| 序号 | 英文 | 中文 | 简称 |
| 1 | access control list | 访问控制列表 | ACL |
| 2 | access control decision function | 访问控制判决功能 | ADF |
| 3 | access control decision information | 访问控制判决信息 | ADI |
| 4 | access control entries | 访问控制入口 | ACE |
| 5 | access control information | 访问控制信息 | |
| 6 | account security | 账户安全 | |
| 7 | advance persistent threat | 高级持续性威胁 | APT |
| 8 | agile development | 敏捷开发 | |
| 9 | anti-phishing project | 反钓鱼项目 | |
| 10 | api security | 接口安全 | |
| 11 | application programming interface | 应用编程接口 | API |
| 12 | artifical intelligent | 人工智能 | AI |
| 13 | assets management | 资产管理 | |
| 14 | asynchronous transfer mode | 异步传输模式 | |
| 15 | attribute- based access control | 基于属性的访问控制模型 | ABAC |
| 16 | authentication authorization accountiing | 认证、授权、记账 | 3A |
| 17 | authentication authorization accounting audit | 认证、授权、记账、审计 | 4A |
| 18 | back-end system | 后端系统 | |
| 19 | border gateway protocol | 边界网关协议 | BGP |
| 20 | bring your own device | 自带办公设备 | BYOD |
| 21 | business assessment | 业务评估 | BA |
| 22 | business continuity insitute | 业务连续性协会 | BCI |
| 23 | business continuity management | 业务连续性管理 | BCM |
| 24 | business continuity planning | 业务连续性计划 | BCP |
| 25 | business email compromise | 商业邮件实陷 | |
| 26 | business impact assessment | 业务影响评估 | BIA |
| 27 | business security | 业务安全 | |
| 28 | captcha security | 验证码安全 | |
| 29 | capture the flag | 夺旗赛 | CTF |
| 30 | certificate | 证书 | CA |
| 31 | chain of blocks | 区块链 | |
| 32 | cloud access security broker | 云访问安全代理 | CASB |
| 33 | cloud security | 云安全 | |
| 34 | cloud security posture management | 云安全配置管理 | CSPM |
| 35 | cloud workload protection platforms | 云工作负载保护平台 | CWPP |
| 36 | code audit | 代码审计 | |
| 37 | common body of knowledge | 通用知识协议 | CBK |
| 38 | complex event process | 复杂事件驱动 | CEP |
| 39 | confidentiality integrity availability | 保密性 完整性 可用性 | CIA |
| 40 | container security | 容器安全 | |
| 41 | content disarm and reconstruction | 内容拆解与重建 | |
| 42 | continuous delivery or development | 持续交付或部署 | CD |
| 43 | continuous integration | 持续集成 | CI |
| 44 | cryptography | 密码学 | |
| 45 | cyber security | 网络空间安全 | |
| 46 | data encryption standard | 数据加密标准 | DES |
| 47 | data lifecycle management | 数据生命周期管理 | DLM |
| 48 | data loss prevention | 数据丢失保护 | DLP |
| 49 | data mining | 数据挖掘 | |
| 50 | data security | 数据安全 | |
| 51 | denial of service | 拒绝服务 | Dos |
| 52 | deception | 欺骗技术 | |
| 53 | development security operations | DevSecOps | |
| 54 | disaster recovery planning | 灾难恢复计划 | DRP |
| 55 | discretionary access control | 自主访问控制 | DAC |
| 56 | distributed denial of service | 分布式拒绝服务 | DDoS |
| 57 | domain name system | 域名服务 | DNS |
| 58 | elastic and scalable | 弹性可伸缩 | |
| 59 | elastic computing | 弹性计算 | |
| 60 | endpoint detection and response | 终端检测与响应 | EDR |
| 61 | endpoint protection platform | 终端防护平台 | EPP |
| 62 | endpoint security | 终端安全 | |
| 63 | enterprise mobility management | 企业移动管理 | EMM |
| 64 | enterprise resource planning | 企业资源计划 | ERP |
| 65 | enterprise risk management | 企业风险管理 | ERM |
| 66 | extraction transformation loading | 提取 转化 加载 | ETL |
| 67 | file transfer protocol | 文件传输协议 | FTP |
| 68 | firewall | 防火墙 | |
| 69 | free computing | 自由计算 | |
| 70 | front-end system | 前端系统 | |
| 71 | general data protection regulation | 一般数据保护条例 | GDPR |
| 72 | governance risk and compliance | 治理风险与合规性 | |
| 73 | high availability | 高可用性 | HA |
| 74 | human computer interaction | 人机交互 | HCI |
| 75 | human machine interface | 人机界面 | HMI |
| 76 | identify access management | 身份识别与访问控制 | IAM |
| 77 | incident response | 事件响应 | |
| 78 | industrial control system | 工业控制系统 | ICS |
| 79 | information technology infrastructural library | IT基础结构 | ITIL |
| 80 | infrastructure security | 基础设施安全 | |
| 81 | internet of things | 物联网 | IOT |
| 82 | intrusion detection system | 入侵检测系统 | IDS |
| 83 | intrusion prevention system | 入侵防御系统 | IPS |
