Cybersecurity Reference · Active 2026
Terminology Index
Browse definitions, standards, and threat concepts — the complete tekrisq reference library.
23 NYCRR 500
CYBERSECURITY REQUIREMENTS 23 NYCRR 500 is also known as "Cybersecurity Section 500 DFS." It refers to the New York Department of Financial Services (NYDFS) cybersecurity regulatio…
View definition →3PAO
What's a 3PAO? A Third Party Assessment Organization (3PAO) is an independent company that assesses the security of cloud services. These organizations are a key part of the Federa…
View definition →Access
Ability to make use of any information system (IS) resource. SOURCE: SP 800-32 Ability and means to communicate with or otherwise interact with a system, to use system resources to…
View definition →Access Authority
An entity responsible for monitoring and granting access privileges for other authorized entities. SOURCE: CNSSI-4009
View definition →Access Control
The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g.,…
View definition →Access Control List (ACL)
1. A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. 2.…
View definition →Access Control Lists (ACLs)
A register of: 1. users (including groups, machines, processes) who have been given permission to use a particular system resource, and 2. the types of access they have been permit…
View definition →Access Control Mechanism
What's an Access Control Mechanism? An Access Control Mechanism is a security system designed to prevent unauthorized access to data, resources, and physical locations, ensuring th…
View definition →Access Level
A category within a given security classification limiting entry or system connectivity to only authorized persons. SOURCE: CNSSI-4009
View definition →Access List
Roster of individuals authorized admittance to a controlled area. SOURCE: CNSSI-4009
View definition →Access Point
What is an Access Point? In cybersecurity, an Access Point (AP), specifically a wireless AP, is a device that connects wireless devices to a wired network. It acts as a bridge, ena…
View definition →Access Profile
Association of a user with a list of protected objects the user may access. SOURCE: CNSSI-4009
View definition →Access Type
Privilege to perform action on an object. Read, write, execute, append, modify, delete, and create are examples of access types. See Write. SOURCE: CNSSI-4009
View definition →Account Management, User
Involves 1) the process of requesting, establishing, issuing, and closing user accounts;} 2) tracking users and their respective access authorizations; and 3) managing these functi…
View definition →Accountability
body { font-family: 'Inter', sans-serif; } .chart-container { position: relative; width: 100%; max-width: 500px; margin-left: auto; margin-right: auto; height: 350px; max-height: 4…
View definition →Accounting Legend Code (ALC)
Understanding Accounting Legend Codes (ALC): Definitions & Issues What are Accounting Legend Codes (ALCs)? Accounting Legend Codes (ALCs) are typically short, alphanumeric code…
View definition →Accounting Number
Number assigned to an item of COMSEC material to facilitate its control. SOURCE: CNSSI-4009
View definition →Accreditation
body { font-family: Arial, sans-serif; line-height: 1.6; margin: 0; padding: 20px; background-color: #f4f4f4; color: #333; } .container { max-width: 900px; margin: auto; bac…
View definition →Accreditation Authority
Accreditation Authority in Cybersecurity: Role, Importance, and Best Practices What is an Accreditation Authority in Cybersecurity? In the critical domain of cybersecurity, an Accr…
View definition →Accreditation Boundary
See Authorization Boundary.
View definition →Accreditation Package
Product comprised of a System Security Plan (SSP) and a report documenting the basis for the accreditation decision. SOURCE: CNSSI-4009
View definition →Accrediting Authority
Synonymous with Designated Accrediting Authority (DAA). See also Authorizing Official. SOURCE: CNSSI-4009
View definition →Activation Data
Private data, other than keys, that are required to access cryptographic modules. SOURCE: SP 800-32
View definition →Active Attack
body { font-family: Arial, sans-serif; line-height: 1.6; margin: 0; padding: 20px; background-color: #f4f4f4; color: #333; } .container { max-width: 900px; margin: auto; bac…
View definition →Active Content
Electronic documents that can carry out or trigger actions automatically on a computer platform without the intervention of a user. SOURCE: SP 800-28 Software in various forms that…
View definition →Active Security Testing
Security testing that involves direct interaction with a target, such as sending packets to a target. SOURCE: SP 800-115
View definition →Activities
An assessment object that includes specific protection-related pursuits or actions supporting an information system that involve people (e.g., conducting system backup operations,…
View definition →Ad Hoc Network
A wireless network that dynamically connects wireless client devices to each other without the use of an infrastructure device, such as an access point or a base station. SOURCE: S…
View definition →Add-on Security
Incorporation of new hardware, software, or firmware safeguards in an operational information system. SOURCE: CNSSI-4009
View definition →Adequate Security
Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information. SOURCE: SP 800-53; FIPS 200…
View definition →Administrative Account
A user account with full privileges on a computer. SOURCE: SP 800-69
View definition →Administrative Safeguards
Administrative actions, policies, and procedures to manage the selection, development, implementation, and maintenance of security measures to protect electronic health information…
View definition →Advanced Encryption Standard (AES)
The Advanced Encryption Standard specifies a U.S. governmentapproved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cip…
View definition →Advanced Key Processor (AKP)
A cryptographic device that performs all cryptographic functions for a management client node and contains the interfaces to 1) exchange information with a client platform, 2) inte…
View definition →Advanced Persistent Threats (APTs)
What Is An Advanced Persistent Threat (APT)? What is an Advanced Persistent Threat (APT)? The definition many surprise you. APTs are adversaries that possess sophisticated levels o…
View definition →Adversary
Individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. SOURCE: SP 800-30
View definition →Advisory
Notification of significant new trends or developments regarding the threat to the information systems of an organization. This notification may include analytical insights into tr…
View definition →Agency
Any executive department, military department, government corporation, government-controlled corporation, or other establishment in the executive branch of the government (includin…
View definition →Agency Certification Authority (CA)
A CA that acts on behalf of an agency and is under the operational control of an agency. SOURCE: SP 800-32
View definition →Agent
In cybersecurity, an "agent" refers to some form of software installed on a device or server to perform some security related task(s). These agents can monitor system activity, sca…
View definition →Alabama Data Breach Law
Alabama Has Various Cyber & Data Breach Laws Alabama Cyber & Data Breach Laws have been updated. Please visit https://tekrisq.com/alabama-breach-law/ https://tekrisq.com/al…
View definition →Alaska's Data Breach & Data Security Laws
Alaska has enacted both Data Breach Laws (Sec. 45.48.010) & Data Security Laws (Senate Bill 134) For Insurance Businesses Alaska Data Security Law & Data Breach Information…
View definition →Alert
Notification that a specific attack has been directed at an organization’s information systems. SOURCE: CNSSI-4009
View definition →Allocation
The process an organization employs to determine whether security controls are defined as system-specific, hybrid, or common. The process an organization employs to assign security…
View definition →Alternate COMSEC Custodian
Individual designated by proper authority to perform the duties of the COMSEC custodian during the temporary absence of the COMSEC custodian. SOURCE: CNSSI-4009
View definition →Alternate Work Site
Governmentwide, national program allowing federal employees to work at home or at geographically convenient satellite offices for part of the work week (e.g., telecommuting). SOURC…
View definition →Analysis
The examination of acquired data for its significance and probative value to the case. SOURCE: SP 800-72
View definition →Anomaly-Based Detection
The process of comparing definitions of what activity is considered normal against observed events to identify significant deviations. SOURCE: SP 800-94
View definition →Anti-jam
Countermeasures ensuring that transmitted information can be received despite deliberate jamming attempts. SOURCE: CNSSI-4009
View definition →Anti-spoof
Countermeasures taken to prevent the unauthorized use of legitimate Identification & Authentication (I&A) data, however it was obtained, to mimic a subject different from t…
View definition →Antispyware Software
A program that specializes in detecting both malware and nonmalware forms of spyware. SOURCE: SP 800-69
View definition →Antivirus Software
A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents. SOURCE: SP 800-83
View definition →Applicant
The subscriber is sometimes called an “applicant” after applying to a certification authority for a certificate, but before the certificate issuance procedure is completed. SOURCE:…
View definition →Application
A software program hosted by an information system. SOURCE: SP 800-37 Software program that performs a specific function directly for a user and can be executed without access to s…
View definition →Approval to Operate (ATO)
The official management decision issued by a DAA or PAA to authorize operation of an information system and to explicitly accept the residual risk to agency operations (including m…
View definition →Approved
Federal Information Processing Standard (FIPS)-approved or National Institute of Standards and Technology (NIST)recommended. An algorithm or technique that is either 1) specified i…
View definition →Approved Mode of Operation
A mode of the cryptographic module that employs only Approved security functions (not to be confused with a specific mode of an Approved security function, e.g., Data Encryption St…
View definition →Approved Security Function
A security function (e.g., cryptographic algorithm, cryptographic key management technique, or authentication technique) that is either a) specified in an Approved Standard; b) ado…
View definition →Arizona Data Breach Law
Arizona, known as The Grand Canyon State, has an amazing, fast-growing business climate. Regarding Cybersecurity regulations & Data Breach Law, it still trails many state's sta…
View definition →Arkansas Data Breach Law
Arkansas, aka The Natural State, has some Cybersecurity & Data Security Regulation that businesses operating there need to be mindful of. Arkansas Code § 23-61-113: This statut…
View definition →Arkansas DHS Breach 2017
In 2017, the Arkansas Department of Human Services (DHS) experienced a data breach affecting over 26,000 Medicaid recipients. A former DHS employee emailed spreadsheets containing…
View definition →Arkansas Government on 2017 Equifax Breach
In 2017, Equifax experienced a massive data breach that exposed the personal information of nearly 150 million people. Arkansas Attorney General Leslie Rutledge announced that Arka…
View definition →Assessment
See Security Control Assessment.
View definition →Assessment Findings
Assessment results produced by the application of an assessment procedure to a security control or control enhancement to achieve an assessment objective; the execution of a determ…
View definition →Assessment Method
One of three types of actions (i.e., examine, interview, test) taken by assessors in obtaining evidence during an assessment. SOURCE: SP 800-53A
View definition →Assessment Object
The item (i.e., specifications, mechanisms, activities, individuals) upon which an assessment method is applied during an assessment. SOURCE: SP 800-53A
View definition →Assessment Objective
A set of determination statements that expresses the desired outcome for the assessment of a security control or control enhancement. SOURCE: SP 800-53A
View definition →Assessment Procedure
A set of assessment objectives and an associated set of assessment methods and assessment objects. SOURCE: SP 800-53A
View definition →Assessor
See Security Control Assessor.
View definition →Asset
A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. SOURCE: CN…
View definition →Asset Identification
Security Content Automation Protocol (SCAP) constructs to uniquely identify assets (components) based on known identifiers and/or known information about the assets. SOURCE: SP 800…
View definition →Asset Reporting Format (ARF)
SCAP data model for expressing the transport format of information about assets (components) and the relationships between assets and reports. SOURCE: SP 800-128
View definition →Assurance
Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. “Ade…
View definition →Assurance Case
A structured set of arguments and a body of evidence showing that an information system satisfies specific claims with respect to a given quality attribute. SOURCE: SP 800-53A; SP…
View definition →Assured Information Sharing
The ability to confidently share information with those who need it, when and where they need it, as determined by operational need and an acceptable level of security risk. SOURCE…
View definition →Assured Software
Computer application that has been designed, developed, analyzed, and tested using processes, tools, and techniques that establish a level of confidence in it. SOURCE: CNSSI-4009
View definition →Asymmetric Cryptography
See Public Key Cryptography. SOURCE: CNSSI-4009
View definition →Asymmetric Keys
Two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verifica…
View definition →Attack
An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. SOURCE: SP 800-32 Any kind of malicious activity…
View definition →Attack Sensing and Warning (AS&W)
What is Attack Sensing and Warning (AS&W)? Attack Sensing and Warning (AS&W) is a cybersecurity practice focused on detecting, correlating, identifying, and characterizing…
View definition →Attack Signature
A specific sequence of events indicative of an unauthorized access attempt. SOURCE: SP 800-12 A characteristic byte pattern used in malicious code or an indicator, or set of indica…
View definition →Attribute Authority
An entity, recognized by the Federal Public Key Infrastructure (PKI) Policy Authority or comparable agency body as having the authority to verify the association of attributes to a…
View definition →Attribute-Based Access Control
Access control based on attributes associated with and about subjects, objects, targets, initiators, resources, or the environment. An access control rule set defines the combinati…
View definition →Attribute-Based Authorization
A structured process that determines when a user is authorized to access information, systems, or services based on attributes of the user and of the information, system, or servic…
View definition →Audit
Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, a…
View definition →Audit Data
Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event. SOURCE: SP 800-32
View definition →Audit Log
A chronological record of system activities. Includes records of system accesses and operations performed in a given period. SOURCE: CNSSI-4009
View definition →Audit Reduction Tools
Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little s…
View definition →Audit Review
The assessment of an information system to evaluate the adequacy of implemented security controls, assure that they are functioning properly, identify vulnerabilities, and assist i…
View definition →Audit Trail
A record showing who has accessed an Information Technology (IT) system and what operations the user has performed during a given period. SOURCE: SP 800-47 A chronological record t…
View definition →Authenticate
To confirm the identity of an entity when that identity is presented. SOURCE: SP 800-32 To verify the identity of a user, user device, or other entity. SOURCE: CNSSI-4009
View definition →Authentication
body { font-family: sans-serif; line-height: 1.6; margin: 20px; } h1, h2, h3 { color: #333; } a { color: #007bff; text-decoration: none; } a:hover { text-decoration: underline; } .…
View definition →Authentication Code
A cryptographic checksum based on an Approved security function (also known as a Message Authentication Code [MAC]). SOURCE: FIPS 140-2
View definition →Authentication Mechanism
Hardware-or software-based mechanisms that force users to prove their identity before accessing data on a device. SOURCE: SP 800-72; SP 800-124 Hardware or software-based mechanism…
View definition →Authentication Mode
A block cipher mode of operation that can provide assurance of the authenticity and, therefore, the integrity of data. SOURCE: SP 800-38B
View definition →Authentication Period
The maximum acceptable period between any initial authentication process and subsequent reauthentication processes during a single terminal session or during the period data is bei…
View definition →Authentication Protocol
A defined sequence of messages between a Claimant and a Verifier that demonstrates that the Claimant has possession and control of a valid token to establish his/her identity, and…
View definition →Authentication Tag
A pair of bit strings associated to data to provide assurance of its authenticity. SOURCE: SP 800-38B
View definition →Authentication Token
Authentication information conveyed during an authentication exchange. SOURCE: FIPS 196
View definition →Authenticator
The means used to confirm the identity of a user, process, or device (e.g., user password or token). SOURCE: SP 800-53; CNSSI-4009
View definition →Authenticity
The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. See Authentication. SOURCE:…
View definition →Authority
Person(s) or established bodies with rights and responsibilities to exert control in an administrative sphere. SOURCE: CNSSI-4009
View definition →Authorization
Access privileges granted to a user, program, or process or the act of granting those privileges. SOURCE: CNSSI-4009
View definition →Authorization (to operate)
The official management decision given by a senior organizational official to authorize operation of an information system and to explicitly accept the risk to organizational opera…
View definition →Authorization Boundary
All components of an information system to be authorized for operation by an authorizing official and excludes separately authorized systems, to which the information system is con…
View definition →Authorize Processing
See Authorization (to operate).
View definition →Authorized Vendor
Manufacturer of information assurance equipment authorized to produce quantities in excess of contractual requirements for direct sale to eligible buyers. Eligible buyers are typic…
View definition →Authorized Vendor Program(AVP)
Program in which a vendor, producing an information systems security (INFOSEC) product under contract to NSA, is authorized to produce that product in numbers exceeding the contrac…
View definition →Authorizing Official
Official with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to agency operations (including mission, functions,…
View definition →Authorizing Official Designated Representative
An organizational official acting on behalf of an authorizing official in carrying out and coordinating the required activities associated with security authorization. SOURCE: CNSS…
View definition →Automated Key Transport
The transport of cryptographic keys, usually in encrypted form, using electronic means such as a computer network (e.g., key transport/agreement protocols). SOURCE: FIPS 140-2
View definition →Automated Password Generator
An algorithm which creates random passwords that have no association with a particular user. SOURCE: FIPS 181
View definition →Automated Security Monitoring
Use of automated procedures to ensure security controls are not circumvented or the use of these tools to track actions taken by subjects suspected of misusing the information syst…
View definition →Automatic Remote Rekeying
Procedure to rekey a distant crypto-equipment electronically without specific actions by the receiving terminal operator. See Manual Remote Rekeying. SOURCE: CNSSI-4009
View definition →Autonomous System (AS)
One or more routers under a single administration operating the same routing policy. SOURCE: SP 800-54
View definition →Availability
Ensuring timely and reliable access to and use of information. SOURCE: SP 800-53; SP 800-53A; SP 800-27; SP 800-60; SP 80037; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542 The property…
View definition →Awareness (Information Security)
Activities which seek to focus an individual’s attention on an (information security) issue or set of issues. SOURCE: SP 800-50
View definition →Back Door
Typically unauthorized hidden software or hardware mechanism used to circumvent security controls. SOURCE: CNSSI-4009
View definition →Backdoor
An undocumented way of gaining access to a computer system. A backdoor is a potential security risk. SOURCE: SP 800-82
View definition →Backtracking Resistance
What is Backtracking Resistance? Backtracking resistance is critical to applications requiring long-term security of past outputs. Backtracking resistance is provided relative to t…
View definition →Backup
What is a Backup? In cybersecurity, a Backup is a copy of computer data stored separately, often on a different device or in the cloud, to be used for restoration if data is lost o…
View definition →Banner
Display on an information system that sets parameters for system or data use. SOURCE: CNSSI-4009
View definition →Banner Grabbing
The process of capturing banner information—such as application type and version—that is transmitted by a remote port when a connection is initiated. SOURCE: SP 800-115
View definition →Baseline
Hardware, software, databases, and relevant documentation for an information system at a given point in time. SOURCE: CNSSI-4009
View definition →Baseline Configuration
A set of specifications for a system, or Configuration Item (CI) within a system, that has been formally reviewed and agreed on at a given point in time, and which can be changed o…
View definition →Baseline Security
The minimum security controls required for safeguarding an IT system based on its identified needs for confidentiality, integrity, and/or availability protection. SOURCE: SP 800-16
View definition →Baselining
Monitoring resources to determine typical utilization patterns so that significant deviations can be detected. SOURCE: SP 800-61
View definition →Basic Testing
A test methodology that assumes no knowledge of the internal structure and implementation detail of the assessment object. Also known as black box testing. SOURCE: SP 800-53A
View definition →Bastion Host
A special-purpose computer on a network specifically designed and configured to withstand attacks. SOURCE: CNSSI-4009
View definition →Behavioral Outcome
What an individual who has completed the specific training module is expected to be able to accomplish in terms of IT security-related job performance. SOURCE: SP 800-16
View definition →Benign Environment
A non-hostile location protected from external hostile elements by physical, personnel, and procedural security countermeasures. SOURCE: CNSSI-4009
View definition →Binding
Process of associating two related elements of information. SOURCE: SP 800-32 An acknowledgement by a trusted third party that associates an entity’s identity with its public key.…
View definition →Biometric
A physical or behavioral characteristic of a human being. SOURCE: SP 800-32 A measurable physical characteristic or personal behavioral trait used to recognize the identity, or ver…
View definition →Biometric Information
The stored electronic information pertaining to a biometric. This information can be in terms of raw or compressed pixels or in terms of some characteristic (e.g., patterns.) SOURC…
View definition →Biometric System
An automated system capable of: 1) capturing a biometric sample from an end user; 2) extracting biometric data from that sample; 3) comparing the extracted biometric data with data…
View definition →Biometrics
Measurable physical characteristics or personal behavioral traits used to identify, or verify the claimed identity, of an individual. Facial images, fingerprints, and handwriting s…
View definition →Bit
A contraction of the term Binary Digit. The smallest unit of information in a binary system of notation. SOURCE: CNSSI-4009 A binary digit having a value of 0 or 1. SOURCE: FIPS 18…
View definition →Bit Error Rate
Ratio between the number of bits incorrectly received and the total number of bits transmitted in a telecommunications system. SOURCE: CNSSI-4009
View definition →Bitcoin
What is Bitcoin? Bitcoin is the first decentralized cryptocurrency. Bitcoin is the currency of the Internet: a distributed, worldwide, decentralized digital money. Unlike tradition…
View definition →BLACK
Designation applied to encrypted information and the information systems, the associated areas, circuits, components, and equipment processing that information. See also RED. SOURC…
View definition →Black Box Testing
See Basic Testing.
