  . NVD

•  . OADR

•  . OPCODE

•  . OPSEC

•  . ORA

•  . OSI

•  . OTAD

•  . OTAR

•  . OTAT

•  . OTP

•  . OTT

•  . PAA (2)

•  . PAL

•  . PBAC

•  . PBX

•  . PC

•  . PCA

•  . PCIPB

•  . PCMCIA

•  . PDA

•  . PDR

•  . PDS (2)

•  . PED

•  . PES

•  . PIA

•  . PII

•  . PIN

•  . PING

•  . PIV

•  . PKC

•  . PKE

•  . PKI

•  . PKSD

•  . P model

•  . PNEK

•  . POA&M

•  . PPL

•  . PRBAC

•  . PRM

•  . PRNG

•  . PROM

•  . PROPIN

•  . PRSN

•  . PSN

•  . PWDS

•  . RA

•  . RAdAC

•  . RAMP

•  . RBAC

•  . RMF

•  . RNG

•  . ROM

•  . RVTM

•  . SA

•  . SABI

•  . SAISO

•  . SAML

•  . SAO

•  . SAP (2)

•  . SAPF

•  . SARK

•  . SBU (not the SOF unit)

•  . SCADA

•  . SCAP

•  . SCI

•  . SCIF

•  . SDLC

•  . SDNS

•  . SDR

•  . SFA

•  . SHA

•  . SFUG

•  . SI

•  . SISS

•  . S/MIME

•  . SMTP

•  . SMU

•  . SoM

•  . SPK

•  . SRR

•  . SRTM

•  . SSAA

•  . SSL

•  . SSO

•  . SSP

•  . ST&E

•  . STE

•  . STS

•  . STU

•  . TA (2)

•  . TACTERM

•  . TAG (not National Guard)

•  . TCB

•  . TCP/IP

•  . TED

•  . TEK

•  . TEP

•  . TFM

•  . TFS

•  . TLS

•  . TOE

•  . TPC

•  . TPEP

•  . TPI

•  . TRANSEC

•  . TRB

•  . TRI-TAC

•  . TRM

•  . TSABI

•  . TSCM

•  . TSEC

•  . TSF

•  . TSP

•  . TTAP

•  . UA

•  . UIS

•  . UPP

•  . USB

•  . VoIP

•  . VPN

•  . WAN

•  . WAP (2)

•  . WEP

•  . WPA

. XML 

ACL Access Control List
. ADP Automatic Data Processing
. AES Advanced Encryption Standard
. AIG Address Indicator Group
. AIN Advanced Intelligence Network
. AK Automatic Remote Rekeying
. AKP Advanced Key Processor
. AKD/RCU Automatic Key Distribution/Rekeying Control Unit
. ALC Accounting Legend Code
. AMS Auto-Manual System
. Autonomous Message Switch
. ANDVT Advanced Narrowband Digital Voice Terminal
. ANSI American National Standards Institute
. APC Adaptive Predictive Coding
. APU Auxiliary Power Unit
. ASCII American Standard Code for Information Interchange
. ASSIST Program Automated Information Systems Security Incident Support Team Program
. AS&W Attack Sensing and Warning
. ATC Approval to Connect
. ATM Asynchronous Transfer Mode
. ATO Approval to Operate
. AUTODIN Automatic Digital Network
. AVP Authorized Vendor Program
. BoE Body of Evidence
. BCP Business Continuity Plan

