📘 Appendix A: Acronyms and Abbreviations

| AC | Access Control | | ACL | Access Control List | | AIDE | Advanced Intrusion Detection Environment | | API | Application Programming Interface | | AU | Audit and Accountability | | CA | Security Assessment | | CI/CD | Continuous Integration / Continuous Deployment | | CLI | Command Line Interface | | CM | Configuration Management | | CP | Contingency Planning | | CUI | Controlled Unclassified Information | | DNS | Domain Name System | | FCI | Federal Contract Information | | IA | Identification and Authentication | | IAM | Identity and Access Management | | IR | Incident Response | | JSON | JavaScript Object Notation | | LTS | Long-Term Support | | MA | Maintenance | | MDM | Mobile Device Management | | MFA | Multi-Factor Authentication | | MP | Media Protection | | OIDC | OpenID Connect | | PDF | Portable Document Format | | PE | Physical Protection | | PL | Planning | | PM | Program Management | | PS | Personnel Security | | RA | Risk Assessment | | RBAC | Role-Based Access Control | | SA | System and Services Acquisition | | SAML | Security Assertion Markup Language | | SBOM | Software Bill of Materials | | SC | System and Communications Protection | | SI | System and Information Integrity | | SIEM | Security Information and Event Management | | SOC | Security Operations Center | | SSO | Single Sign-On | | SSP | System Security Plan | | TLS | Transport Layer Security | | UI | User Interface | | VM | Virtual Machine | | VPC | Virtual Private Cloud | | YAML | Yet Another Markup Language |