View definition →Black Core
A communication network architecture in which user data traversing a global Internet Protocol (IP) network is end-to-end encrypted at the IP layer. Related to striped core. SOURCE:…
View definition →Blacklist
A list of email senders who have previously sent span to a user. SOURCE: SP 800-114 A list of discrete entities, such as hosts or applications, that have been previously determined…
View definition →Blacklisting
The process of the system invalidating a user ID based on the user’s inappropriate actions. A blacklisted user ID cannot be used to log on to the system, even with the correct auth…
View definition →Blended Attack
A hostile action to spread malicious code via multiple methods. SOURCE: CNSSI-4009
View definition →Blinding
Generating network traffic that is likely to trigger many alerts in a short period of time, to conceal alerts triggered by a “real” attack performed simultaneously. SOURCE: SP 800-…
View definition →Block
Sequence of binary bits that comprise the input, output, State, and Round Key. The length of a sequence is the number of bits it contains. Blocks are also interpreted as arrays of…
View definition →Block Cipher
A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm, the length of the input block is t…
View definition →Block Cipher Algorithm
A family of functions and their inverses that is parameterized by a cryptographic key; the function maps bit strings of a fixed length to bit strings of the same length. SOURCE: SP…
View definition →Blue Team
1. The group responsible for defending an enterprise’s use of information systems by maintaining its security posture against a group of mock attackers (i.e., the Red Team). Typica…
View definition →Body of Evidence (BoE)
What is Body of Evidence (BoE)? In cybersecurity, the Body of Evidence (BoE) refers to the complete set of documentation and data that demonstrates an information system's adherenc…
View definition →botnet
What is a botnet? A botnet is a combination of the words “robot” and “network”, a botnet is a network of computers that have been infected with a virus, and now are working continu…
View definition →Boundary
Physical or logical perimeter of a system. SOURCE: CNSSI-4009
View definition →Boundary Protection
Monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communication, through the use of…
View definition →Boundary Protection Device
A device with appropriate mechanisms that: (i) facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or…
View definition →Browsing
Act of searching through information system storage or active content to locate or acquire information, without necessarily knowing the existence or format of information being sou…
View definition →Brute Force Password Attack
A method of accessing an obstructed device through attempting multiple combinations of numeric and/or alphanumeric passwords. SOURCE: SP 800-72
View definition →Buffer Overflow
A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit su…
View definition →Buffer Overflow Attack
A method of overloading a predefined amount of space in a buffer, which can potentially overwrite and corrupt data in memory. SOURCE: SP 800-72
View definition →Bulk Encryption
Simultaneous encryption of all channels of a multichannel telecommunications link. SOURCE: CNSSI-4009
View definition →Business Continuity Plan (BCP)
The documentation of a predetermined set of instructions or procedures that describe how an organization’s mission/business functions will be sustained during and after a significa…
View definition →Business Email Compromise (BEC)
body { font-family: 'Inter', sans-serif; } .nav-link { transition: all 0.3s ease; } .nav-link.active { color: #2563eb; border-bottom-color: #2563eb; } .nav-link:not(.active) { bord…
View definition →Business Impact Analysis (BIA)
An analysis of an information system’s requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a signific…
View definition →California CCPA
California CCPA law is well established, and if you're doing business there, you need to know what is expected of you. This guide will help you understand your obligations when it…
View definition →California Cybersecurity & Data Breach Laws
California has several cybersecurity & privacy laws. These include the California Consumer Privacy Act (CCPA), SB-327 (Security of Connected Devices), and the California Privac…
View definition →Call Back
Procedure for identifying and authenticating a remote information system terminal, whereby the host system disconnects the terminal and reestablishes contact. SOURCE: CNSSI-4009
View definition →Canister
Type of protective package used to contain and dispense keying material in punched or printed tape form. SOURCE: CNSSI-4009
View definition →Capstone Policies
Those policies that are developed by governing or coordinating institutions of Health Information Exchanges (HIEs). They provide overall requirements and guidance for protecting he…
View definition →Capture
What is Capture? This process, known as packet capture or PCAP, is crucial for identifying security threats, troubleshooting network issues, and forensic investigations. It also in…
View definition →Cardholder
An individual possessing an issued Personal Identity Verification (PIV) card. Source: FIPS 201
View definition →Cascading
Downward flow of information through a range of security levels greater than the accreditation range of a system, network, or component. SOURCE: CNSSI-4009
View definition →Category
Restrictive label applied to classified or unclassified information to limit access. SOURCE: CNSSI-4009
View definition →CBC/MAC
See Cipher Block Chaining-Message Authentication Code.
View definition →CCM
See Counter with Cipher-Block Chaining-Message Authentication Code.
View definition →Central Office of Record (COR)
Office of a federal department or agency that keeps records of accountable COMSEC material held by elements subject to its oversight SOURCE: CNSSI-4009
View definition →Central Services Node (CSN)
The Key Management Infrastructure core node that provides central security management and data management services. SOURCE: CNSSI-4009
View definition →Certificate
A digital representation of information which at least 1) identifies the certification authority issuing it, 2) names or identifies its subscriber, 3) contains the subscriber's pub…
View definition →Certificate Management
Process whereby certificates (as defined above) are generated, stored, protected, transferred, loaded, used, and destroyed. SOURCE: CNSSI-4009
View definition →Certificate Management Authority – (CMA)
A Certification Authority (CA) or a Registration Authority (RA). SOURCE: SP 800-32
View definition →Certificate Policy (CP)
A specialized form of administrative policy tuned to electronic transactions performed during certificate management. A Certificate Policy addresses all aspects associated with the…
View definition →Certificate Revocation List (CRL)
A list of revoked public key certificates created and digitally signed by a Certification Authority. SOURCE: SP 800-63; FIPS 201 A list of revoked but un-expired certificates issue…
View definition →Certificate Status Authority
A trusted entity that provides online verification to a Relying Party of a subject certificate's trustworthiness, and may also provide additional attribute information for the subj…
View definition →Certificate-Related Information
Information, such as a subscriber's postal address, that is not included in a certificate. May be used by a Certification Authority (CA) managing certificates. SOURCE: SP 800-32 Da…
View definition →Certification
A comprehensive assessment of the management, operational, and technical security controls in an information system, made in support of security accreditation, to determine the ext…
View definition →Certification Analyst
The independent technical liaison for all stakeholders involved in the C&A process responsible for objectively and independently evaluating a system as part of the risk managem…
View definition →Certification Authority (CA)
A trusted entity that issues and revokes public key certificates. SOURCE: FIPS 201 The entity in a public key infrastructure (PKI) that is responsible for issuing certificates and…
View definition →Certification Authority Facility
The collection of equipment, personnel, procedures and structures that are used by a Certification Authority to perform certificate issuance and revocation. SOURCE: SP 800-32
View definition →Certification Authority Workstation (CAW)
Commercial off-the-shelf (COTS) workstation with a trusted operating system and special-purpose application software that is used to issue certificates SOURCE: CNSSI-4009
View definition →Certification Package
Product of the certification effort documenting the detailed results of the certification activities. SOURCE: CNSSI-4009
View definition →Certification Practice Statement – (CPS)
A statement of the practices that a Certification Authority employs in issuing, suspending, revoking, and renewing certificates and providing access to them, in accordance with spe…
View definition →Certification Test and Evaluation(CT&E)
Software and hardware security tests conducted during development of an information system. SOURCE: CNSSI-4009
View definition →Certified TEMPEST Technical Authority (CTTA)
An experienced, technically qualified U.S. government employee who has met established certification requirements in accordance with CNSS-approved criteria and has been appointed b…
View definition →Certifier
What Is A Certifier? What is a Cybersecurity Certifier or a Security Control Assessor? it is an individual responsible for making a technical judgment of the system’s compliance wi…
View definition →Chain of Custody
A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time it wa…
View definition →Chain of Evidence
A process and record that shows who obtained the evidence; where and when the evidence was obtained; who secured the evidence; and who had control or possession of the evidence. Th…
View definition →Challenge and Reply Authentication
Prearranged procedure in which a subject requests authentication of another and the latter establishes validity with a correct reply. SOURCE: CNSSI-4009
View definition →Challenge-Response Protocol
An authentication protocol where the verifier sends the claimant a challenge (usually a random value or a nonce) that the claimant combines with a secret (often by hashing the chal…
View definition →Check Word
Cipher text generated by cryptographic logic to detect failures in cryptography. SOURCE: CNSSI-4009
View definition →Checksum
Value computed on data to detect error or manipulation. SOURCE: CNSSI-4009
View definition →Chief Information Officer (CIO)
Agency official responsible for: 1) Providing advice and other assistance to the head of the executive agency and other senior management personnel of the agency to ensure that inf…
View definition →Chief Information Security Officer (CISO)
What is a CISO? A CISO, or Chief Information Security Officer, is a senior-level executive responsible for establishing and maintaining an organization's information security progr…
View definition →Cipher
Series of transformations that converts plaintext to ciphertext using the Cipher Key. SOURCE: FIPS 197 Any cryptographic system in which arbitrary symbols or groups of symbols, rep…
View definition →Cipher Block Chaining-Message Authentication Code(CBC-MAC)
A secret-key block-cipher algorithm used to encrypt data and to generate a Message Authentication Code (MAC) to provide assurance that the payload and the associated data are authe…
View definition →Cipher Suite
Negotiated algorithm identifiers. Cipher suites are identified in human-readable form using a pneumonic code. SOURCE: SP 800-52
View definition →Cipher Text Auto-Key (CTAK)
Cryptographic logic that uses previous cipher text to generate a key stream. SOURCE: CNSSI-4009
View definition →Ciphertext
Data output from the Cipher or input to the Inverse Cipher. SOURCE: FIPS 197 Data in its enciphered form. SOURCE: SP 800-56B
View definition →Ciphertext/Cipher Text
Data in its encrypted form. SOURCE: SP 800-21; CNSSI-4009
View definition →Ciphony
Process of enciphering audio information, resulting in encrypted speech. SOURCE: CNSSI-4009
View definition →Claimant
A party whose identity is to be verified using an authentication protocol. SOURCE: SP 800-63; FIPS 201 An entity which is or represents a principal for the purposes of authenticati…
View definition →Classified Information
Information that has been determined pursuant to Executive Order (E.O.) 13292 or any predecessor order to require protection against unauthorized disclosure and is marked to indica…
View definition →Classified Information Spillage
Security incident that occurs whenever classified data is spilled either onto an unclassified information system or to an information system with a lower level of classification. S…
View definition →Classified National Security Information
Information that has been determined pursuant to Executive Order 13526 or any predecessor order to require protection against unauthorized disclosure and is marked to indicate its…
View definition →Clear
To use software or hardware products to overwrite storage space on the media with nonsensitive data. This process may include overwriting not only the logical storage location of a…
View definition →Clear Text
Information that is not encrypted. SOURCE: SP 800-82
View definition →Clearance
Formal certification of authorization to have access to classified information other than that protected in a special access program (including SCI). Clearances are of three types:…
View definition →Clearing
Removal of data from an information system, its storage devices, and other peripheral devices with storage capacity, in such a way that the data may not be reconstructed using comm…
View definition →Client
Individual or process acting on behalf of an individual who makes requests of a guard or dedicated server. The client’s requests to the guard or dedicated server can involve data t…
View definition →Client (Application)
A system entity, usually a computer process acting on behalf of a human user, that makes use of a service provided by a server. SOURCE: SP 800-32
View definition →Clinger-Cohen Act of 1996
Also known as Information Technology Management Reform Act. A statute that substantially revised the way that IT resources are managed and procured, including a requirement that ea…
View definition →Closed Security Environment
Environment providing sufficient assurance that applications and equipment are protected against the introduction of malicious logic during an information system life cycle. Closed…
View definition →Closed Storage
Storage of classified information within an accredited facility, in General Services Administration-approved secure containers, while the facility is unoccupied by authorized perso…
View definition →Cloud Computing
A model for enabling on-demand network access to a shared pool of configurable IT capabilities/ resources (e.g., networks, servers, storage, applications, and services) that can be…
View definition →CMMC
body { font-family: sans-serif; line-height: 1.6; margin: 20px; } h1, h2, h3 { color: #333; } a { color: #007bff; text-decoration: none; } a:hover { text-decoration: underli…
View definition →Code
System of communication in which arbitrary groups of letters, numbers, or symbols represent units of plain text of varying length. SOURCE: CNSSI-4009
View definition →Code Book
Document containing plain text and code equivalents in a systematic arrangement, or a technique of machine encryption using a word substitution technique. SOURCE: CNSSI-4009
View definition →Code Group
Code Group in Cybersecurity: Understanding its Role and Importance What is a Code Group in Cybersecurity? In the realm of cybersecurity, a Code Group refers to a collection of secu…
View definition →Code Vocabulary
Set of plain text words, numerals, phrases, or sentences for which code equivalents are assigned in a code system. SOURCE: CNSSI-4009
View definition →Cold Site
body { font-family: 'Inter', sans-serif; } .hero-bg { background-image: url('https://placehold.co/1200x600/0a192f/ffffff?text=Business+Resilience'); background-size: cover; backgro…
View definition →Cold Start
Procedure for initially keying crypto-equipment. SOURCE: CNSSI-4009
View definition →Collision
Two or more distinct inputs produce the same output. Also see Hash Function. SOURCE: SP 800-57 Part 1
View definition →Colorado Cybersecurity, Privacy & Data Breach Laws
Colorado Cybersecurity, Privacy & Data Breach Laws The State of Colorado Cybersecurity Privacy & Data Breach Laws are numerous and detailed. Here's a breakdown of each of t…
View definition →Command Authority
Individual responsible for the appointment of user representatives for a department, agency, or organization and their key ordering privileges. SOURCE: CNSSI-4009
View definition →Commercial COMSEC Evaluation Program (CCEP)
Relationship between NSA and industry in which NSA provides the COMSEC expertise (i.e., standards, algorithms, evaluations, and guidance) and industry provides design, development,…
View definition →Commodity Service
An information system service (e.g., telecommunications service) provided by a commercial service provider typically to a large and diverse set of consumers. The organization acqui…
View definition →Common Access Card (CAC)
Standard identification/smart card issued by the Department of Defense that has an embedded integrated chip storing public key infrastructure (PKI) certificates. SOURCE: CNSSI-4009
View definition →Common Carrier
In a telecommunications context, a telecommunications company that holds itself out to the public for hire to provide communications transmission services. Note: In the United Stat…
View definition →Common Configuration Enumeration (CCE)
A SCAP specification that provides unique, common identifiers for configuration settings found in a wide variety of hardware and software products. SOURCE: SP 800-128
View definition →Common Configuration Scoring System (CCSS)
A set of measures of the severity of software security configuration issues. SOURCE: NISTIR 7502 A SCAP specification for measuring the severity of software security configuration…
View definition →Common Control
A security control that is inherited by one or more organizational information systems. See Security Control Inheritance. SOURCE: SP 800-53; SP 800-53A; SP 800-37; CNSSI-4009
View definition →Common Control Provider
An organizational official responsible for the development, implementation, assessment, and monitoring of common controls (i.e., security controls inherited by information systems)…
View definition →Common Criteria
Governing document that provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems. SOURCE: CNSSI-4009
View definition →Common Fill Device
One of a family of devices developed to read-in, transfer, or store key. SOURCE: CNSSI-4009
View definition →Common Misuse Scoring System (CMSS)
A set of measures of the severity of software feature misuse vulnerabilities. A software feature is a functional capability provided by software. A software feature misuse vulnerab…
View definition →Common Platform Enumeration (CPE)
A SCAP specification that provides a standard naming convention for operating systems, hardware, and applications for the purpose of providing consistent, easily parsed names that…
View definition →Common Vulnerabilities and Exposures (CVE)
What Are Common Vulnerabilities and Exposures (CVEs)? Common Vulnerabilities and Exposures (often called CVEs) are a publicly accessible catalog of known security vulnerabilities i…
View definition →Common Vulnerability Scoring System (CVSS)
An SCAP specification for communicating the characteristics of vulnerabilities and measuring their relative severity. SOURCE: SP 800-128
View definition →Communications Cover
Concealing or altering of characteristic communications patterns to hide information that could be of value to an adversary. SOURCE: CNSSI-4009
View definition →Communications Deception
Deliberate transmission, retransmission, or alteration of communications to mislead an adversary's interpretation of the communications. SOURCE: CNSSI-4009
View definition →Communications Profile
Analytic model of communications associated with an organization or activity. The model is prepared from a systematic examination of communications content and patterns, the functi…
View definition →Communications Security (COMSEC)
A component of Information Assurance that deals with measures and controls taken to deny unauthorized persons information derived from telecommunications and to ensure the authenti…
View definition →Community of Interest (COI)
A collaborative group of users who exchange information in pursuit of their shared goals, interests, missions, or business processes, and who therefore must have a shared vocabular…
View definition →Community Risk
What is Community Risk? Community Risk refers to the probability that a specific vulnerability within a community will be exploited, potentially causing harm to individuals or the…
View definition →Comparison
The process of comparing a biometric with a previously stored reference. SOURCE: FIPS 201
View definition →Compartmentalization
A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone. SOURCE: CNSSI-4009
View definition →Compartmented Mode
Mode of operation wherein each user with direct or indirect access to a system, its peripherals, remote terminals, or remote hosts has all of the following: (1) valid security clea…
View definition →Compensating Security Control
A management, operational, and/or technical control (i.e., safeguard or countermeasure) employed by an organization in lieu of a recommended security control in the low, moderate,…
View definition →Compensating Security Controls
The management, operational, and technical controls (i.e., safeguards or countermeasures) employed by an organization in lieu of the recommended controls in the low, moderate, or h…
View definition →Comprehensive Testing
A test methodology that assumes explicit and substantial knowledge of the internal structure and implementation detail of the assessment object. Also known as white box testing. SO…
View definition →Compromise
Disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, de…
View definition →Compromising Emanations
Unintentional signals that, if intercepted and analyzed, would disclose the information transmitted, received, handled, or otherwise processed by information systems equipment. See…
View definition →Computer Abuse
Intentional or reckless misuse, alteration, disruption, or destruction of information processing resources. SOURCE: CNSSI-4009
View definition →Computer Cryptography
Use of a crypto-algorithm program by a computer to authenticate or encrypt/decrypt information. SOURCE: CNSSI-4009
View definition →Computer Forensics
The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. SOURCE: CNSSI-4009
View definition →Computer Incident Response Team (CIRT)
Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery…
View definition →Computer Network Attack (CNA)
Actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks them…
View definition →Computer Network Defense(CND)
Actions taken to defend against unauthorized activity within computer networks. CND includes monitoring, detection, analysis (such as trend and pattern analysis), and response and…
View definition →Computer Network Exploitation – (CNE)
Enabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary information systems or networks.…
View definition →Computer Network Operations (CNO)
Comprised of computer network attack, computer network defense, and related computer network exploitation enabling operations. SOURCE: CNSSI-4009
View definition →Computer Security (COMPUSEC)
Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed,…
View definition →Computer Security Incident
See Incident
View definition →Computer Security Incident Response Team (CSIRT)
A capability set up for the purpose of assisting in responding to computer security-related incidents; also called a Computer Incident Response Team (CIRT) or a CIRC (Computer Inci…
View definition →Computer Security Object (CSO)
A resource, tool, or mechanism used to maintain a condition of security in a computerized environment. These objects are defined in terms of attributes they possess, operations the…
View definition →Computer Security Objects Register
A collection of Computer Security Object names and definitions kept by a registration authority. SOURCE: FIPS 188; CNSSI-4009
View definition →Computer Security Subsystem
Hardware/software designed to provide computer security features in a larger system environment. SOURCE: CNSSI-4009
View definition →Computer Virus
See Virus.