. BIA Business Impact Analysis
. BMA Business Mission Area

. C 2Command and Control
. C 3Command, Control, and Communications
. C3I Command, Control, Communications and Intelligence
. C4 Command, Control, Communications and Computers
. CA Controlling Authority, Cryptanalysis, COMSEC Account, Command Authority, Certificatication Authority
. C&A Certification and Accreditation
. CAC Common Access Card
. CAW Certificate Authority Workstation
. CC Common Criteria
. CCB Configuration Control Board
. CCEP Commercial COMSEC Evaluation Program
. CCEVS Common Criteria Evaluation and Validation Scheme
. CCI Controlled Cryptographic Item
. CCO Circuit Control Officer
. CD Compact Disc
. CDS Cross Domain Solution
. CEOI Communications Electronics Operating Instruction
. CEPR Compromising Emanation Performance Requirement
. CER . Cryptographic Equipment Room
. Communication Equipment Room
. CERT Computer (Security) Emergency Response Team
. CFD Common Fill Device
. CIAC Computer Incident Assessment Capability
. CIK Cryptographic Ignition Key
. CIO Chief Information Officer
. CIP Critical Infrastructure Protection
. CIRC Computer Incident Response Center, Computer Incident Response Capability
. CIRT Computer Incident Response Team
. CISO Chief Information Security Officer
. CKG Cooperative Key Generation
. CKL Compromised Key List
. CMCS COMSEC Material Control System
. CNA Computer Network Attack
. CND Computer Network Defense
. CNE Computer Network Exploitation
. CNO Computer Network Operations
. CNSS Committee on National Security Systems
. CNSSAM Committee on National Security Systems Advisory Memorandum
. CNSSD Committee on National Security Systems Directive
. CNSSI Committee on National Security Systems Instruction
. CNSSP Committee on National Security Systems Policy
. COG Continuity of Government
. COI Community of Interest
. COMPUSEC Computer Security
. COMSEC Communications Security
. CONOP Concept of Operations
. COOP Continuity of Operations Plan

.COR Central Office of Record (COMSEC), Contracting Officer Representative
. COTS Commercial off-the-shelf
. CP Certificate Policy
. CPS Certification Practice Statement
. CPU Central Processing Unit
. CRC Cyclic Redundancy Check
. CRL Certificate Revocation List
. Crypt/Crypto Cryptographic-related
. CSA Certificate Status Authority
. CSE Communications Security Element
. CSIRT Computer Security Incident Response Team
. CSN Central Services Node
. CSP Credentials Service Provider
. CSS COMSEC Subordinate Switch
. Constant Surveillance Service (Courier)
. Continuous Signature Service (Courier)
. Coded Switch System
. CSSO Contractor Special Security Officer
. CSTVRP Computer Security Technical Vulnerability Report Program
. CTAK Cipher Text Auto-Key
. CT&E Certification Test and Evaluation
. CTTA Certified TEMPEST Technical Authority
. CUI Controlled Unclassified Information
. CUP COMSEC Utility Program
. CVE Common Vulnerabilities and Exposures
. DAA Designated Accrediting Authority, Delegated Accrediting Authority, Designated Approval Authority
. DAC Discretionary Access Control
. DAMA Demand Assigned Multiple Access
. DAR Data-at-Rest
. DCID Director Central Intelligence Directive
. DCS Defense Communications System, Defense Courier Service

. DDoS Distributed Denial of Service
. DDS Dual Driver Service (courier)
. DEA Data Encryption Algorithm
. DES Data Encryption Standard
. DHCP Dynamic Host Configuration Protocol
. DIACAP DoD Information Assurance Certification and Accreditation Process
. DISN Defense Information System Network
. DITSCAP DoD Information Technology Security Certification and Accreditation Process
. DMA Direct Memory Access
. DMS Defense Message System
. DMZ Demilitarized Zon

. DN Distinguished Name
. DOC Delivery-Only Client

. DoS Denial of Service

. DRP Disaster Recovery Plan
. DSA Digital Signature Algorithm

. DSN Defense Switched Network

. DSVT Digital Subscriber Voice Terminal
. DTLS Descriptive Top-Level Specification