| 84 | load balancing | 负载均衡 | |
| 85 | log analysis | 日志分析 | |
| 86 | managed detection and response | 可管理检测与响应 | MDR |
| 87 | mandatory access control | 强制访问控制 | MAC |
| 88 | maximum tolerable downtime | 最长停机时间 | MTD |
| 89 | maximum tolerable period disruption | 最长中断时间 | MTPD |
| 90 | mean time between failure | 平均故障时间间隔 | MTBF |
| 91 | mean time to repair | 平均修复时间 | MTTR |
| 92 | mobile application management | 移动应用管理 | MAM |
| 93 | mobile content management | 移动内容管理 | MCM |
| 94 | mobile device management | 移动设备管理 | MDM |
| 95 | monitoring | 监控 | |
| 96 | multi factor authentication | 多因素认证 | MFA |
| 97 | network access control | 网络准入控制 | NAC |
| 98 | network security | 网络安全 | |
| 99 | network traffic analysis | 网络流量分析 | NTA |
| 100 | one-time password | 一次性密码 | OTP |
| 101 | open source security information management | 开源安全信息管理 | OSSIM |
| 102 | open web application security project | Web应用程序安全项目 | OWASP |
| 103 | optical character recognition | 文字识别 | OCR |
| 104 | penetration testing | 渗透测试 | |
| 105 | personal identifiable information | 个人身份信息 | PII |
| 106 | personal identification number | 个人识别号 | PIN |
| 107 | privileged account management | 特权账户管理 | PAM |
| 108 | proof of concept | 概念验证 | POC |
| 109 | proxies | 代理 | |
| 110 | public key infrastructure | 公钥基础设施 | PKI |
| 111 | recovery point objective | 恢复点目标 | RPO |
| 112 | recovery time objective | 恢复时间目标 | RTO |
| 113 | return on investment | 投资回报率 | ROI |
| 114 | risk assessment | 风险评估 | |
| 115 | risk and vulnerability assessment | 风险与漏洞评估 | |
| 116 | risk management | 风险管理 | |
| 117 | risk management framework | 风险管理框架 | RMF |
| 118 | role-based access control | 基于角色的访问控制 | RBAC |
| 119 | routers | 路由器 | |
| 120 | runtime application self protection | 程序运行自我保护 | RASP |
| 121 | search processing language | 搜索处理语言 | SPL |
| 122 | security domain | 安全域 | |
| 123 | secure email gateway | 安全邮件网关 | SEG |
| 124 | security awareness | 态势感知 | SA |
| 125 | security development lifecycle | 安全开发生命周期 | SDL |
| 126 | security event management | 安全事件管理 | SEM |
| 127 | security incident | 安全事故 | |
| 128 | security information and event management | 安全信息与事件管理 | SIEM |
| 129 | security information management | 安全信息管理 | SIM |
| 130 | security isolation | 安全隔离 | |
| 131 | security operation center | 安全运营中心 | SOC |
| 132 | security orchestration automation and response | 安全编排和自动化响应 | SOAR |
| 133 | security response center | 安全响应中心 | SRC |
| 134 | security testing | 安全测试 | |
| 135 | service leve agreement | 服务界别协议 | SLA |
| 136 | service oriented architecture | 面向服务的体系结构 | SOA |
| 137 | single sign on | 单点登录 | SSO |
| 138 | software composition analysis | 软件成分分析 | SCA |
| 139 | software defined network | 软件定义网络 | SDN |
| 140 | software defined perimeter | 软件定义边界 | SDP |
| 141 | software defined security | 软件定义安全 | SDS |
| 142 | switches | 交换机 | |
| 143 | threat intelligence | 威胁情报 | TI |
| 144 | total cost of ownship | 总拥有成本 | TCO |
| 145 | trojan horse | 特洛伊木马 | |
| 146 | trusted computing base | 可信计算基 | |
| 147 | trusted third stamp | 可信第三方 | |
| 148 | two factor authentication | 双因素认证 | |
| 149 | unified endpoint management | 统一端点管理 | UEM |
| 150 | unified identity management | 统一身份管理 | UIM |
| 151 | unified threat management | 统一威胁管理 | UTM |
| 152 | user and entity behavior analytics | 用户和事件行为分析 | UEBA |
| 153 | virtual private network | 虚拟专用网络 | VPN |
| 154 | wireless access point | 无线访问接入点 | WAP |
| 155 | work recovery time | 工作恢复时间 | WRT |
| 156 | zero trust | 零信任 | |
| 157 | IPDRR | IPDRR安全模型, 能力框架模型包括风险识别(Identify)、安全防御(Protect)、安全检测(Detect)、安全响应(Response)和安全恢复(Recovery)五大能力 |
IPDRR |
| 158 | Cybersecurity Classified Protection Compliance Service | 网络安全保密合规服务(国内称 等保) | |
| 159 | Static Application Security Testing | 静态应用程序安全测试 | SAST |
| 160 | Dynamic Application Security Testing | 动态应用程序安全检测 | DAST |
| 161 | Cloud Backup and Recovery | 云备份 | CBR |
发布评论