View definition →Computing Environment
Workstation or server (host) and its operating system, peripherals, and applications. SOURCE: CNSSI-4009
View definition →COMSEC
Communications Security. SOURCE: CNSSI-4009
View definition →COMSEC Account
Administrative entity, identified by an account number, used to maintain accountability, custody, and control of COMSEC material. SOURCE: CNSSI-4009
View definition →COMSEC Account Audit
Examination of the holdings, records, and procedures of a COMSEC account ensuring all accountable COMSEC material is properly handled and safeguarded. SOURCE: CNSSI-4009
View definition →COMSEC Aid
COMSEC material that assists in securing telecommunications and is required in the production, operation, or maintenance of COMSEC systems and their components. COMSEC keying mater…
View definition →COMSEC Assembly
Group of parts, elements, subassemblies, or circuits that are removable items of COMSEC equipment. SOURCE: CNSSI-4009
View definition →COMSEC Boundary
Definable perimeter encompassing all hardware, firmware, and software components performing critical COMSEC functions, such as key generation, handling, and storage. SOURCE: CNSSI-…
View definition →COMSEC Chip Set
Collection of NSA-approved microchips. SOURCE: CNSSI-4009
View definition →COMSEC Control Program
Computer instructions or routines controlling or affecting the externally performed functions of key generation, key distribution, message encryption/decryption, or authentication.…
View definition →COMSEC Custodian
Individual designated by proper authority to be responsible for the receipt, transfer, accounting, safeguarding, and destruction of COMSEC material assigned to a COMSEC account. SO…
View definition →COMSEC Demilitarization
Process of preparing COMSEC equipment for disposal by extracting all CCI, classified, or cryptographic (CRYPTO) marked components for their secure destruction, as well as defacing…
View definition →COMSEC Element
Removable item of COMSEC equipment, assembly, or subassembly; normally consisting of a single piece or group of replaceable parts. SOURCE: CNSSI-4009
View definition →COMSEC End-item
Equipment or combination of components ready for use in a COMSEC application. SOURCE: CNSSI-4009
View definition →COMSEC Equipment
Equipment designed to provide security to telecommunications by converting information to a form unintelligible to an unauthorized interceptor and, subsequently, by reconverting su…
View definition →COMSEC Facility
Authorized and approved space used for generating, storing, repairing, or using COMSEC material. SOURCE: CNSSI-4009
View definition →COMSEC Incident
Occurrence that potentially jeopardizes the security of COMSEC material or the secure electrical transmission of national security information or information governed by 10 U.S.C.…
View definition →COMSEC Insecurity
COMSEC incident that has been investigated, evaluated, and determined to jeopardize the security of COMSEC material or the secure transmission of information. SOURCE: CNSSI-4009
View definition →COMSEC Manager
Individual who manages the COMSEC resources of an organization. SOURCE: CNSSI-4009
View definition →COMSEC Material
Item designed to secure or authenticate telecommunications. COMSEC material includes, but is not limited to key, equipment, devices, documents, firmware, or software that embodies…
View definition →COMSEC Material Control System (CMCS)
Logistics and accounting system through which COMSEC material marked "CRYPTO" is distributed, controlled, and safeguarded. Included are the COMSEC central offices of record, crypto…
View definition →COMSEC Modification
See Information Systems Security Equipment Modification. SOURCE: CNSSI-4009
View definition →COMSEC Module
Removable component that performs COMSEC functions in a telecommunications equipment or system. SOURCE: CNSSI-4009
View definition →COMSEC Monitoring
Act of listening to, copying, or recording transmissions of one's own official telecommunications to analyze the degree of security. SOURCE: CNSSI-4009
View definition →COMSEC Profile
Statement of COMSEC measures and materials used to protect a given operation, system, or organization. SOURCE: CNSSI-4009
View definition →COMSEC Survey
Organized collection of COMSEC and communications information relative to a given operation, system, or organization. SOURCE: CNSSI-4009
View definition →COMSEC System Data
Information required by a COMSEC equipment or system to enable it to properly handle and control key. SOURCE: CNSSI-4009
View definition →COMSEC Training
Teaching of skills relating to COMSEC accounting, use of COMSEC aids, or installation, use, maintenance, and repair of COMSEC equipment. SOURCE: CNSSI-4009
View definition →Concentration Risk
What is Concentration Risk and How does it Impact Risk Assessment? Understanding Concentration Risk: Definitions, Issues & Cyber Exposures Defining Concentration Risk Concentra…
View definition →Concept of Operations (CONOP)
See Security Concept of Operations. SOURCE: CNSSI-4009
View definition →Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. SOURCE: SP 800-53; SP 800-53A;…
View definition →Configuration Control
Process of controlling modifications to hardware, firmware, software, and documentation to protect the information system against improper modification prior to, during, and after…
View definition →Configuration Control Board (CCB)
A group of qualified people with responsibility for the process of regulating and approving changes to hardware, firmware, software, and documentation throughout the development an…
View definition →Confinement Channel
See Covert Channel. SOURCE: CNSSI-4009
View definition →Connecticut Cybersecurity & Privacy Laws
Connecticut has enacted several laws to address cybersecurity, data security, insurance security, and privacy. Connecticut Cybersecurity Privacy Law is thorough. Here's a breakdown…
View definition →Container
The file used by a virtual disk encryption technology to encompass and protect other files. SOURCE: SP 800-111
View definition →Contamination
Type of incident involving the introduction of data of one security classification or security category into data of a lower security classification or different security category.…
View definition →Content Filtering
The process of monitoring communications such as email and Web pages, analyzing them for suspicious content, and preventing the delivery of suspicious content to users. SOURCE: SP…
View definition →Contingency Key
Key held for use under specific operational conditions or in support of specific contingency plans. See Reserve Keying Material. SOURCE: CNSSI-4009
View definition →Contingency Plan
Management policy and procedures used to guide an enterprise response to a perceived loss of mission capability. The Contingency Plan is the first plan used by the enterprise risk…
View definition →Contingent Business Interruption (CBI)
Contingent Business Interruption (CBI) Contingent Business Interruption (CBI) and Dependent Business Interruption are essentially the same concept. They both refer to insura…
View definition →Continuity of Government (COG)
A coordinated effort within the federal government's executive branch to ensure that national essential functions continue to be performed during a catastrophic emergency. SOURCE:…
View definition →Continuity of Operations Plan(COOP)
A predetermined set of instructions or procedures that describe how an organization’s mission-essential functions will be sustained within 12 hours and for up to 30 days as a resul…
View definition →Continuous Monitoring
The process implemented to maintain a current security status for one or more information systems or for the entire suite of information systems on which the operational mission of…
View definition →Control Information
Information that is entered into a cryptographic module for the purposes of directing the operation of the module. SOURCE: FIPS 140-2
View definition →Controlled Access Area
Physical area (e.g., building, room, etc.) to which only authorized personnel are granted unrestricted access. All other personnel are either escorted by authorized personnel or ar…
View definition →Controlled Access Protection
Minimum set of security functionality that enforces access control on individual users and makes them accountable for their actions through login procedures, auditing of security-r…
View definition →Controlled Area
Any area or space for which the organization has confidence that the physical and procedural protections provided are sufficient to meet the requirements established for protecting…
View definition →Controlled Cryptographic Item (CCI)
Secure telecommunications or information system, or associated cryptographic component, that is unclassified and handled through the COMSEC Material Control System (CMCS), an equiv…
View definition →Controlled Cryptographic Item (CCI) Assembly
Device embodying a cryptographic logic or other COMSEC design that NSA has approved as a Controlled Cryptographic Item (CCI). It performs the entire COMSEC function, but depends up…
View definition →Controlled Cryptographic Item (CCI) Component
Part of a Controlled Cryptographic Item (CCI) that does not perform the entire COMSEC function but depends upon the host equipment, or assembly, to complete and operate the COMSEC…
View definition →Controlled Cryptographic Item (CCI) Equipment
Telecommunications or information handling equipment that embodies a Controlled Cryptographic Item (CCI) component or CCI assembly and performs the entire COMSEC function without d…
View definition →Controlled Interface
A boundary with a set of mechanisms that enforces the security policies and controls the flow of information between interconnected information systems. SOURCE: CNSSI-4009; SP 800-…
View definition →Controlled Space
Three-dimensional space surrounding information system equipment, within which unauthorized individuals are denied unrestricted access and are either escorted by authorized individ…
View definition →Controlled Unclassified Information (CUI)
A categorical designation that refers to unclassified information that does not meet the standards for National Security Classification under Executive Order 12958, as amended, but…
View definition →Controlling Authority
Official responsible for directing the operation of a cryptonet and for managing the operational use and control of keying material assigned to the cryptonet. SOURCE: CNSSI-4009
View definition →Cookie
A piece of state information supplied by a Web server to a browser, in a response for a requested resource, for the browser to store temporarily and return to the server on any sub…
View definition →Cooperative Key Generation
Electronically exchanging functions of locally generated, random components, from which both terminals of a secure circuit construct traffic encryption key or key encryption key fo…
View definition →Cooperative Remote Rekeying
Synonymous with manual remote rekeying. SOURCE: CNSSI-4009
View definition →COPPA
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Correctness Proof
A mathematical proof of consistency between a specification and its implementation. SOURCE: CNSSI-4009
View definition →Counter with Cipher Block Chaining-Message Authentication Code (CCM)
A mode of operation for a symmetric key block cipher algorithm. It combines the techniques of the Counter (CTR) mode and the Cipher Block Chaining-Message Authentication Code (CBC-…
View definition →Countermeasure
Actions, devices, procedures, or techniques that meet or oppose (i.e., counters) a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it…
View definition →Countermeasures
Actions, devices, procedures, techniques, or other measures that reduce the vulnerability of an information system. Synonymous with security controls and safeguards. SOURCE: SP 800…
View definition →Cover-Coding
A technique to reduce the risks of eavesdropping by obscuring the information that is transmitted. SOURCE: SP 800-98
View definition →Coverage
An attribute associated with an assessment method that addresses the scope or breadth of the assessment objects included in the assessment (e.g., types of objects to be assessed an…
View definition →Covert Channel
An unauthorized communication path that manipulates a communications medium in an unexpected, unconventional, or unforeseen way in order to transmit information without detection b…
View definition →Covert Channel Analysis
Determination of the extent to which the security policy model and subsequent lower-level program descriptions may allow unauthorized access to information. SOURCE: CNSSI-4009
View definition →Covert Storage Channel
Covert channel involving the direct or indirect writing to a storage location by one process and the direct or indirect reading of the storage location by another process. Covert s…
View definition →Covert Testing
Testing performed using covert methods and without the knowledge of the organization’s IT staff, but with the full knowledge and permission of upper management. SOURCE: SP 800-115
View definition →Covert Timing Channel
Covert channel in which one process signals information to another process by modulating its own use of system resources (e.g., central processing unit time) in such a way that thi…
View definition →Credential
An object or data structure that authoritatively binds an identity (and optionally, additional attributes) to a token possessed and controlled by a Subscriber. SOURCE: SP 800-63 Ev…
View definition →Credential Service Provider (CSP)
A trusted entity that issues or registers Subscriber tokens and issues electronic credentials to Subscribers. The CSP may encompass Registration Authorities (RAs) and Verifiers tha…
View definition →Critical Infrastructure
System and assets, whether physical or virtual, so vital to the U.S. that the incapacity or destruction of such systems and assets would have a debilitating impact on security, nat…
View definition →Critical Security Parameter (CSP)
Security-related information (e.g., secret and private cryptographic keys, and authentication data such as passwords and Personal Identification Numbers [PINs]) whose disclosure or…
View definition →Criticality
A measure of the degree to which an organization depends on the information or information system for the success of a mission or of a business function. SOURCE: SP 800-60
View definition →Criticality Level
Refers to the (consequences of) incorrect behavior of a system. The more serious the expected direct and indirect effects of incorrect behavior, the higher the criticality level. S…
View definition →Cross Site Scripting (XSS)
A vulnerability that allows attackers to inject malicious code into an otherwise benign website. These scripts acquire the permissions of scripts generated by the target website an…
View definition →Cross-Certificate
A certificate used to establish a trust relationship between two Certification Authorities. SOURCE: SP 800-32; CNSSI-4009
View definition →Cross-Domain Capabilities
The set of functions that enable the transfer of information between security domains in accordance with the policies of the security domains involved. SOURCE: CNSSI-4009
View definition →Cross-Domain Solution (CDS)
A form of controlled interface that provides the ability to manually and/or automatically access and/or transfer information between different security domains. SOURCE: CNSSI-4009;…
View definition →Cryptanalysis
1) Operations performed in defeating cryptographic protection without an initial knowledge of the key employed in providing the protection. 2) The study of mathematical techniques…
View definition →Crypto Officer
An operator or process (subject), acting on behalf of the operator, performing cryptographic initialization or management functions. SOURCE: FIPS 140-2
View definition →Cryptographic
Pertaining to, or concerned with, cryptography. SOURCE: CNSSI-4009
View definition →Cryptographic Alarm
Circuit or device that detects failures or aberrations in the logic or operation of crypto-equipment. Crypto-alarm may inhibit transmission or may provide a visible and/or audible…
View definition →Cryptographic Algorithm
A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. SOURCE: SP 800-21; CNSSI-4009
View definition →Cryptographic Ancillary Equipment
Equipment designed specifically to facilitate efficient or reliable operation of cryptographic equipment, without performing cryptographic functions itself. SOURCE: CNSSI-4009
View definition →Cryptographic Binding
Associating two or more related elements of information using cryptographic techniques. SOURCE: CNSSI-4009
View definition →Cryptographic Boundary
An explicitly defined continuous perimeter that establishes the physical bounds of a cryptographic module and contains all the hardware, software, and/or firmware components of a c…
View definition →Cryptographic Component
Hardware or firmware embodiment of the cryptographic logic. A cryptographic component may be a modular assembly, a printed wiring assembly, a microcircuit, or a combination of thes…
View definition →Cryptographic Equipment
Equipment that embodies a cryptographic logic. SOURCE: CNSSI-4009
View definition →Cryptographic Hash Function
A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties: 1) (One-way) It is computationally inf…
View definition →Cryptographic Ignition Key (CIK)
Device or electronic key used to unlock the secure mode of cryptoequipment. SOURCE: CNSSI-4009
View definition →Cryptographic Initialization
Function used to set the state of a cryptographic logic prior to key generation, encryption, or other operating mode. SOURCE: CNSSI-4009
View definition →Cryptographic Key
A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. SOURCE: SP 800-63 A binary string used as a secre…
View definition →Cryptographic Logic
The embodiment of one (or more) cryptographic algorithm(s) along with alarms, checks, and other processes essential to effective and secure performance of the cryptographic process…
View definition →Cryptographic Material (slang CRYPTO)
COMSEC material used to secure or authenticate information. SOURCE: CNSSI-4009
View definition →Cryptographic Module
The set of hardware, software, firmware, or some combination thereof that implements cryptographic logic or processes, including cryptographic algorithms, and is contained within t…
View definition →Cryptographic Module Security Policy
A precise specification of the security rules under which a cryptographic module will operate, including the rules derived from the requirements of this standard (FIPS 140-2) and a…
View definition →Cryptographic Module Validation Program (CMVP)
Validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography-based standards. The CMVP is a joint effort between National Institut…
View definition →Cryptographic Net
Stations holding a common key. SOURCE: CNSSI-4009
View definition →Cryptographic Period
Time span during which each key setting remains in effect. SOURCE: CNSSI-4009
View definition →Cryptographic Product
A cryptographic key (public, private, or shared) or public key certificate, used for encryption, decryption, digital signature, or signature verification; and other items, such as…
View definition →Cryptographic Randomization
Function that randomly determines the transmit state of a cryptographic logic. SOURCE: CNSSI-4009
View definition →Cryptographic Security
Component of COMSEC resulting from the provision of technically sound cryptographic systems and their proper use. SOURCE: CNSSI-4009
View definition →Cryptographic Strength
A measure of the expected number of operations required to defeat a cryptographic mechanism. SOURCE: SP 800-63
View definition →Cryptographic Synchronization
Process by which a receiving decrypting cryptographic logic attains the same internal state as the transmitting encrypting logic. SOURCE: CNSSI-4009
View definition →Cryptographic System
Associated information assurance items interacting to provide a single means of encryption or decryption. SOURCE: CNSSI-4009
View definition →Cryptographic System Analysis
Process of establishing the exploitability of a cryptographic system, normally by reviewing transmitted traffic protected or secured by the system under study. SOURCE: CNSSI-4009
View definition →Cryptographic System Evaluation
Process of determining vulnerabilities of a cryptographic system and recommending countermeasures. SOURCE: CNSSI-4009
View definition →Cryptographic System Review
Examination of a cryptographic system by the controlling authority ensuring its adequacy of design and content, continued need, and proper distribution. SOURCE: CNSSI-4009
View definition →Cryptographic System Survey
Management technique in which actual holders of a cryptographic system express opinions on the system's suitability and provide usage information for technical evaluations. SOURCE:…
View definition →Cryptographic Token
A token where the secret is a cryptographic key. SOURCE: SP 800-63 A portable, user-controlled physical device (e.g., smart card or PCMCIA card) used to store cryptographic informa…
View definition →Cryptography
The discipline that embodies the principles, means, and methods for the transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent t…
View definition →Cryptology
The science that deals with hidden, disguised, or encrypted communications. It includes communications security and communications intelligence. SOURCE: SP 800-60 The mathematical…
View definition →CVE
See Common Vulnerabilities and Exposures.