. DTD Data Transfer Device
. DTS Diplomatic Telecommunications Service
. DUA Directory User Agent
. EA Enterprise Architecture
. EAL Evaluation Assurance Level
. EAM Emergency Action Message
. ECCM Electronic Counter-Countermeasures
. ECM Electronic Countermeasures
. ECPL Endorsed Cryptographic Products List (a section in the Information Systems Security Products and Services Catalogue)
. ECU End Cryptographic Unit
. EDAC Error Detection and Correction
. EFD Electronic Fill Device
. EFTO Encrypt For Transmission Only
. EIEMA Enterprise Information Environment Mission Area
. EKMS Electronic Key Management System
. ELINT Electronic Intelligence
. E Model Engineering Development Model
. EMSEC Emission Security
. EPL Evaluated Products List (a section in the INFOSEC Products and Services Catalogue)
. EPROM Erasable, Programmable, Read-Only Memory
. ERTZ Equipment Radiation TEMPEST Zone

. ETPL Endorsed TEMPEST Products List
. FAR False Acceptance Rate
. FBCA Federal Bridge Certification Authority
. FDIU Fill Device Interface Unit
. FEA Federal Enterprise Architecture
. FIPS Federal Information Processing Standard
. FISMA Federal Information Security Management Act
. FMR False Match Rate
. FNMR False Non-Match Rate
. FOCI Foreign Owned, Controlled or Influenced
. FOUO For Official Use Only
. FRR False Rejection Rate
. FSRS Functional Security Requirements Specification
. FSTS Federal Secure Telephone Service
. FTS Federal Telecommunications System
. FTAM File Transfer Access Management
. FTLS Formal Top-Level Specification
. GCCS Global Command and Control System
. GETS Government Emergency Telecommunications Service
. GIG Global Information Grid
. GII Global Information Infrastructure
. GOTS Government-off-the-Shelf
. GPS Global Positioning System
. GSS General Support System
. GTS Global Telecommunications Service
. GWEN Ground Wave Emergency Network
. HAIPE High Assurance Internet Protocol Encryptor
. HMAC Hash- Based Message Authentication Code
. HSPD Homeland Security Presidential Directive
. HTTP Hypertext Transfer Protocol
. IA Information Assurance
. I&A Identification and Authentication
. IAB Internet Architecture Board
. IAC Information Assurance Component
. IAM Information Assurance Manager
. IAO Information Assurance Officer
. IATO Interim Approval to Operate
. IATT Interim Approval to Test
. IAVA Information Assurance Vulnerability Alert
. IBAC Identity Based Access Control
. IC Intelligence Community
. ICANN Internet Corporation for Assigned Names and Numbers
. ICVA Intelligence Community Vulnerability Alert
. ICU Interface Control Unit
. IDS Intrusion Detection System
. IEMATS Improved Emergency Message Automatic Transmission System
. IFF Identification, Friend or Foe
. IFFN Identification, Friend, Foe, or Neutral
. ILS Integrated Logistics Support
. INFOSEC (C.F.D.) Information Systems Security
. IO Information Operations
. IP Internet Protocol
. IPM Interpersonal Messaging
. IPSec IP Security
. IPSO Internet Protocol Security Option
. IRM Information Resources Management
. IS Information System
. ISA Interconnection Security Agreement
. ISDN Integrated Services Digital Network
. ISE Information Sharing Environment
. ISSE Information Systems Security Engineer/Engineering
. ISSM Information Systems Security Manager
. ISSO Information Systems Security Officer
. IT Information Technology
. ITAR International Traffic in Arms Regulation
. ITSEC Information Technology Security Evaluation Criteria
. IVA Independent Validation Authority
. IV&V Independent Verification and Validation
. KAK Key-Auto-Key
. KDC Key Distribution Center
. KEK Key Encryption Key
. KG Key Generator
. KMC Key Management Center
. KMI Key Management Infrastructure
. KMID Key Management Identification Number
. KMODC Key Management Ordering and Distribution Center
. KMP . Key Management Protocol, Key Management Plan
. KMS Key Management System
. KOA KMI Operating Account
. KP Key Processor
. KPC KMI Protected Channel
. KPK (C.F.D.) Key Production Key
. KSD Key Storage Device
. LAN Local Area Network
. LEAD Low-Cost Encryption/Authentication Device
. LMD Local Management Device
. LMD/KP Local Management Device/Key Processor
. LOCK Logical Co-Processing Kernel
. LPC Linear Predictive Coding
. LPD Low Probability of Detection
. LPI Low Probability of Intercept
. LRA Local Registration Authority
. LRIP Low Rate Initial Production
. LSI Large Scale Integration
. MAC Mandatory Access Control, Message Authentication Code, Mission Assurance Category, Machine Addressable Code
. MAN Mandatory Modification, Metropolitan Area Network
. MER Minimum Essential Requirements
. MGC Management Client
. MHS Message Handling System
. MI Message Indicator
. MIB Management Information Base
. MIME Multipurpose Internet Mail Extensions
. MINTERM Miniature Terminal
. MISSI Multilevel Information Systems Security Initiative
. MitM Man-in-the-Middle Attack
. MLS Multilevel Security
. MOU/A Memorandum of Understanding/Agreement
. MSE Mobile Subscriber Equipment
. MSL Multiple Security Levels
. NACAM National COMSEC Advisory Memorandum
. NACSI National COMSEC Instruction
. NACSIM National COMSEC Information Memorandum
. NAK Negative Acknowledgement
. NCCD Nuclear Command and Control Document
. NCS National Communications System, National Cryptologic School, Net Control Station
. NCSC National Computer Security Center
. NIAP National Information Assurance Partnership
. NII National Information Infrastructure
. NISAC National Industrial Security Advisory Committee
. NIST National Institute of Standards and Technology
. NLZ No-Lone Zone