View definition →Cyber Attack
An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infr…
View definition →Cyber Incident
Actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein. See Inci…
View definition →Cyber Infrastructure
Includes electronic information and communications systems and services and the information contained in these systems and services. Information and communications systems and serv…
View definition →Cyber Risks at Accounting Firms
body { font-family: Arial, sans-serif; line-height: 1.6; margin: 20px; background-color: #f4f4f4; color: #333; } .container { max-width: 900px; margin: auto; background: #fff; padd…
View definition →Cybersecurity
The ability to protect or defend the use of cyberspace from cyber attacks. SOURCE: CNSSI-4009
View definition →Cyberspace
A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networ…
View definition →Cyclical Redundancy Check (CRC)
A method to ensure data has not been altered after being sent through a communication channel. SOURCE: SP 800-72 Error checking mechanism that verifies data integrity by computing…
View definition →Data
A subset of information in an electronic format that allows it to be retrieved or transmitted. SOURCE: CNSSI-4009
View definition →Data Aggregation
Compilation of individual data systems and data that could result in the totality of the information being classified, or classified at a higher level, or of beneficial use to an a…
View definition →Data Asset
1. Any entity that is comprised of data. For example, a database is a data asset that is comprised of data records. A data asset may be a system or application output file, databas…
View definition →Data Breach
What is a Data Breach? A security incident where unauthorized people access sensitive information is typically referred to as a data breach. This can include personal data like Soc…
View definition →Data Element
A basic unit of information that has a unique meaning and subcategories (data items) of distinct value. Examples of data elements include gender, race, and geographic location. SOU…
View definition →Data Encryption Algorithm (DEA)
The DEA cryptographic engine that is used by the Triple Data Encryption Algorithm (TDEA). SOURCE: SP 800-67
View definition →Data Encryption Standard (DES)
Cryptographic algorithm designed for the protection of unclassified data and published by the National Institute of Standards and Technology (NIST) in Federal Information Processin…
View definition →Data Flow Control
Synonymous with information flow control. SOURCE: CNSSI-4009
View definition →Data Harvesting
What is Data Harvesting? Data Harvesting is the process of automatically collecting data from various digital sources, such as websites, apps, and social media, to create a compreh…
View definition →Data Integrity
The property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing, and while in transit. SOURCE: SP 800-27 The propert…
View definition →Data Loss
The exposure of proprietary, sensitive, or classified information through either data theft or data leakage. SOURCE: SP 800-137
View definition →Data Mapping
What is Data Mapping? What is Data Mapping? Data mapping is a fundamental process in data management that defines the relationship between data fields in different systems or datas…
View definition →Data Origin Authentication
The process of verifying that the source of the data is as claimed and that the data has not been modified. SOURCE: CNSSI-4009
View definition →Data Security
Protection of data from unauthorized (accidental or intentional) modification, destruction, or disclosure. SOURCE: CNSSI-4009
View definition →Data Transfer Device (DTD)
Fill device designed to securely store, transport, and transfer electronically both COMSEC and TRANSEC key, designed to be backward compatible with the previous generation of COMSE…
View definition →Decertification
Revocation of the certification of an information system item or equipment for cause. SOURCE: CNSSI-4009
View definition →Decipher
Convert enciphered text to plain text by means of a cryptographic system. SOURCE: CNSSI-4009
View definition →Decode
Convert encoded text to plain text by means of a code. SOURCE: CNSSI-4009
View definition →Decrypt
Generic term encompassing decode and decipher. SOURCE: CNSSI-4009
View definition →Decryption
The process of transforming ciphertext into plaintext. SOURCE: SP 800-67 The process of changing ciphertext into plaintext using a cryptographic algorithm and key. SOURCE: SP 800-2…
View definition →Dedicated Mode
Information systems security mode of operation wherein each user, with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts, has all of the f…
View definition →Default Classification
Classification reflecting the highest classification being processed in an information system. Default classification is included in the caution statement affixed to an object. SOU…
View definition →Defense-in-Breadth
A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or su…
View definition →Defense-in-Depth
Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and dimensions of the organization.…
View definition →Degauss
Procedure that reduces the magnetic flux to virtual zero by applying a reverse magnetizing field. Also called demagnetizing. SOURCE: CNSSI-4009
View definition →Delaware Cybersecurity & Privacy Regulations
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px; } .sect…
View definition →Delegated Development Program
INFOSEC program in which the Director, NSA, delegates, on a caseby-case basis, the development and/or production of an entire telecommunications product, including the INFOSEC port…
View definition →Deleted File
A file that has been logically, but not necessarily physically, erased from the operating system, perhaps to eliminate potentially incriminating evidence. Deleting files does not a…
View definition →Demilitarized Zone (DMZ)
An interface on a routing firewall that is similar to the interfaces found on the firewall’s protected side. Traffic moving between the DMZ and other interfaces on the protected si…
View definition →Denial of Service (DoS)
The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service prov…
View definition →Dependent Business Interruption (DBI)
Dependent Business Interruption (DBI) Dependent business interruption (DBI), also known as contingent business interruption (CBI), is insurance coverage that protects businesses fr…
View definition →Depth
An attribute associated with an assessment method that addresses the rigor and level of detail associated with the application of the method. The values for the depth attribute, hi…
View definition →Descriptive Top-Level Specification (DTLS)
A natural language descriptive of a system’s security requirements, an informal design notation, or a combination of the two. SOURCE: CNSSI-4009
View definition →Designated Approval Authority (DAA)
Official with the authority to formally assume responsibility for operating a system at an acceptable level of risk. This term is synonymous with authorizing official, designated a…
View definition →Designated Approving (Accrediting) Authority
See Authorizing Official
View definition →Deterministic Random Bit Generator (DRBG)
A Random Bit Generator (RBG) that includes a DRBG mechanism and (at least initially) has access to a source of entropy input. The DRBG produces a sequence of bits from a secret ini…
View definition →Deterministic Random Bit Generator (DRBG) Mechanism
What is Deterministic Random Bit Generator (DRBG) Mechanism? Definition: The portion of an RBG that includes the functions necessary to instantiate and uninstantiate the RBG…
View definition →Device Distribution Profile
An approval-based Access Control List (ACL) for a specific product that 1) names the user devices in a specific key management infrastructure (KMI) Operating Account (KOA) to which…
View definition →Device Registration Manager
The management role that is responsible for performing activities related to registering users that are devices. SOURCE: CNSSI-4009
View definition →Dial Back
Synonymous with call back. SOURCE: CNSSI-4009
View definition →Differential Power Analysis (DPA)
An analysis of the variations of the electrical power consumption of a cryptographic module, using advanced statistical methods and/or other techniques, for the purpose of extracti…
View definition →Digital Ecosystem
What is a Digital Ecosystem? A "digital ecosystem" refers to a network of interconnected technologies, platforms, businesses, and individuals that interact with each other through…
View definition →Digital Evidence
Electronic information stored or transferred in digital form. SOURCE: SP 800-72
View definition →Digital Forensics
The application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of…
View definition →Digital Signature
An asymmetric key operation where the private key is used to digitally sign data and the public key is used to verify the signature. Digital signatures provide authenticity protect…
View definition →Digital Signature Algorithm
Asymmetric algorithms used for digitally signing data. SOURCE: SP 800-49
View definition →Direct Shipment
Shipment of COMSEC material directly from NSA to user COMSEC accounts. SOURCE: CNSSI-4009
View definition →Disaster Recovery Plan (DRP)
A written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities. SOURCE: SP…
View definition →Disconnection
The termination of an interconnection between two or more IT systems. A disconnection may be planned (e.g., due to changed business needs) or unplanned (i.e., due to an attack or o…
View definition →Discretionary Access Control
The basis of this kind of security is that an individual user, or program operating on the user’s behalf, is allowed to specify explicitly the types of access other users (or progr…
View definition →Disk Imaging
Generating a bit-for-bit copy of the original media, including free space and slack space. SOURCE: SP 800-86
View definition →Disruption
An unplanned event that causes the general system or major application to be inoperable for an unacceptable length of time (e.g., minor or extended power outage, extended unavailab…
View definition →Distinguished Name (DN)
A unique name or character string that unambiguously identifies an entity according to the hierarchical naming conventions of X.500 directory service. SOURCE: CNSSI-4009
View definition →Distinguishing Identifier
Information which unambiguously distinguishes an entity in the authentication process. SOURCE: FIPS 196; CNSSI-4009
View definition →Distributed Denial of Service – (DDoS)
A Denial of Service technique that uses numerous hosts to perform the attack. SOURCE: CNSSI-4009
View definition →DKIM
Domain Keys Identified Mail (DKIM) is an email authentication method that uses cryptographic signatures to verify that an email message wasn't tampered with during transit. It allo…
View definition →DMZ
See Demilitarized Zone
View definition →Domain
A set of subjects, their information objects, and a common security policy. SOURCE: SP 800-27 An environment or context that includes a set of system resources and a set of system…
View definition →Drop Accountability
Procedure under which a COMSEC account custodian initially receipts for COMSEC material, and provides no further accounting for it to its central office of record. Local accountabi…
View definition →Dual-Use Certificate
A certificate that is intended for use with both digital signature and data encryption services. SOURCE: SP 800-32
View definition →Duplicate Digital Evidence
A duplicate is an accurate digital reproduction of all data objects contained on the original physical item and associated media. SOURCE: SP 800-72
View definition →Duration
A field within a certificate that is composed of two subfields; “date of issue” and “date of next issue.” SOURCE: SP 800-32
View definition →Dynamic Subsystem
A subsystem that is not continually present during the execution phase of an information system. Service-oriented architectures and cloud computing architectures are examples of ar…
View definition →E-Government (e-gov)
The use by the U.S. government of Web-based Internet applications and other information technology. SOURCE: CNSSI-4009
View definition →Easter Egg
Hidden functionality within an application program, which becomes activated when an undocumented, and often convoluted, set of commands and keystrokes are entered. Easter eggs are…
View definition →Eavesdropping Attack
An attack in which an Attacker listens passively to the authentication protocol to capture information which can be used in a subsequent active attack to masquerade as the Claimant…
View definition →Education (Information Security)
Education integrates all of the security skills and competencies of the various functional specialties into a common body of knowledge . . . and strives to produce IT security spec…
View definition →Egress Filtering
Filtering of outgoing network traffic. SOURCE: SP 800-41
View definition →Electronic Authentication (E-authentication)
The process of establishing confidence in user identities electronically presented to an information system. SOURCE: SP 800-63; CNSSI-4009
View definition →Electronic Business (e-business)
Doing business online. SOURCE: CNSSI-4009
View definition →Electronic Credentials
Digital documents used in authentication that bind an identity or an attribute to a subscriber's token. SOURCE: CNSSI-4009
View definition →Electronic Evidence
Information and data of investigative value that is stored on or transmitted by an electronic device. SOURCE: SP 800-72
View definition →Electronic Key Entry
The entry of cryptographic keys into a cryptographic module using electronic methods such as a smart card or a key-loading device. (The operator of the key may have no knowledge of…
View definition →Electronic Key Management System (EKMS)
Interoperable collection of systems being developed by services and agencies of the U.S. government to automate the planning, ordering, generating, distributing, storing, filling,…
View definition →Electronic Messaging Services
Services providing interpersonal messaging capability; meeting specific functional, management, and technical requirements; and yielding a business-quality electronic mail service…
View definition →Electronic Signature
The process of applying any mark in electronic form with the intent to sign a data object. See also Digital Signature. SOURCE: CNSSI-4009
View definition →Electronically Generated Key
Key generated in a COMSEC device by introducing (either mechanically or electronically) a seed key into the device and then using the seed, together with a software algorithm store…
View definition →Emanations Security (EMSEC)
individuals information derived from intercept and analysis of compromising emissions from crypto-equipment or an information system. See TEMPEST. SOURCE: CNSSI-4009
View definition →Embedded Computer
Computer system that is an integral part of a larger system. SOURCE: CNSSI-4009
View definition →Embedded Cryptographic System
Cryptosystem performing or controlling a function as an integral element of a larger system or subsystem. SOURCE: CNSSI-4009
View definition →Embedded Cryptography
Cryptography engineered into an equipment or system whose basic function is not cryptographic. SOURCE: CNSSI-4009
View definition →Encipher
Convert plain text to cipher text by means of a cryptographic system. SOURCE: CNSSI-4009
View definition →Enclave
Collection of information systems connected by one or more internal networks under the control of a single authority and security policy. The systems may be structured by physical…
View definition →Enclave Boundary
Point at which an enclave’s internal network service layer connects to an external network’s service layer, i.e., to another enclave or to a Wide Area Network (WAN). SOURCE: CNSSI-…
View definition →Encode
Convert plain text to cipher text by means of a code. SOURCE: CNSSI-4009
View definition →Encrypt
Generic term encompassing encipher and encode. SOURCE: CNSSI-4009
View definition →Encrypted Key
A cryptographic key that has been encrypted using an Approved security function with a key encrypting key, a PIN, or a password in order to disguise the value of the underlying pla…
View definition →Encrypted Network
A network on which messages are encrypted (e.g., using DES, AES, or other appropriate algorithms) to prevent reading by unauthorized parties. SOURCE: SP 800-32
View definition →Encryption
Conversion of plaintext to ciphertext through the use of a cryptographic algorithm. SOURCE: FIPS 185 The process of changing plaintext into ciphertext for the purpose of security o…
View definition →Encryption Algorithm
Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key. SOURCE: CNSSI-4009
View definition →Encryption Certificate
A certificate containing a public key that is used to encrypt electronic messages, files, documents, or data transmissions, or to establish or exchange a session key for these same…
View definition →End Cryptographic Unit (ECU)
Device that (1) performs cryptographic functions, (2) typically is part of a larger system for which the device provides security services, and (3) from the viewpoint of a supporti…
View definition →End-Item Accounting
Accounting for all the accountable components of a COMSEC equipment configuration by a single short title. SOURCE: CNSSI-4009
View definition →End-to-End Encryption
Communications encryption in which data is encrypted when being passed through a network, but routing information remains visible. SOURCE: SP 800-12 Encryption of information at it…
View definition →End-to-End Security
Safeguarding information in an information system from point of origin to point of destination. SOURCE: CNSSI-4009
View definition →Enrollment Manager
The management role that is responsible for assigning user identities to management and non-management roles. SOURCE: CNSSI-4009
View definition →Enterprise
An organization with a defined mission/goal and a defined boundary, using information systems to execute that mission, and with responsibility for managing its own risks and perfor…
View definition →Enterprise Architecture (EA)
The description of an enterprise’s entire set of information systems: how they are configured, how they are integrated, how they interface to the external environment at the enterp…
View definition →Enterprise Risk Management
The methods and processes used by an enterprise to manage risks to its mission and to establish the trust necessary for the enterprise to support shared missions. It involves the i…
View definition →Enterprise Service
A set of one or more computer applications and middleware systems hosted on computer hardware that provides standard information systems capabilities to end users and hosted missio…
View definition →Entity
Either a subject (an active element that operates on information or the system state) or an object (a passive element that contains or receives information). SOURCE: SP 800-27 An a…
View definition →Entrapment
Deliberate planting of apparent flaws in an IS for the purpose of detecting attempted penetrations. SOURCE: CNSSI-4009
View definition →Entropy
What does Entropy mean in simple terms? In simple terms, entropy is a measure of disorder or randomness in a system; the higher the entropy, the more disorganized or random the sys…
View definition →Environment
Aggregate of external procedures, conditions, and objects affecting the development, operation, and maintenance of an information system. SOURCE: FIPS 200; CNSSI-4009
View definition →Environment of Operation
The physical surroundings in which an information system processes, stores, and transmits information. SOURCE: SP 800-37; SP 800-53A The physical, technical, and organizational set…
View definition →Ephemeral Key
A cryptographic key that is generated for each execution of a key establishment process and that meets other requirements of the key type (e.g., unique to each message or session).…
View definition →Erasure
Process intended to render magnetically stored information irretrievable by normal means. SOURCE: CNSSI-4009
View definition →Error Detection Code
A code computed from data and comprised of redundant bits of information designed to detect, but not correct, unintentional changes in the data. SOURCE: FIPS 140-2; CNSSI-4009
View definition →Escrow
Something (e.g., a document, an encryption key) that is "delivered to a third person to be given to the grantee only upon the fulfillment of a condition." SOURCE: FIPS 185
View definition →Evaluation Assurance Level (EAL)
Set of assurance requirements that represent a point on the Common Criteria predefined assurance scale. SOURCE: CNSSI-4009
View definition →Evaluation Products List (EPL)
List of validated products that have been successfully evaluated under the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS…
View definition →Event
Any observable occurrence in a network or system. SOURCE: SP 800-61 Any observable occurrence in a system and/or network. Events sometimes provide indication that an incident is oc…
View definition →Examination
A technical review that makes the evidence visible and suitable for analysis; tests performed on the evidence to determine the presence or absence of specific data. SOURCE: SP 800-…
View definition →Examine
A type of assessment method that is characterized by the process of checking, inspecting, reviewing, observing, studying, or analyzing one or more assessment objects to facilitate…
View definition →Exculpatory Evidence
Evidence that tends to decrease the likelihood of fault or guilt. SOURCE: SP 800-72
View definition →Executive Agency
An executive department specified in 5 United States Code (U.S.C.), Sec. 101; a military department specified in 5 U.S.C., Sec. 102; an independent establishment as defined in 5 U.…
View definition →Exercise Key
Cryptographic key material used exclusively to safeguard communications transmitted over-the-air during military or organized civil training exercises. SOURCE: CNSSI-4009
View definition →Expected Output
Any data collected from monitoring and assessments as part of the Information Security Continuous Monitoring (ISCM) strategy. SOURCE: SP 800-137
View definition →Exploit Code
A program that allows attackers to automatically break into a system. SOURCE: SP 800-40
View definition →Exploitable Channel
Channel that allows the violation of the security policy governing an information system and is usable or detectable by subjects external to the trusted computing base. See Covert…
View definition →Extensible Configuration Checklist Description Format (XCCDF)
SCAP language for specifying checklists and reporting checklist results. SOURCE: SP 800-128
View definition →External Information System Service
An information system service that is implemented outside of the authorization boundary of the organizational information system (i.e., a service that is used by, but not a part of…
View definition →External Information System (or Component)
An information system or component of an information system that is outside of the authorization boundary established by the organization and for which the organization typically h…
View definition →External Information System Service Provider
A provider of external information system services to an organization through a variety of consumer-producer relationships, including but not limited to: joint ventures; business p…
View definition →External Network
A network not controlled by the organization. SOURCE: SP 800-53; CNSSI-4009
View definition →External Security Testing
Security testing conducted from outside the organization’s security perimeter. SOURCE: SP 800-115
View definition →Extraction Resistance
Capability of crypto-equipment or secure telecommunications equipment to resist efforts to extract key. SOURCE: CNSSI-4009
View definition →Extranet
A private network that uses Web technology, permitting the sharing of portions of an enterprise’s information or operations with suppliers, vendors, partners, customers, or other e…
View definition →Fail Safe
Automatic protection of programs and/or processing systems when hardware or software failure is detected. SOURCE: CNSSI-4009
View definition →Fail Soft
Selective termination of affected nonessential processing when hardware or software failure is determined to be imminent. SOURCE: CNSSI-4009
View definition →Failover
The capability to switch over automatically (typically without human intervention or warning) to a redundant or standby information system upon the failure or abnormal termination…
View definition →Failure Access
Type of incident in which unauthorized access to data results from hardware or software failure. SOURCE: CNSSI-4009
View definition →Failure Control
Methodology used to detect imminent hardware or software failure and provide fail safe or fail soft recovery. SOURCE: CNSSI-4009
View definition →False Acceptance
When a biometric system incorrectly identifies an individual or incorrectly verifies an impostor against a claimed identity SOURCE: SP 800-76 In biometrics, the instance of a secur…
View definition →False Acceptance Rate (FAR)
The probability that a biometric system will incorrectly identify an individual or will fail to reject an impostor. The rate given normally assumes passive impostor attempts. SOURC…
View definition →False Positive
An alert that incorrectly indicates that malicious activity is occurring. SOURCE: SP 800-61
View definition →False Rejection
When a biometric system fails to identify an applicant or fails to verify the legitimate claimed identity of an applicant. SOURCE: SP 800-76 In biometrics, the instance of a securi…
View definition →False Rejection Rate (FRR)
The probability that a biometric system will fail to identify an applicant, or verify the legitimate claimed identity of an applicant. SOURCE: SP 800-76 The measure of the likeliho…
View definition →Federal Agency
See Agency, See Executive Agency.
View definition →Federal Bridge Certification Authority (FBCA)
The Federal Bridge Certification Authority consists of a collection of Public Key Infrastructure components (Certificate Authorities, Directories, Certificate Policies and Certific…
View definition →Federal Bridge Certification Authority Membrane
The Federal Bridge Certification Authority Membrane consists of a collection of Public Key Infrastructure components including a variety of Certification Authority PKI products, Da…
View definition →Federal Bridge Certification Authority Operational Authority
The Federal Bridge Certification Authority Operational Authority is the organization selected by the Federal Public Key Infrastructure Policy Authority to be responsible for operat…
View definition →Federal Enterprise Architecture
A business-based framework for governmentwide improvement developed by the Office of Management and Budget that is intended to facilitate efforts to transform the federal governmen…
View definition →Federal Information Processing Standard (FIPS)
A standard for adoption and use by federal departments and agencies that has been developed within the Information Technology Laboratory and published by the National Institute of…
View definition →Federal Information Security Management Act (FISMA)
A statute (Title III, P.L. 107-347) that requires agencies to assess risk to information systems and provide information security protections commensurate with the risk. FISMA also…
View definition →Federal Information System
An information system used or operated by an executive agency, by a contractor of an executive agency, or by another organization on behalf of an executive agency. SOURCE: SP 800-5…
View definition →Federal Information Systems Security Educators’ Association (FISSEA)
An organization whose members come from federal agencies, industry, and academic institutions devoted to improving the IT security awareness and knowledge within the federal govern…
View definition →Federal Public Key Infrastructure Policy Authority (FPKI PA)
The Federal PKI Policy Authority is a federal government body responsible for setting, implementing, and administering policy decisions regarding interagency PKI interoperability t…
View definition →File Encryption
The process of encrypting individual files on a storage medium and permitting access to the encrypted data only after proper authentication is provided. SOURCE: SP 800-111
View definition →File Name Anomaly
1. A mismatch between the internal file header and its external extension; or 2. A file name inconsistent with the content of the file (e.g., renaming a graphics file with a non-gr…
View definition →File Protection
Aggregate of processes and procedures designed to inhibit unauthorized access, contamination, elimination, modification, or destruction of a file or any of its contents. SOURCE: CN…
View definition →File Security
Means by which access to computer files is limited to authorized users only. SOURCE: CNSSI-4009
View definition →Fill Device
COMSEC item used to transfer or store key in electronic form or to insert key into cryptographic equipment. SOURCE: CNSSI-4009
View definition →FIPS
See Federal Information Processing Standard.
View definition →FIPS PUB
An acronym for Federal Information Processing Standards Publication. FIPS publications (PUB) are issued by NIST after approval by the Secretary of Commerce. SOURCE: SP 800-64
View definition →FIPS-Approved Security Method
What is FIPS? FIPS is an acronym that stands for Federal Information Processing Standard (FIPS) What is a FIPS-Approved Security Method? A security method (e.g., cryptographic algo…
View definition →FIPS-Validated Cryptography
A cryptographic module validated by the Cryptographic Module Validation Program (CMVP) to meet requirements specified in FIPS 140-2 (as amended). As a prerequisite to CMVP validati…
View definition →FIREFLY
Key management protocol based on public key cryptography. SOURCE: CNSSI-4009
View definition →Firewall
A gateway that limits access between networks in accordance with local security policy. SOURCE: SP 800-32 A hardware/software capability that limits access between networks and/or…
View definition →Firewall Control Proxy
The component that controls a firewall’s handling of a call. The firewall control proxy can instruct the firewall to open specific ports that are needed by a call, and direct the f…
View definition →Firmware
The programs and data components of a cryptographic module that are stored in hardware within the cryptographic boundary and cannot be dynamically written or modified during execut…
View definition →FISMA
See Federal Information Security Management Act.
View definition →Fixed COMSEC Facility
COMSEC facility located in an immobile structure or aboard a ship. SOURCE: CNSSI-4009
View definition →Flaw
Error of commission, omission, or oversight in an information system that may allow protection mechanisms to be bypassed. SOURCE: CNSSI-4009
View definition →Flooding
An attack that attempts to cause a failure in a system by providing more input than the system can process properly. SOURCE: CNSSI-4009
View definition →Florida Cybersecurity, Privacy & Data Breach Laws
In the state of Florida, several laws exist that protect businesses and consumers privacy, cybersecurity and Data Breach expectations. Here is an overview of Florida Cybersecurity…
View definition →Focused Testing
A test methodology that assumes some knowledge of the internal structure and implementation detail of the assessment object. Also known as gray box testing. SOURCE: SP 800-53A
View definition →Forced Leave
What is Forced Leave? In some cybersecurity policies, "forced leave" or "mandatory vacation." This policy requires employees to take some paid time off to prevent single-point-of-f…
View definition →Forensic Copy
An accurate bit-for-bit reproduction of the information contained on an electronic device or associated media, whose validity and integrity has been verified using an accepted algo…
View definition →Forensic Specialist
A professional who locates, identifies, collects, analyzes, and examines data while preserving the integrity and maintaining a strict chain of custody of information discovered. SO…
View definition →Forensically Clean
What Does 'Forensically Clean' Mean for Your Business? A Guide for SMBs In today's digital-first world, cybersecurity is not just a concern for large corporations. Small and Medium…
View definition →Forensics
The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. SOURCE: CNSSI-4009 See Al…
View definition →Formal Access Approval
A formalization of the security determination for authorizing access to a specific type of classified or sensitive information, based on specified access requirements, a determinat…
View definition →Formal Development Methodology
Software development strategy that proves security design specifications. SOURCE: CNSSI-4009
View definition →Formal Method
Mathematical argument which verifies that the system satisfies a mathematically-described security policy. SOURCE: CNSSI-4009
View definition →Formal Proof
Complete and convincing mathematical argument presenting the full logical justification for each proof step and for the truth of a theorem or set of theorems. SOURCE: CNSSI-4009
View definition →Formal Security Policy
Mathematically-precise statement of a security policy. SOURCE: CNSSI-4009
View definition →Formatting Function
The function that transforms the payload, associated data, and nonce into a sequence of complete blocks. SOURCE: SP 800-38C
View definition →Forward Cipher
One of the two functions of the block cipher algorithm that is determined by the choice of a cryptographic key. The term “forward cipher operation” is used for TDEA, while the term…
View definition →Frequency Hopping
Repeated switching of frequencies during radio transmission according to a specified algorithm, to minimize unauthorized interception or jamming of telecommunications. SOURCE: CNSS…
View definition →Full Disk Encryption (FDE)
The process of encrypting all the data on the hard disk drive used to boot a computer, including the computer’s operating system, and permitting access to the data only after succe…
View definition →Full Maintenance
Complete diagnostic repair, modification, and overhaul of COMSEC equipment, including repair of defective assemblies by piece part replacement. See Limited Maintenance. SOURCE: CNS…
View definition →Functional Testing
Segment of security testing in which advertised security mechanisms of an information system are tested under operational conditions. SOURCE: CNSSI-4009
View definition →Gateway
Interface providing compatibility between networks by converting transmission speeds, protocols, codes, or security measures. SOURCE: CNSSI-4009
View definition →GDPR
d body { font-family: 'Inter', sans-serif; scroll-behavior: smooth; /* Smooth scrolling for anchor links */ } /* Custom styles for FAQ accordion */ .accordion-header { cursor: poin…
View definition →General Support System
An interconnected set of information resources under the same direct management control that shares common functionality. It normally includes hardware, software, information, data…
View definition →Geolocation Data
Geolocation Data Definition Geolocation data refers to information that identifies or provides the geographic location of a device, user, or object through various means, in…
View definition →Georgia Cybersecurity, Data Privacy Laws & Insurance Regulations
Current Georgia Cybersecurity, Data Privacy Laws & Insurance Regulations are summarized as follows; Current Cybersecurity and Data Security Privacy Laws in Georgia While Georgi…
View definition →Global Information Grid (GIG)
The globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to warfighters, polic…
View definition →Global Information Infrastructure (GII)
Worldwide interconnections of the information systems of all countries, international and multinational organizations, and international commercial communications. SOURCE: CNSSI-40…
View definition →Governance
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px; } .sect…
View definition →Graduated Security
A security system that provides several levels (e.g., low, moderate, high) of protection based on threats, risks, available technology, support services, time, human concerns, and…
View definition →Gray Box Testing
See Focused Testing.
View definition →Group Authenticator
Used, sometimes in addition to a sign-on authenticator, to allow access to specific data or functions that may be shared by all members of a particular group. SOURCE: CNSSI-4009
View definition →Guard (System)
A mechanism limiting the exchange of information between information systems or subsystems. SOURCE: CNSSI-4009
View definition →Guessing Entropy
A measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing…
View definition →Hacker
Unauthorized user who attempts to or gains access to an information system. SOURCE: CNSSI-4009
View definition →Handshaking Procedures
Dialogue between two information systems for synchronizing, identifying, and authenticating themselves to one another. SOURCE: CNSSI-4009
View definition →Hard Copy Key
Physical keying material, such as printed key lists, punched or printed key tapes, or programmable, read-only memories (PROM). SOURCE: CNSSI-4009
View definition →Hardening
Configuring a host’s operating systems and applications to reduce the host’s security weaknesses. SOURCE: SP 800-123
View definition →Hardware Security Module (HSM) Keys
What is an HSM Key? HSM keys are cryptographic keys stored within a dedicated hardware device called a Hardware Security Module (HSM). HSMs are designed to securely generate, store…
View definition →Hardwired Key
Permanently installed key. SOURCE: CNSSI-4009
View definition →Hash Function
A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties: 1) One-Way. It is computationally infe…
View definition →Hash Total
Value computed on data to detect error or manipulation. See Checksum. SOURCE: CNSSI-4009
View definition →Hash Value
The result of applying a cryptographic hash function to data (e.g., a message). SOURCE: SP 800-106
View definition →Hash Value/Result
See Message Digest. SOURCE: FIPS 186; CNSSI-4009
View definition →Hash-based Message Authentication Code (HMAC)
A message authentication code that uses a cryptographic key in conjunction with a hash function. SOURCE: FIPS 201; CNSSI-4009 A message authentication code that utilizes a keyed ha…
View definition →Hashing
The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data. SOURCE: SP 800-72; CNSSI-4009
View definition →Hashword
Memory address containing hash total. SOURCE: CNSSI-4009
View definition →Hawaii Cybersecurity, Privacy & Data Security Laws
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Health Information Exchange (HIE)
A health information organization that brings together healthcare stakeholders within a defined geographic area and governs health information exchange among them for the purpose o…
View definition →High Assurance Guard (HAG)
What Is High Assurance Guard? A High Assurance Guard (HAG) is an enclave boundary protection device that controls access between a local area network (LAN) that an enterprise syste…
View definition →High Availability
A failover feature to ensure availability during device or component interruptions. SOURCE: SP 800-113
View definition →High Impact
The loss of confidentiality, integrity, or availability that could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets,…
View definition →High-Impact System
An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a FIPS 199 potential impact value of high. SOURCE: SP…
View definition →Honeypot
A system (e.g., a Web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders and has no authorized users other…
View definition →Hot Site
A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption. SOURCE: SP 800-34 Backup site…
View definition →Hot Wash
A debrief conducted immediately after an exercise or test with the staff and participants. SOURCE: SP 800-84
View definition →Hybrid Security Control
A security control that is implemented in an information system in part as a common control and in part as a system-specific control. See also Common Control and System-Specific Se…
View definition →IA Architecture
A description of the structure and behavior for an enterprise’s security processes, information security systems, personnel and organizational sub-units, showing their alignment wi…
View definition →IA Infrastructure
The underlying security framework that lies beyond an enterprise’s defined boundary, but supports its IA and IA-enabled products, its security posture and its risk management plan.…
View definition →IA Product
Product whose primary purpose is to provide security services (e.g., confidentiality, authentication, integrity, access control, nonrepudiation of data); correct known vulnerabilit…
View definition →IA-Enabled Information Technology Product
Product or technology whose primary role is not security, but which provides security services as an associated feature of its intended operating capabilities. Examples include suc…
View definition →IA-Enabled Product
Product whose primary role is not security, but provides security services as an associated feature of its intended operating capabilities. Note: Examples include such products as…
View definition →Idaho Cybersecurity, Privacy & Data Security Laws
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Identification
The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system. SOURCE: SP 800-47 The process of di…
View definition →Identifier
Unique data used to represent a person’s identity and associated attributes. A name or a card number are examples of identifiers. SOURCE: FIPS 201 A data object - often, a printabl…
View definition →Identity
A set of attributes that uniquely describe a person within a given context. SOURCE: SP 800-63 The set of physical and behavioral characteristics by which an individual is uniquely…
View definition →Identity Binding
Binding of the vetted claimed identity to the individual (through biometrics) according to the issuing authority. SOURCE: FIPS 201
View definition →Identity Proofing
The process by which a Credentials Service Provider (CSP) and a Registration Authority (RA) collect and verify information about a person for the purpose of issuing credentials to…
View definition →Identity Registration
The process of making a person’s identity known to the Personal Identity Verification (PIV) system, associating a unique identifier with that identity, and collecting and recording…
View definition →Identity Token
Smart card, metal key, or other physical object used to authenticate identity. SOURCE: CNSSI-4009
View definition →Identity Validation
Tests enabling an information system to authenticate users or resources. SOURCE: CNSSI-4009
View definition →Identity Verification
The process of confirming or denying that a claimed identity is correct by comparing the credentials (something you know, something you have, something you are) of a person request…
View definition →Identity-Based Access Control
Access control based on the identity of the user (typically relayed as a characteristic of the process acting on behalf of that user) where access authorizations to specific object…
View definition →Identity-Based Security Policy
A security policy based on the identities and/or attributes of the object (system resource) being accessed and of the subject (user, group of users, process, or device) requesting…
View definition →Illinois Cybersecurity, Privacy & Data Security Laws
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Image
An exact bit-stream copy of all electronic data on a device, performed in a manner that ensures that the information is not altered. SOURCE: SP 800-72
View definition →Imitative Communications Deception
Introduction of deceptive messages or signals into an adversary's telecommunications signals. See also Communications Deception and Manipulative Communications Deception. SOURCE: C…
View definition →Impact
The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruc…
View definition →Impact Level
The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruc…
View definition →Impact Value
The assessed potential impact resulting from a compromise of the confidentiality, integrity, or availability of an information type, expressed as a value of low, moderate, or high.…
View definition →Implant
Electronic device or electronic equipment modification designed to gain unauthorized interception of information-bearing emanations. SOURCE: CNSSI-4009
View definition →Inadvertent Disclosure
Type of incident involving accidental exposure of information to an individual not authorized access. SOURCE: CNSSI-4009
View definition →Incident
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. SOURCE: SP 800-61 An occurrence that actually or…
View definition →Incident Handling
The mitigation of violations of security policies and recommended practices. SOURCE: SP 800-61
View definition →Incident Response Plan
The documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against an organization’s informat…
View definition →Incident Response Plan
What Is An Incident Response Plan? An Incident Response Plan (IRP) is a documented strategy outlining how an organization will detect, respond to, and recover from cybersecurity in…
View definition →Incomplete Parameter Checking
System flaw that exists when the operating system does not check all parameters fully for accuracy and consistency, thus making the system vulnerable to penetration. SOURCE: CNSSI-…
View definition →Inculpatory Evidence
Evidence that tends to increase the likelihood of fault or guilt. SOURCE: SP 800-72
View definition →Independent Validation Authority (IVA)
Entity that reviews the soundness of independent tests and system compliance with all stated security controls and risk mitigation actions. IVAs will be designated by the Authorizi…
View definition →Independent Verification & Validation (IV&V)
A comprehensive review, analysis, and testing (software and/or hardware) performed by an objective third party to confirm (i.e., verify) that the requirements are correctly defined…
View definition →Indiana Cybersecurity, Privacy & Data Security Laws
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Indicator
Recognized action, specific, generalized, or theoretical, that an adversary might be expected to take in preparation for an attack. SOURCE: CNSSI-4009 A sign that an incident may h…
View definition →Individual
A citizen of the United States or an alien lawfully admitted for permanent residence. Agencies may, consistent with individual practice, choose to extend the protections of the Pri…
View definition →Individual Accountability
Ability to associate positively the identity of a user with the time, method, and degree of access to an information system. SOURCE: CNSSI-4009
View definition →Individuals
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light blue-gray */ color: #334155; /* Dark slate gray */ } .container { max-width: 900px; } /* Custom style…
View definition →Industrial Control System
An information system used to control industrial processes such as manufacturing, product handling, production, and distribution. Industrial control systems include supervisory con…
View definition →Informal Security Policy
Natural language description, possibly supplemented by mathematical arguments, demonstrating the correspondence of the functional specification to the high-level design. SOURCE: CN…
View definition →Information
An instance of an information type. SOURCE: FIPS 200; FIPS 199; SP 800-60; SP 800-53; SP 800-37 Any communication or representation of knowledge such as facts, data, or opinions in…
View definition →Information Assurance (IA)
Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. These measures…
View definition →Information Assurance (IA) Professional
Individual who works IA issues and has real-world experience plus appropriate IA training and education commensurate with their level of IA responsibility. SOURCE: CNSSI-4009
View definition →Information Assurance Component (IAC)
An application (hardware and/or software) that provides one or more Information Assurance capabilities in support of the overall security and operational objectives of a system. SO…
View definition →Information Assurance Manager (IAM)
See Information Systems Security Manager. SOURCE: CNSSI-4009
View definition →Information Assurance Officer (IAO)
See Information Systems Security Officer. SOURCE: CNSSI-4009
View definition →Information Assurance Vulnerability Alert (IAVA)
Notification that is generated when an Information Assurance vulnerability may result in an immediate and potentially severe threat to DoD systems and information; this alert requi…
View definition →Information Domain
A three-part concept for information sharing, independent of, and across information systems and security domains that 1) identifies information sharing participants as individual…
View definition →Information Environment
Aggregate of individuals, organizations, and/or systems that collect, process, or disseminate information, also included is the information itself. SOURCE: CNSSI-4009
View definition →Information Flow Control
Procedure to ensure that information transfers within an information system are not made in violation of the security policy. SOURCE: CNSSI-4009
View definition →Information Management
The planning, budgeting, manipulating, and controlling of information throughout its life cycle. SOURCE: CNSSI-4009
View definition →Information Operations (IO)
The integrated employment of the core capabilities of electronic warfare, computer network operations, psychological operations, military deception, and operations security, in con…
View definition →Information Owner
Official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, disseminatio…
View definition →Information Resources
Information and related resources, such as personnel, equipment, funds, and information technology. SOURCE: FIPS 200; FIPS 199; SP 800-53; SP 800-18; SP 800-60; 44 U.S.C., Sec. 350…
View definition →Information Resources Management (IRM)
The planning, budgeting, organizing, directing, training, controlling, and management activities associated with the burden, collection, creation, use, and dissemination of informa…
View definition →Information Security
Here's a quick information security overview... Definition The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification…
View definition →Information Security Architect
Individual, group, or organization responsible for ensuring that the information security requirements necessary to protect the organization’s core missions and business processes…
View definition →Information Security Architecture
An embedded, integral part of the enterprise architecture that describes the structure and behavior for an enterprise’s security processes, information security systems, personnel…
View definition →Information Security Continuous Monitoring (ISCM)
Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. [Note: The terms “continuous” and “ongoing”…
View definition →Information Security Continuous Monitoring (ISCM) Process
A process to: • Define an ISCM strategy; • Establish an ISCM program; • Implement an ISCM program; • Analyze data and Report findings; • Respond to findings; and • Review and Updat…
View definition →Information Security Continuous Monitoring (ISCM) Program
A program established to collect information in accordance with preestablished metrics, utilizing information readily available in part through implemented security controls. SOURC…
View definition →Information Security Policy
Aggregate of directives, regulations, rules, and practices that prescribes how an organization manages, protects, and distributes information. SOURCE: SP 800-53; SP 800-37; SP 800-…
View definition →Information Security Program Plan
Formal document that provides an overview of the security requirements for an organization-wide information security program and describes the program management controls and commo…
View definition →Information Security Risk
The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potentia…
View definition →Information Sharing
The requirements for information sharing by an IT system with one or more other IT systems or applications, for information sharing to support multiple internal or external organiz…
View definition →Information Sharing Environment
1. An approach that facilitates the sharing of terrorism and homeland security information; or 2. ISE in its broader application enables those in a trusted partnership to share, di…
View definition →Information Steward
An agency official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, di…
View definition →Information System
A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information. SOURCE: FIPS 200; FIPS 19…
View definition →Information System Boundary
See Authorization Boundary.