. NSA National Security Agency
. NSD National Security Directive
. NSDD National Security Decision Directive
. NSEP National Security Emergency Preparedness
. NSI National Security Information
. NSS National Security System
. NSTAC National Security Telecommunications Advisory Committee
. NSTISSAM National Security Telecommunications and Information Systems Security
Advisory/Information Memorandum
. NSTISSC National Security Telecommunications and Information Systems Security
Committee
. NSTISSD National Security Telecommunications and Information Systems Security
Directive
. NSTISSI National Security Telecommunications and Information Systems Security
Instruction
. NSTISSP National Security Telecommunications and Information Systems Security Policy
. NTCB Network Trusted Computing Base
. NTIA National Telecommunications and Information
Administration
. NTISSAM National Telecommunications and Information Systems Security
Advisory/Information Memorandum
. NTISSD National Telecommunications and Information Systems Security Directive
. NTISSI National Telecommunications and Information Systems Security Instruction
. NTISSP National Telecommunications and Information Systems Security Policy
. NVD National Vulnerability Database
. OADR Originating Agency’s Determination Required
. OPCODE Operations Code
. OPSEC Operations Security
. ORA Organizational Registration Authority
. OSI Open Systems Interconnection Reference Model
. OTAD Over-the-Air Key Distribution
. OTAR Over-the-Air Rekeying
. OTAT Over-the-Air Key Transfer