View definition →Information System Contingency Plan (ISCP)
Management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies,…
View definition →Information System Life Cycle
The phases through which an information system passes, typically characterized as initiation, development, operation, and termination (i.e., sanitization, disposal and/or destructi…
View definition →Information System Owner
Official responsible for the overall procurement, development, integration, modification, or operation and maintenance of an information system. SOURCE: FIPS 200
View definition →Information System Owner (or Program Manager)
Official responsible for the overall procurement, development, integration, modification, or operation and maintenance of an information system. SOURCE: SP 800-53; SP 800-53A; SP 8…
View definition →Information System Resilience
The ability of an information system to continue to operate while under attack, even if in a degraded or debilitated state, and to rapidly recover operational capabilities for esse…
View definition →Information System Security Officer (ISSO)
Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program. SOURCE: SP 800-37; SP 800-53 Individual a…
View definition →Information System-Related Security Risks
Information system-related security risks are those risks that arise through the loss of confidentiality, integrity, or availability of information or information systems and consi…
View definition →Information Systems Security (INFOSEC)
Protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to au…
View definition →Information Systems Security Engineer (ISSE)
Individual assigned responsibility for conducting information system security engineering activities. SOURCE: SP 800-37; CNSSI-4009
View definition →Information Systems Security Engineering (ISSE)
Process of capturing and refining information protection requirements to ensure their integration into information systems acquisition and information systems development through p…
View definition →Information Systems Security Equipment Modification
Modification of any fielded hardware, firmware, software, or portion thereof, under NSA configuration control. There are three classes of modifications: mandatory (to include human…
View definition →Information Systems Security Manager (ISSM)
Individual responsible for the information assurance of a program, organization, system, or enclave. SOURCE: CNSSI-4009
View definition →Information Systems Security Officer (ISSO)
Individual assigned responsibility for maintaining the appropriate operational security posture for an information system or program. SOURCE: CNSSI-4009 Individual assigned respons…
View definition →Information Systems Security Product
Item (chip, module, assembly, or equipment), technique, or service that performs or relates to information systems security. SOURCE: CNSSI-4009
View definition →Information Technology
Any equipment or interconnected system or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching…
View definition →Information Type
A specific category of information (e.g., privacy, medical, proprietary, financial, investigative, contractor sensitive, security management), defined by an organization or in some…
View definition →Information Value
A qualitative measure of the importance of the information based upon factors such as: level of robustness of the Information Assurance controls allocated to the protection of info…
View definition →Inheritance
See Security Control Inheritance.
View definition →Initialization Vector (IV)
A vector used in defining the starting point of an encryption process within a cryptographic algorithm. SOURCE: FIPS 140-2
View definition →Initialize
Setting the state of a cryptographic logic prior to key generation, encryption, or other operating mode. SOURCE: CNSSI-4009
View definition →Initiator
The entity that initiates an authentication exchange. SOURCE: FIPS 196
View definition →Inside(r) Threat
An entity with authorized access (i.e., within the security domain) that has the potential to harm an information system or enterprise through destruction, disclosure, modification…
View definition →Insider Threat
What is an Insider Threat? In cybersecurity, an Insider Threat refers to the risk that an individual with authorized access to an organization's resources or systems may intentiona…
View definition →Inspectable Space
Three dimensional space surrounding equipment that processes classified and/or sensitive information within which TEMPEST exploitation is not considered practical or where legal au…
View definition →Integrity
Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP…
View definition →Integrity Check Value
Checksum capable of detecting modification of an information system. SOURCE: CNSSI-4009
View definition →Intellectual Property
Useful artistic, technical, and/or industrial information, knowledge or ideas that convey ownership and control of tangible or virtual usage and/or representation. SOURCE: SP 800-3…
View definition →Interconnection Security Agreement (ISA)
An agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection. The ISA also supports a…
View definition →Interface
Common boundary between independent systems or modules where interactions take place. SOURCE: CNSSI-4009
View definition →Interface Control Document
Technical document describing interface controls and identifying the authorities and responsibilities for ensuring the operation of such controls. This document is baselined during…
View definition →Interim Approval to Operate (IATO)
Temporary authorization granted by a DAA for an information system to process information based on preliminary results of a security evaluation of the system. (To be replaced by AT…
View definition →Interim Approval to Test (IATT)
Temporary authorization to test an information system in a specified operational information environment within the time frame and under the conditions or constraints enumerated in…
View definition →Intermediate Certification Authority (CA)
A Certification Authority that is subordinate to another CA, and has a CA subordinate to itself. SOURCE: SP 800-32
View definition →Internal Network
A network where: (i) the establishment, maintenance, and provisioning of security controls are under the direct control of organizational employees or contractors; or (ii) cryptogr…
View definition →Internal Security Controls
Hardware, firmware, or software features within an information system that restrict access to resources only to authorized subjects. SOURCE: CNSSI-4009
View definition →Internal Security Testing
Security testing conducted from inside the organization’s security perimeter. SOURCE: SP 800-115
View definition →Internet
The Internet is the single, interconnected, worldwide system of commercial, governmental, educational, and other computer networks that share (a) the protocol suite specified by th…
View definition →Internet Protocol (IP)
Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks. SOURCE: CNSSI-4009
View definition →Interoperability
For the purposes of this standard, interoperability allows any government facility or information system, regardless of the PIV Issuer, to verify a cardholder’s identity using the…
View definition →Interview
What is a Cybersecurity Interview? In the context of cybersecurity, an "interview" within the NIST Cybersecurity Framework (CSF) refers to a type of assessment method used to gathe…
View definition →Intranet
A private network that is employed within the confines of a given enterprise (e.g., internal to a business or agency). SOURCE: CNSSI-4009
View definition →Intrusion
Unauthorized act of bypassing the security mechanisms of a system. SOURCE: CNSSI-4009
View definition →Intrusion Detection and Prevention System (IDPS)
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light blue-gray */ color: #334155; /* Dark slate gray */ } .container { max-width: 900px; } a { color: #2563e…
View definition →Intrusion Detection Systems (IDS)
Hardware or software product that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intr…
View definition →Intrusion Detection Systems (IDS) – (Host-Based)
IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accou…
View definition →Intrusion Detection Systems (IDS) – (Network-Based)
IDSs which detect attacks by capturing and analyzing network packets. Listening on a network segment or switch, one networkbased IDS can monitor the network traffic affecting multi…
View definition →Intrusion Prevention System(s) (IPS)
System(s) which can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets. SOURCE: SP 800-36; CNSSI-4009
View definition →Inverse Cipher
Series of transformations that converts ciphertext to plaintext using the Cipher Key. SOURCE: FIPS 197
View definition →Iowa | Data Breach Law
How to Comply Iowa recently added provisions to their data breach notification laws. Now businesses must alert consumers of the breach in the “most expeditious manner possible,” an…
View definition →IP Security (IPsec)
Suite of protocols for securing Internet Protocol (IP) communications at the network layer, layer 3 of the OSI model by authenticating and/or encrypting each IP packet in a data st…
View definition →IT Security Architecture
A description of security principles and an overall approach for complying with the principles that drive the system design; i.e., guidelines on the placement and implementation of…
View definition →IT Security Awareness
The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize IT security concerns and res…
View definition →IT Security Awareness and Training Program
Explains proper rules of behavior for the use of agency IT systems and information. The program communicates IT security policies and procedures that need to be followed. SOURCE: S…
View definition →IT Security Education
IT Security Education seeks to integrate all of the security skills and competencies of the various functional specialties into a common body of knowledge, adds a multidisciplinary…
View definition →IT Security Investment
body { font-family: 'Inter', sans-serif; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } .tab-button.active { border-color: #2563eb; /* blue-600 */ color…
View definition →IT Security Metrics
Metrics based on IT security performance goals and objectives. SOURCE: SP 800-55
View definition →IT Security Policy
The “documentation of IT security decisions” in an organization. NIST SP 800-12 categorizes IT Security Policy into three basic types: 1) Program Policy—high-level policy used to c…
View definition →IT Security Training
IT Security Training strives to produce relevant and needed security skills and competencies by practitioners of functional specialties other than IT security (e.g., management, sy…
View definition →IT-Related Risk
The net mission/business impact considering 1) the likelihood that a particular threat source will exploit, or trigger, a particular information system vulnerability, and 2) the re…
View definition →Jamming
An attack in which a device is used to emit electromagnetic energy on a wireless network’s frequency to make it unusable. SOURCE: SP 800-48 An attack that attempts to interfere wit…
View definition →Joint Authorization
Security authorization involving multiple authorizing officials. SOURCE: SP 800-37
View definition →Kansas Cybersecurity, Privacy & Data Security Law
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Kentucky | Data Breach Law
How to Comply In Kentucky, businesses that suffer a harmful data breach must notify affected Kentucky residents as soon as possible through mail or electronic means. When the cost…
View definition →Kerberos
A widely used authentication protocol developed at the Massachusetts Institute of Technology (MIT). In “classic” Kerberos, users share a secret password with a Key Distribution Cen…
View definition →Key
A value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. SOURCE: SP 800-63 A numerical value used to contr…
View definition →Key Bundle
The three cryptographic keys (Key1, Key2, Key3) that are used with a Triple Data Encryption Algorithm (TDEA) mode. SOURCE: SP 800-67
View definition →Key Distribution Center (KDC)
COMSEC facility generating and distributing key in electronic form. SOURCE: CNSSI-4009
View definition →Key Escrow
A deposit of the private key of a subscriber and other pertinent information pursuant to an escrow agreement or similar contract binding upon the subscriber, the terms of which req…
View definition →Key Escrow System
A system that entrusts the two components comprising a cryptographic key (e.g., a device unique key) to two key component holders (also called "escrow agents"). SOURCE: FIPS 185; C…
View definition →Key Establishment
The process by which cryptographic keys are securely established among cryptographic modules using manual transport methods (e.g., key loaders), automated methods (e.g., key transp…
View definition →Key Exchange
The process of exchanging public keys in order to establish secure communications. SOURCE: SP 800-32 Process of exchanging public keys (and other information) in order to establish…
View definition →Key Expansion
Routine used to generate a series of Round Keys from the Cipher Key. SOURCE: FIPS 197
View definition →Key Generation Material
Random numbers, pseudo-random numbers, and cryptographic parameters used in generating cryptographic keys. SOURCE: SP 800-32; CNSSI-4009
View definition →Key List
Printed series of key settings for a specific cryptonet. Key lists may be produced in list, pad, or printed tape format. SOURCE: CNSSI-4009
View definition →Key Loader
A self-contained unit that is capable of storing at least one plaintext or encrypted cryptographic key or key component that can be transferred, upon request, into a cryptographic…
View definition →Key Logger
A program designed to record which keys are pressed on a computer keyboard used to obtain passwords or encryption keys and thus bypass other security measures. SOURCE: SP 800-82
View definition →Key Management
The activities involving the handling of cryptographic keys and other related security parameters (e.g., IVs and passwords) during the entire life cycle of the keys, including thei…
View definition →Key Management Device
A unit that provides for secure electronic distribution of encryption keys to authorized users. SOURCE: CNSSI-4009
View definition →Key Management Infrastructure (KMI)
All parts – computer hardware, firmware, software, and other equipment and its documentation; facilities that house the equipment and related functions; and companion standards, po…
View definition →Key Pair
Two mathematically related keys having the properties that 1) one key can be used to encrypt a message that can only be decrypted using the other key, and 2) even knowing one key,…
View definition →Key Production Key (KPK)
What is a A Key Production Key (KPK)? A Key Production Key (KPK) is a secret key used to initialize a keystream generator for the production of other electronically generated keys.…
View definition →Key Recovery
Mechanisms and processes that allow authorized parties to retrieve the cryptographic key used for data confidentiality. SOURCE: CNSSI-4009
View definition →Key Stream
Sequence of symbols (or their electrical or mechanical equivalents) produced in a machine or auto-manual cryptosystem to combine with plain text to produce cipher text, control tra…
View definition →Key Tag
Identification information associated with certain types of electronic key. SOURCE: CNSSI-4009
View definition →Key Tape
Punched or magnetic tape containing key. Printed key in tape form is referred to as a key list. SOURCE: CNSSI-4009
View definition →Key Transport
The secure transport of cryptographic keys from one cryptographic module to another module. SOURCE: FIPS 140-2; CNSSI-4009
View definition →Key Updating
Irreversible cryptographic process for modifying key. SOURCE: CNSSI-4009
View definition →Key Wrap
A method of encrypting keying material (along with associated integrity information) that provides both confidentiality and integrity protection using a symmetric key algorithm. SO…
View definition →Key-Auto-Key (KAK)
Cryptographic logic using previous key to produce key. SOURCE: CNSSI-4009
View definition →Key-Encryption-Key (KEK)
Key that encrypts or decrypts other key for transmission or storage. SOURCE: CNSSI-4009
View definition →Keyed-hash based message authentication code (HMAC)
A message authentication code that uses a cryptographic key in conjunction with a hash function. SOURCE: FIPS 198; CNSSI-4009
View definition →Keying Material
Key, code, or authentication information in physical, electronic, or magnetic form. SOURCE: CNSSI-4009
View definition →Keystroke Monitoring
body { font-family: 'Inter', sans-serif; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } .tab-button.active { border-color: #2563eb; /* blue-600 */ color…
View definition →KMI Operating Account (KOA)
A KMI business relationship that is established 1) to manage the set of user devices that are under the control of a specific KMI customer organization, and 2) to control the distr…
View definition →KMI Protected Channel (KPC)
A KMI Communication Channel that provides 1) Information Integrity Service; 2) either Data Origin Authentication Service or Peer Entity Authentication Service, as is appropriate to…
View definition →KMI-Aware Device
A user device that has a user identity for which the registration has significance across the entire KMI (i.e., the identity’s registration data is maintained in a database at the…
View definition →KOA Agent
A user identity that is designated by a KOA manager to access PRSN product delivery enclaves for the purpose of retrieving wrapped products that have been ordered for user devices…
View definition →KOA Manager
The Management Role that is responsible for the operation of one or KOA’s (i.e., manages distribution of KMI products to the end cryptographic units, fill devices, and ADPs that ar…
View definition →KOA Registration Manager
The individual responsible for performing activities related to registering KOAs. SOURCE: CNSSI-4009
View definition →Label
See Security Label.
View definition →Labeled Security Protections
Access control protection features of a system that use security labels to make access control decisions. SOURCE: CNSSI-4009
View definition →Laboratory Attack
Use of sophisticated signal recovery equipment in a laboratory environment to recover information from data storage media. SOURCE: SP 800-88; CNSSI-4009
View definition →Least Privilege
The security objective of granting users only those accesses they need to perform their official duties. SOURCE: SP 800-12 The principle that a security architecture should be desi…
View definition →Least Trust
The principal that a security architecture should be designed in a way that minimizes 1) the number of components that require trust, and 2) the extent to which each component is t…
View definition →Level of Concern
Rating assigned to an information system indicating the extent to which protection measures, techniques, and procedures must be applied. High, Medium, and Basic are identified leve…
View definition →Level of Protection
Extent to which protective measures, techniques, and procedures must be applied to information systems and networks based on risk, threat, vulnerability, system interconnectivity c…
View definition →Likelihood of Occurrence
In Information Assurance risk analysis, a weighted factor based on a subjective analysis of the probability that a given threat is capable of exploiting a given vulnerability. SOUR…
View definition →Limited Maintenance
COMSEC maintenance restricted to fault isolation, removal, and replacement of plug-in assemblies. Soldering or unsoldering usually is prohibited in limited maintenance. See Full Ma…
View definition →Line Conditioning
Elimination of unintentional signals or noise induced or conducted on a telecommunications or information system signal, power, control, indicator, or other external interface line…
View definition →Line Conduction
Unintentional signals or noise induced or conducted on a telecommunications or information system signal, power, control, indicator, or other external interface line. SOURCE: CNSSI…
View definition →Line of Business
The following OMB-defined process areas common to virtually all federal agencies: Case Management, Financial Management, Grants Management, Human Resources Management, Federal Heal…
View definition →Link Encryption
Link encryption encrypts all of the data along a communications path (e.g., a satellite link, telephone circuit, or T1 line). Since link encryption also encrypts routing data, comm…
View definition →List-Oriented
Information system protection in which each protected object has a list of all subjects authorized to access it. SOURCE: CNSSI-4009
View definition →LLMjacking
LLMjacking: A Guide for SMBs on Protection, Risks, and Insurance Generative AI and Large Language Models (LLMs) are transforming how Small and Medium-sized Businesses (SMBs)…
View definition →Local Access
Access to an organizational information system by a user (or process acting on behalf of a user) communicating through a direct connection without the use of a network. SOURCE: SP…
View definition →Local Authority
Organization responsible for generating and signing user certificates in a PKI-enabled environment. SOURCE: CNSSI-4009
View definition →Local Management Device/Key Processor (LMD/KP)
EKMS platform providing automated management of COMSEC material and generating key for designated users. SOURCE: CNSSI-4009
View definition →Local Registration Authority (LRA)
A Registration Authority with responsibility for a local community. SOURCE: SP 800-32 A Registration Authority with responsibility for a local community in a PKI-enabled environmen…
View definition →Logic Bomb
A piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. SOURCE: CNSSI-4009
View definition →Logical Completeness Measure
Means for assessing the effectiveness and degree to which a set of security and access control mechanisms meets security specifications. SOURCE: CNSSI-4009
View definition →Logical Perimeter
A conceptual perimeter that extends to all intended users of the system, both directly and indirectly connected, who receive output from the system without a reliable human review…
View definition →Long Title
Descriptive title of a COMSEC item. SOURCE: CNSSI-4009
View definition →Louisiana | Data Breach Law
If y'all want to understand Louisiana data breach and cybersecurity laws, we expand on it here. Please refer to the updated 2025 information at tekrisq.com/louisiana Notification o…
View definition →Low Impact
The loss of confidentiality, integrity, or availability that could be expected to have a limited adverse effect on organizational operations, organizational assets, individuals, ot…
View definition →Low Probability of Detection
Result of measures used to hide or disguise intentional electromagnetic transmissions. SOURCE: CNSSI-4009
View definition →Low Probability of Intercept
Result of measures to prevent the intercept of intentional electromagnetic transmissions. The objective is to minimize an adversary’s capability of receiving, processing, or replay…
View definition →Low-Impact System
An information system in which all three security objectives (i.e., confidentiality, integrity, and availability) are assigned a FIPS 199 potential impact value of low. SOURCE: SP…
View definition →Macro Virus
A virus that attaches itself to documents and uses the macro programming capabilities of the document’s application to execute and propagate. SOURCE: CNSSI-4009
View definition →Magnetic Remanence
Magnetic representation of residual information remaining on a magnetic medium after the medium has been cleared. See Clearing. SOURCE: CNSSI-4009
View definition →Maine | Data Breach Law
Reporting Requirements and Penalties In Maine, any business that experiences a data breach must investigate the likelihood that personal information will be abused. Affected Maine…
View definition →Maintenance Hook
Special instructions (trapdoors) in software allowing easy maintenance and additional feature development. Since maintenance hooks frequently allow entry into the code without the…
View definition →Maintenance Key
Key intended only for in-shop use. SOURCE: CNSSI-4009
View definition →Major Application
An application that requires special attention to security due to the risk and magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of the i…
View definition →Major Information System
An information system that requires special management attention because of its importance to an agency mission; its high development, operating, or maintenance costs; or its signi…
View definition →Malicious Applets
Small application programs that are automatically downloaded and executed and that perform an unauthorized function on an information system. SOURCE: CNSSI-4009
View definition →Malicious Code
Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. A virus,…
View definition →Malicious Logic
Hardware, firmware, or software that is intentionally included or inserted in a system for a harmful purpose. SOURCE: CNSSI-4009
View definition →Malware
What is Malware? Malware is malicious software that can damage or destroy computers and steal data. It's often created by cybercriminals, also known as hackers. Definitions A progr…
View definition →Man-in-the-middle Attack (MitM)
An attack on the authentication protocol run in which the Attacker positions himself in between the Claimant and Verifier so that he can intercept and alter data traveling between…
View definition →Management Client (MGC)
A configuration of a client node that enables a KMI external operational manager to manage KMI products and services by either 1) accessing a PRSN, or 2) exercising locally provide…
View definition →Management Controls
The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information system security. SOURCE…
View definition →Management Security Controls
The security controls (i.e., safeguards or countermeasures) for an information system that focus on the management of risk and the management of information systems security. SOURC…
View definition →Mandatory Access Control (MAC)
A means of restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorizat…
View definition →Mandatory Modification
Change to a COMSEC end-item that NSA requires to be completed and reported by a specified date. See Optional Modification. SOURCE: CNSSI-4009
View definition →Manipulative Communications Deception
Alteration or simulation of friendly telecommunications for the purpose of deception. See Communications Deception and Imitative Communications Deception. SOURCE: CNSSI-4009
View definition →Manual Cryptosystem
Cryptosystem in which the cryptographic processes are performed without the use of crypto-equipment or auto-manual devices. SOURCE: CNSSI-4009
View definition →Manual Key Transport
A non-automated means of transporting cryptographic keys by physically moving a device, document, or person containing or possessing the key or key component. SOURCE: SP 800-57 Par…
View definition →Manual Remote Rekeying
Procedure by which a distant crypto-equipment is rekeyed electronically, with specific actions required by the receiving terminal operator. Synonymous with cooperative remote rekey…
View definition →Marking
See Security Marking
View definition →Maryland Cybersecurity, Privacy & Data Regulations
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Masquerading
When an unauthorized agent claims the identity of another agent, it is said to be masquerading. SOURCE: SP 800-19 A type of threat action whereby an unauthorized entity gains acces…
View definition →Massachusetts | Data Breach Law
Notification Regulations In Massachusetts, any business that experiences a data breach must notify affected MA residents as soon as possible through mail or electronic means. If th…
View definition →Master Cryptographic Ignition Key
Key device with electronic logic and circuits providing the capability for adding more operational CIKs to a keyset. SOURCE: CNSSI-4009
View definition →Match/matching
The process of comparing biometric information against a previously stored template(s) and scoring the level of similarity. SOURCE: FIPS 201; CNSSI-4009
View definition →Maximum Tolerable Downtime
The amount of time mission/business processes can be disrupted without causing significant harm to the organization’s mission. SOURCE: SP 800-34
View definition →Mechanisms
An assessment object that includes specific protection-related items (e.g., hardware, software, or firmware) employed within or at the boundary of an information system. SOURCE: SP…
View definition →Media
Physical devices or writing surfaces including but not limited to magnetic tapes, optical disks, magnetic disks, Large Scale Integration (LSI) memory chips, and printouts (but not…
View definition →Media Sanitization
A general term referring to the actions taken to render data written on media unrecoverable by both ordinary and extraordinary means. SOURCE: SP 800-88 The actions taken to render…
View definition →Memorandum of Understanding/Agreement (MOU/A)
A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission. In this guide, an MOU/A defines the re…
View definition →Memory Scavenging
The collection of residual information from data storage. SOURCE: CNSSI-4009
View definition →Message Authentication Code (MAC)
A cryptographic checksum on data that uses a symmetric key to detect both accidental and intentional modifications of the data. MACs provide authenticity and integrity protection,…
View definition →Message Digest
The result of applying a hash function to a message. Also known as a “hash value” or “hash output”. SOURCE: SP 800-107 A digital signature that uniquely identifies data and has the…
View definition →Message Externals
Information outside of the message text, such as the header, trailer, etc. SOURCE: CNSSI-4009
View definition →Message Indicator
Sequence of bits transmitted over a communications system for synchronizing cryptographic equipment. SOURCE: CNSSI-4009
View definition →Metrics
Tools designed to facilitate decision-making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data. SOURCE: SP…
View definition →Michigan Data Security & Breach Laws
Michigan Insurance Data Security Law The Michigan Insurance Data Security Law added Chapter 5A, MCL 500.550 to 500.565, to the Insurance Code of 1956. Effective January 20, 2021, t…
View definition →MIME
See Multipurpose Internet Mail Extensions.
View definition →Mimicking
See Spoofing.
View definition →Min-Entropy
A measure of the difficulty that an Attacker has to guess the most commonly chosen password used in a system. SOURCE: SP 800-63
View definition →Minimalist Cryptography
Cryptography that can be implemented on devices with very limited memory and computing capabilities, such as RFID tags. SOURCE: SP 800-98
View definition →Minor Application
body { font-family: Arial, sans-serif; line-height: 1.6; margin: 0; padding: 20px; background-color: #f4f4f4; color: #333; } .container { max-width: 900px; margin: auto; bac…
View definition →Misnamed Files
A technique used to disguise a file’s content by changing the file’s name to something innocuous or altering its extension to a different type of file, forcing the examiner to iden…
View definition →Mission Assurance Category (MAC)
A Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) term primarily used to determine the requirements for availability and integrity. SOU…
View definition →Mission Critical
Any telecommunications or information system that is defined as a national security system (Federal Information Security Management Act of 2002 - FISMA) or processes any informatio…
View definition →Mission/Business Segment
Elements of organizations describing mission areas, common/shared business services, and organization-wide services. Mission/business segments can be identified with one or more in…
View definition →Mobile Code
Software programs or parts of programs obtained from remote information systems, transmitted across a network, and executed on a local information system without explicit installat…
View definition →Mobile Code Technologies
Software technologies that provide the mechanisms for the production and use of mobile code (e.g., Java, JavaScript, ActiveX, VBScript). SOURCE: SP 800-53; SP 800-18
View definition →Mobile Device
Portable cartridge/disk-based, removable storage media (e.g., floppy disks, compact disks, USB flash drives, external hard drives, and other flash memory cards/drives that contain…
View definition →Mobile Software Agent
Programs that are goal-directed and capable of suspending their execution on one platform and moving to another platform where they resume execution. SOURCE: SP 800-19
View definition →Mode of Operation
An algorithm for the cryptographic transformation of data that features a symmetric key block cipher algorithm. SOURCE: SP 800-38C Description of the conditions under which an info…
View definition →Moderate Impact
The loss of confidentiality, integrity, or availability that could be expected to have a serious adverse effect on organizational operations, organizational assets, individuals, ot…
View definition →Moderate-Impact System
An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a FIPS 199 potential impact value of moderate and no…
View definition →Multi-Hop Problem
The security risks resulting from a mobile software agent visiting several platforms. SOURCE: SP 800-19
View definition →Multi-Releasable
A characteristic of an information domain where access control mechanisms enforce policy-based release of information to authorized users within the information domain. SOURCE: CNS…
View definition →Multifactor Authentication
Authentication using two or more factors to achieve authentication. Factors include: (i) something you know (e.g. password/PIN); (ii) something you have (e.g., cryptographic identi…
View definition →Multilevel Device
Equipment trusted to properly maintain and separate data of different security domains. SOURCE: CNSSI-4009
View definition →Multilevel Mode
Mode of operation wherein all the following statements are satisfied concerning the users who have direct or indirect access to the system, its peripherals, remote terminals, or re…
View definition →Multilevel Security (MLS)
Concept of processing information with different classifications and categories that simultaneously permits access by users with different security clearances and denies access to…
View definition →Multiple Security Levels (MSL)
Capability of an information system that is trusted to contain, and maintain separation between, resources (particularly stored data) of different security domains. SOURCE: CNSSI-4…
View definition →Mutual Authentication
Occurs when parties at both ends of a communication activity authenticate each other. SOURCE: SP 800-32 The process of both entities involved in a transaction verifying each other.…
View definition →Mutual Suspicion
Condition in which two information systems need to rely upon each other to perform a service, yet neither trusts the other to properly protect shared data. SOURCE: CNSSI-4009
View definition →Naming Authority
An organizational entity responsible for assigning distinguished names (DNs) and for assuring that each DN is meaningful and unique within its domain. SOURCE: SP 800-32
View definition →National Information Infrastructure
Nationwide interconnection of communications networks, computers, databases, and consumer electronics that make vast amounts of information available to users. It includes both pub…
View definition →National Information Assurance Partnership (NIAP)
A U.S. government initiative established to promote the use of evaluated information systems products and champion the development and use of national and international standards f…
View definition →National Security Emergency Preparedness Telecommunications Services
Telecommunications services that are used to maintain a state of readiness or to respond to and manage any event or crisis (local, national, or international) that causes or could…
View definition →National Security Information
Information that has been determined pursuant to Executive Order 12958 as amended by Executive Order 13292, or any predecessor order, or by the Atomic Energy Act of 1954, as amende…
View definition →National Security Information(NSI)
See Classified National Security Information. SOURCE: CNSSI-4009
View definition →National Security System
Any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency—(i) the…
View definition →National Vulnerability Database (NVD)
The U.S. government repository of standards-based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g…
View definition →Need To Know Determination
Decision made by an authorized holder of official information that a prospective recipient requires access to specific official information to carry out official duties. SOURCE: CN…
View definition →Need-To-Know
A method of isolating information resources based on a user’s need to have access to that resource in order to perform their job but no more. The terms ‘need-to know” and “least pr…
View definition →Needs Assessment (IT Security Awareness Training)
Needs Assessment (IT Security Awareness Training) Understanding Your Human Firewall: A Guide to IT Security Awareness Needs Assessment In the complex world of cybersecurity,…
View definition →Net-centric Architecture
A complex system of systems composed of subsystems and services that are part of a continuously evolving, complex community of people, devices, information and services interconnec…
View definition →Network
Information system(s) implemented with a collection of interconnected components. Such components may include routers, hubs, cabling, telecommunications controllers, key distributi…
View definition →Network Access
Access to an organizational information system by a user (or a process acting on behalf of a user) communicating through a network (e.g., local area network, wide area network, Int…
View definition →Network Access Control (NAC)
A feature provided by some firewalls that allows access based on a user’s credentials and the results of health checks performed on the telework client device. SOURCE: SP 800-41
View definition →Network Address Translation (NAT)
A routing technology used by many firewalls to hide internal system addresses from an external network through use of an addressing schema. SOURCE: SP 800-41
View definition →Network Front-End
Device implementing protocols that allow attachment of a computer system to a network. SOURCE: CNSSI-4009
View definition →Network Reference Monitor
See Reference Monitor.
View definition →Network Resilience
A computing infrastructure that provides continuous business operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged), rapid recovery if f…
View definition →Network Security
See Information Assurance.