. OTP One-Time Pad
. OTT One-Time Tape
. PAA (PKI) Policy Approving Authority, Principal Accrediting Authority
. PAL Permissive Action Link
. PBAC Policy Based Access Control
. PBX Private Branch Exchange
. PC Personal Computer
. PCA Policy Certification Authority
. PCIPB President’s Critical Infrastructure Protection Board
. PCMCIA Personal Computer Memory Card International Association
. PDA Personal Digital Assistant
. PDR Preliminary Design Review
. PDS Protected Distribution Systems, Practices Dangerous to Security
. PED Portable Electronic Device
. PES Positive Enable System
. PIA Privacy Impact Assessment
. PII Personally Identifiable Information
. PIN Personal Identification Number
. PING Packet Internet Groper
. PIV Personal Identity Verification
. PKC Public Key Cryptography
. PKE Public Key Enabling
. PKI Public Key Infrastructure
. PKSD Programmable Key Storage Device
. P model Preproduction Model
. PNEK Post-Nuclear Event Key
. POA&M Plan of Action and Milestones
. PPL Preferred Products List (a section in the INFOSEC Products and Services Catalogue)
. PRBAC (C.F.D.) Partition Rule Base Access Control
. PRM Performance Reference Model
. PRNG Pseudorandom Number Generator
. PROM Programmable Read-Only Memory
. PROPIN Proprietary Information
. PRSN Primary Services Node
. PSN Product Source Node
. PWDS Protected Wire Distribution System
. RA Registration Authority
. RAdAC Risk Adaptable Access Control
. RAMP Rating Maintenance Program
. RBAC Role Based Access Control
. RMF Risk Management Framework
. RNG Random Number Generator
. ROM Read-Only Memory
. RVTM Requirements Verification Traceability Matrix
. SA System Administrator
. SABI (C.F.D.) Secret and Below Interoperability
. SAISO Senior Agency Information Security Officer
. SAML Security Assertion Markup Language
. SAO Special Access Office
. SAP System Acquisition Plan, Special Access Program
. SAPF Special Access Program Facility
. SARK SAVILLE Advanced Remote Keying
. SBU Sensitive But Unclassified
. SCADA Supervisory Control and Data Acquisition
. SCAP Security Content Automation Protocol
. SCI Sensitive Compartmented Information
. SCIF Sensitive Compartmented Information Facility
. SDLC System Development Life Cycle
. SDNS Secure Data Network System
. SDR System Design Review
. SFA Security Fault Analysis
. SHA Secure Hash Algorithm
. SFUG (C.F.D.) Security Features Users Guide
. SI Special Intelligence
. SISS Subcommittee on Information Systems Security
. S/MIME Secure/Multipurpose Internet Mail Extensions
. SMTP Simple Mail Transfer Protocol
. SMU Secure Mobile Unit
. SoM Strength of Mechanism
. SPK Single Point Key(ing)
. SRR Security/System Requirements Review
. SRTM Security Requirements Traceability Matrix
. SSAA System Security Authorization Agreement
. SSL Secure Socket Layer
. SSO Staff Security Officer
. SSP System Security Plan
. ST&E Security Test and Evaluation
. STE Secure Terminal Equipment
. STS Subcommittee on Telecommunications Security
. STU Secure Telephone Unit
. TA Traffic Analysis, Trusted Agent
. TACTERM Tactical Terminal
. TAG TEMPEST Advisory Group
. TCB Trusted Computing Base
. TCP/IP Transmission Control Protocol/Internet Protocol
. TED Trunk Encryption Device
. TEK Traffic Encryption Key
. TEP TEMPEST Endorsement Program
. TFM Trusted Facility Manual
. TFS Traffic Flow Security
. TLS Top-Level Specification
. TOE Target of Evaluation
. TPC Two-Person Control
. TPEP Trusted Products Evaluation Program
. TPI Two-Person Integrity
. TRANSEC Transmission Security
. TRB Technical Review Board
. TRI-TAC Tri-Service Tactical Communications System
. TRM Technical Reference Model
. TSABI (C.F.D.) Top Secret and Below Interoperability
. TSCM Technical Surveillance Countermeasures
. TSEC Telecommunications Security
. TSF TOE Security Functions
. TSP TOE Security Policy
. TTAP Trust Technology Assessment Program
. UA User Agent
. UIS User Interface System
. UPP User Partnership Program
. USB Universal Serial Bus
. VoIP Voice over Internet Protocol
. VPN Virtual Private Network
. WAN Wide Area Network
. WAP Wireless Access Point, Wireless Application Protocol
. WEP Wired Equivalent Privacy
. WPA Wi-Fi Protected Access
. XML Extensible Markup Language