View definition →Network Security Officer
See Information Systems Security Officer
View definition →Network Sniffing
A passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest. It is both a review technique and a targe…
View definition →Network Sponsor
Individual or organization responsible for stating the security policy enforced by the network, designing the network security architecture to properly enforce that policy, and ens…
View definition →Network System
System implemented with a collection of interconnected components. A network system is based on a coherent security architecture and design. SOURCE: CNSSI-4009
View definition →Network Weaving
Penetration technique in which different communication networks are linked to access an information system to avoid detection and traceback. SOURCE: CNSSI-4009
View definition →Nevada Insurance Data Security Law (SB21)
Data Security Rules for Nevada Businesses What are the data security obligations of insurance businesses operating in Nevada? Nevada has enacted the Insurance Data Security Law (SB…
View definition →No-Lone Zone (NLZ)
Area, room, or space that, when staffed, must be occupied by two or more appropriately cleared individuals who remain within sight of each other. See Two-Person Integrity. SOURCE:…
View definition →Non-deterministic Random Bit Generator (NRBG)
What's an NRBG? A Non-deterministic Random Bit Generator (NRBG) creates random numbers in specific ways. Definition An RBG that (when working properly) produces outputs that have f…
View definition →Non-Local Maintenance
Maintenance activities conducted by individuals communicating through a network; either an external network (e.g., the Internet) or an internal network. SOURCE: SP 800-53
View definition →Non-Organizational User
A user who is not an organizational user (including public users). SOURCE: SP 800-53
View definition →Non-repudiation
Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having proc…
View definition →Nonce
A value used in security protocols that is never repeated with the same key. For example, nonces used as challenges in challengeresponse authentication protocols generally must not…
View definition →North Carolina Cybersecurity Laws
Several Cybersecurity, Data Breach and Data Privacy Laws exist in the state of North Carolina. Here is a review of the ones that impact most businesses operating in the stat…
View definition →NSA-Approved Cryptography
Cryptography that consists of: (i) an approved algorithm; (ii) an implementation that has been approved for the protection of classified information in a particular environment; an…
View definition →Nth Party Risk
What is Nth Party Risk? Does it impact cybersecurity assessment ? Nth Party Risk: Definition, Issues & Cyber Exposures Defining Nth Party Risk Nth Party Risk extends beyond the…
View definition →Nth Tier Risk
Nth Tier Cybersecurity Risk in Your Digital Ecosystem: All About Why Your Suppliers' Suppliers Pose Serious Cyber Risks For Everyone body { font-family: 'Inter', sans-serif; } html…
View definition →Null
Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption or to complete encrypted groups for transmission or transmission se…
View definition →Object
A passive entity that contains or receives information. SOURCE: SP 800-27 Passive information system-related entity (e.g., devices, files, records, tables, processes, programs, dom…
View definition →Object Identifier
A specialized formatted number that is registered with an internationally recognized standards organization. The unique alphanumeric/numeric identifier registered under the ISO reg…
View definition →Object Reuse
Reassignment and reuse of a storage medium containing one or more objects after ensuring no residual data remains on the storage medium. SOURCE: CNSSI-4009
View definition →Off-Card
Refers to data that is not stored within the PIV card or computation that is not done by the Integrated Circuit Chip (ICC) of the PIV card. SOURCE: FIPS 201
View definition →Off-line Attack
An attack where the Attacker obtains some data (typically by eavesdropping on an authentication protocol run, or by penetrating a system and stealing security files) that he/she is…
View definition →Off-line Cryptosystem
Cryptographic system in which encryption and decryption are performed independently of the transmission and reception functions. SOURCE: CNSSI-4009
View definition →Official Information
All information in the custody and control of a U.S. government department or agency that was acquired by U.S. government employees as a part of their official duties or because of…
View definition →On-Card
Refers to data that is stored within the PIV card or computation that is done by the ICC of the PIV card. SOURCE: FIPS 201
View definition →One-part Code
Code in which plain text elements and their accompanying code groups are arranged in alphabetical, numerical, or other systematic order, so one listing serves for both encoding and…
View definition →One-time Cryptosystem
Cryptosystem employing key used only once. SOURCE: CNSSI-4009
View definition →One-time Pad
Manual one-time cryptosystem produced in pad form. SOURCE: CNSSI-4009
View definition →One-time Tape
Punched paper tape used to provide key streams on a one-time basis in certain machine cryptosystems. SOURCE: CNSSI-4009
View definition →One-Way Hash Algorithm
Hash algorithms which map arbitrarily long inputs into a fixed-size output such that it is very difficult (computationally infeasible) to find two different hash inputs that produc…
View definition →Online Attack
An attack against an authentication protocol where the Attacker either assumes the role of a Claimant with a genuine Verifier or actively alters the authentication channel. The goa…
View definition →Online Certificate Status Protocol (OCSP)
An online protocol used to determine the status of a public key certificate. SOURCE: FIPS 201
View definition →Online Cryptosystem
Cryptographic system in which encryption and decryption are performed in association with the transmitting and receiving functions. SOURCE: CNSSI-4009
View definition →Open Checklist Interactive Language (OCIL)
SCAP language for expressing security checks that cannot be evaluated without some human interaction or feedback. SOURCE: SP 800-128
View definition →Open Storage
Any storage of classified national security information outside of approved containers. This includes classified information that is resident on information systems media and outsi…
View definition →Open Vulnerability and Assessment Language (OVAL)
SCAP language for specifying low-level testing procedures used by checklists. SOURCE: SP 800-128
View definition →Operating System (OS) Fingerprinting
Analyzing characteristics of packets sent by a target, such as packet headers or listening ports, to identify the operating system in use on the target. SOURCE: SP 800-115
View definition →Operational Controls
The security controls (i.e., safeguards or countermeasures) for an information system that primarily are implemented and executed by people (as opposed to systems). SOURCE: SP 800-…
View definition →Operational Key
Key intended for use over-the-air for protection of operational information or for the production or secure electrical transmission of key streams. SOURCE: CNSSI-4009
View definition →Operational Vulnerability Information
Information that describes the presence of an information vulnerability within a specific operational setting or network. SOURCE: CNSSI-4009
View definition →Operational Waiver
Authority for continued use of unmodified COMSEC end-items pending the completion of a mandatory modification. SOURCE: CNSSI-4009
View definition →Operations Code
In computing, "Operations Code," often shortened to "opcode," refers to a code (typically a number or a sequence of bits) that specifies the operation to be performed by a CPU or o…
View definition →Operations Security (OPSEC)
Systematic and proven process by which potential adversaries can be denied information about capabilities and intentions by identifying, controlling, and protecting generally uncla…
View definition →Optional Modification
NSA-approved modification not required for universal implementation by all holders of a COMSEC end-item. This class of modification requires all of the engineering/doctrinal contro…
View definition →Organization
What is an "Organization"? In the context of cybersecurity, an "Organization" refers to any entity that utilizes or relies on digital systems and information, including government…
View definition →Organizational Information Security Continuous Monitoring
Ongoing monitoring sufficient to ensure and assure effectiveness of security controls related to systems, networks, and cyberspace, by assessing security control implementation and…
View definition →Organizational Maintenance
Limited maintenance performed by a user organization. SOURCE: CNSSI-4009
View definition →Organizational Registration Authority (ORA)
Entity within the PKI that authenticates the identity and the organizational affiliation of the users. SOURCE: CNSSI-4009
View definition →Organizational User
An organizational employee or an individual the organization deems to have equivalent status of an employee (e.g., contractor, guest researcher, individual detailed from another or…
View definition →Outside Threat
An unauthorized entity from outside the domain perimeter that has the potential to harm an Information System through destruction, disclosure, modification of data, and/or denial o…
View definition →Outside(r) Threat
An unauthorized entity outside the security domain that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of serv…
View definition →Over-The-Air Key Distribution
Providing electronic key via over-the-air rekeying, over-the-air key transfer, or cooperative key generation. SOURCE: CNSSI-4009
View definition →Over-The-Air Key Transfer
Electronically distributing key without changing traffic encryption key used on the secured communications path over which the transfer is accomplished. SOURCE: CNSSI-4009
View definition →Over-The-Air Rekeying (OTAR)
Changing traffic encryption key or transmission security key in remote cryptographic equipment by sending new key directly to the remote cryptographic equipment over the communicat…
View definition →Overt Channel
Communications path within a computer system or network designed for the authorized transfer of data. See Covert Channel. SOURCE: CNSSI-4009
View definition →Overt Testing
Security testing performed with the knowledge and consent of the organization’s IT staff. SOURCE: SP 800-115
View definition →Overwrite Procedure
A software process that replaces data previously stored on storage media with a predetermined set of meaningless data or random patterns. SOURCE: CNSSI-4009
View definition →Packet Filter
A routing device that provides access control functionality for host addresses and communication sessions. SOURCE: SP 800-41
View definition →Packet Sniffer
Software that observes and records network traffic. SOURCE: CNSSI-4009
View definition →Parity
What is Parity? In cybersecurity, parity generally refers to a simple error detection method used to ensure data integrity during transmission or storage. It involves adding an ext…
View definition →Partitioned Security Mode
Information systems security mode of operation wherein all personnel have the clearance, but not necessarily formal access approval and need-to-know, for all information handled by…
View definition →Passive Attack
An attack against an authentication protocol where the Attacker intercepts data traveling along the network between the Claimant and Verifier, but does not alter the data (i.e., ea…
View definition →Passive Security Testing
Security testing that does not involve any direct interaction with the targets, such as sending packets to a target. SOURCE: SP 800-115
View definition →Passive Wiretapping
The monitoring or recording of data while it is being transmitted over a communications link, without altering or affecting the data. SOURCE: CNSSI-4009
View definition →Password
A secret that a Claimant memorizes and uses to authenticate his or her identity. Passwords are typically character strings. SOURCE: SP 800-63 A protected character string used to a…
View definition →Password Cracking
The process of recovering secret passwords stored in a computer system or transmitted over a network. SOURCE: SP 800-115
View definition →Password Protected
The ability to protect a file using a password access control, protecting the data contents from being viewed with the appropriate viewer unless the proper password is entered. SOU…
View definition →Patch
An update to an operating system, application, or other software issued specifically to correct particular problems with the software. SOURCE: SP 800-123
View definition →Patch Management
The systematic notification, identification, deployment, installation, and verification of operating system and application software code revisions. These revisions are known as pa…
View definition →Path Histories
Maintaining an authenticatable record of the prior platforms visited by a mobile software agent, so that a newly visited platform can determine whether to process the agent and wha…
View definition →Payload
The input data to the CCM generation-encryption process that is both authenticated and encrypted. SOURCE: SP 800-38C
View definition →PCI DSS
A Small Business Guide to PCI DSS: Protecting Payments and Trust For any small or medium-sized business (SMB) that accepts credit or debit card payments, the term "PCI DSS" is one…
View definition →Peer Entity Authentication
The process of verifying that a peer entity in an association is as claimed. SOURCE: CNSSI-4009
View definition →Penetration
See Intrusion.
View definition →Penetration Testing
What is a Penetration Test? A penetration test, better known as a pentest, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the sy…
View definition →Per-Call Key
Unique traffic encryption key generated automatically by certain secure telecommunications systems to secure single voice or data transmissions. See Cooperative Key Generation. SOU…
View definition →Performance Reference Model (PRM)
Framework for performance measurement providing common output measurements throughout the federal government. It allows agencies to better manage the business of government at a st…
View definition →Perimeter
(C&A) Encompasses all those components of the system that are to be accredited by the DAA, and excludes separately accredited systems to which the system is connected. (Authori…
View definition →Periods Processing
The processing of various levels of classified and unclassified information at distinctly different times. Under the concept of periods processing, the system must be purged of all…
View definition →Perishable Data
Information whose value can decrease substantially during a specified time. A significant decrease in value occurs when the operational circumstances change to the extent that the…
View definition →Permuter
In cybersecurity, a Permuter device is a component used in cryptographic equipment. Its purpose is to change the order in which the contents of a shift register are used in various…
View definition →Personal Firewall
A utility on a computer that monitors network activity and blocks communications that are unauthorized. SOURCE: SP 800-69
View definition →Personal Identification Number (PIN)
A password consisting only of decimal digits. SOURCE: SP 800-63 A secret that a claimant memorizes and uses to authenticate his or her identity. PINs are generally only decimal dig…
View definition →Personal Identity Verification Issuer
An authorized identity card creator that procures FIPS-approved blank identity cards, initializes them with appropriate software and data elements for the requested identity verifi…
View definition →Personal Identity Verification (PIV)
The process of creating and using a governmentwide secure and reliable form of identification for federal employees and contractors, in support of HSPD 12, Policy for a Common Iden…
View definition →Personal Identity Verification Accreditation
The official management decision to authorize operation of a PIV Card Issuer after determining that the Issuer’s reliability has satisfactorily been established through appropriate…
View definition →Personal Identity Verification Authorizing Official
An individual who can act on behalf of an agency to authorize the issuance of a credential to an applicant. SOURCE: CNSSI-4009
View definition →Personal Identity Verification Card (PIV Card)
Physical artifact (e.g., identity card, “smart” card) issued to an individual that contains stored identity credentials (e.g., photograph, cryptographic keys, digitized fingerprint…
View definition →Personal Identity Verification Registrar
An entity that establishes and vouches for the identity of an applicant to a PIV Issuer. The PIV RA authenticates the applicant’s identity by checking identity source documents and…
View definition →Personal Identity Verification Sponsor
An individual who can act on behalf of a department or agency to request a PIV Card for an applicant. SOURCE: FIPS 201
View definition →Personally Identifiable Information (PII)
Information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc., alone, or when combined with ot…
View definition →Personnel Registration Manager
The management role that is responsible for registering human users, i.e., users that are people. SOURCE: CNSSI-4009
View definition →Phishing
Tricking individuals into disclosing sensitive personal information through deceptive computer-based means. SOURCE: SP 800-83 Deceiving individuals into disclosing sensitive person…
View definition →Physically Isolated Network
A network that is not connected to entities or systems outside a physically controlled space. SOURCE: SP 800-32
View definition →Piconet
What is a Piconet? A Piconet is a small, ad hoc Bluetooth network consisting of two or more devices that operate on the same channel and use the same frequency hopping sequence. It…
View definition →PII Confidentiality Impact Level
The PII confidentiality impact level—low, moderate, or high— indicates the potential harm that could result to the subject individuals and/or the organization if PII were inappropr…
View definition →Plaintext
Data input to the Cipher or output from the Inverse Cipher. SOURCE: FIPS 197 Intelligible data that has meaning and can be understood without the application of decryption. SOURCE:…
View definition →Plaintext Key
An unencrypted cryptographic key. SOURCE: FIPS 140-2
View definition →Plan of Action and Milestones (POA&M)
A document that identifies tasks needing to be accomplished. It details resources required to accomplish the elements of the plan, any milestones in meeting the tasks, and schedule…
View definition →Policy Approving Authority (PAA)
First level of the PKI Certification Management Authority that approves the security policy of each PCA. SOURCE: CNSSI-4009
View definition →Policy Certification Authority (PCA)
Second level of the PKI Certification Management Authority that formulates the security policy under which it and its subordinate CAs will issue public key certificates. SOURCE: CN…
View definition →Policy Management Authority (PMA)
Body established to oversee the creation and update of Certificate Policies, review Certification Practice Statements, review the results of CA audits for policy compliance, evalua…
View definition →Policy Mapping
Recognizing that, when a CA in one domain certifies a CA in another domain, a particular certificate policy in the second domain may be considered by the authority of the first dom…
View definition →Policy-Based Access Control (PBAC)
A form of access control that uses an authorization policy that is flexible in the types of evaluated parameters (e.g., identity, role, clearance, operational need, risk, and heuri…
View definition →Port
A physical entry or exit point of a cryptographic module that provides access to the module for physical signals, represented by logical information flows (physically separated por…
View definition →Port Scanning
Using a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports). SOURCE: CNSSI-4009
View definition →Portable Electronic Device (PED)
Any nonstationary electronic apparatus with singular or multiple capabilities of recording, storing, and/or transmitting data, voice, video, or photo images. This includes but is n…
View definition →Portal
A high-level remote access architecture that is based on a server that offers teleworkers access to one or more applications through a single centralized interface. SOURCE: SP 800-…
View definition →Positive Control Material
Generic term referring to a sealed authenticator system, permissive action link, coded switch system, positive enable system, or nuclear command and control documents, material, or…
View definition →Potential Impact
The loss of confidentiality, integrity, or availability could be expected to have: 1) a limited adverse effect (FIPS 199 low); 2) a serious adverse effect (FIPS 199 moderate); or 3…
View definition →Practice Statement
A formal statement of the practices followed by an authentication entity (e.g., RA, CSP, or Verifier). It usually describes the policies and practices of the parties and can become…
View definition →Precursor
A sign that an attacker may be preparing to cause an incident. SOURCE: SP 800-61 A sign that an attacker may be preparing to cause an incident. See Indicator. SOURCE: CNSSI-4009
View definition →Prediction Resistance
Prediction resistance is provided relative to time T if there is assurance that an adversary who has knowledge of the internal state of the DRBG at some time prior to T would be un…
View definition →Predisposing Condition
A condition that exists within an organization, a mission/business process, enterprise architecture, or information system including its environment of operation, which contributes…
View definition →Preproduction Model
Version of INFOSEC equipment employing standard parts and suitable for complete evaluation of form, design, and performance. Preproduction models are often referred to as beta mode…
View definition →Primary Services Node (PRSN)
A Key Management Infrastructure core node that provides the users’ central point of access to KMI products, services, and information. SOURCE: CNSSI-4009
View definition →Principal
An entity whose identity can be authenticated. SOURCE: FIPS 196
View definition →Principal Accrediting Authority (PAA)
Senior official with authority and responsibility for all intelligence systems within an agency. SOURCE: CNSSI-4009
View definition →Principal Certification Authority – (CA)
The Principal Certification Authority is a CA designated by an agency to interoperate with the FBCA. An agency may designate multiple Principal CAs to interoperate with the FBCA. S…
View definition →Print Suppression
Eliminating the display of characters in order to preserve their secrecy. SOURCE: CNSSI-4009
View definition →Privacy
Restricting access to subscriber or Relying Party information in accordance with federal law and agency policy. SOURCE: SP 800-32
View definition →Privacy Impact Assessment (PIA)
Privacy Impact Assessment (PIA): Process, Usefulness & Best Practices for SMBs What is a Privacy Impact Assessment (PIA)? A Privacy Impact Assessment (PIA) is a systemat…
View definition →Privacy System
Commercial encryption system that affords telecommunications limited protection to deter a casual listener, but cannot withstand a technically competent cryptanalytic attack. SOURC…
View definition →Private Key
The secret part of an asymmetric key pair that is typically used to digitally sign or decrypt data. SOURCE: SP 800-63 A cryptographic key, used with a public key cryptographic algo…
View definition →Privilege
A right granted to an individual, a program, or a process. SOURCE: CNSSI-4009
View definition →Privilege Management
The definition and management of policies and processes that define the ways in which the user is provided access rights to enterprise systems. It governs the management of the dat…
View definition →Privileged Access Management (PAM)
Privileged Access Management (PAM) is a cybersecurity solution that can protect and organizations sensitive data and critical systems by controlling and monitoring privileged accou…
View definition →Privileged Account
What is a Privileged Account? A Privileged Account in cybersecurity focuses on protecting accounts with elevated permissions that can access sensitive systems and data. These accou…
View definition →Privileged Accounts
Individuals who have access to set “access rights” for users on a given system. Sometimes referred to as system or network administrative accounts. SOURCE: SP 800-12
View definition →Privileged Command
A human-initiated command executed on an information system involving the control, monitoring, or administration of the system including security functions and associated security-…
View definition →Privileged Process
A computer process that is authorized (and, therefore, trusted) to perform security-relevant functions that ordinary processes are not authorized to perform. SOURCE: CNSSI-4009
View definition →Privileged User
A user that is authorized (and, therefore, trusted) to perform securityrelevant functions that ordinary users are not authorized to perform. SOURCE: SP 800-53; CNSSI-4009
View definition →Probability of Occurrence
See Likelihood of Occurrence.
View definition →Probe
A technique that attempts to access a system to learn something about the system. SOURCE: CNSSI-4009
View definition →Product Source Node (PSN)
The Key Management Infrastructure core node that provides central generation of cryptographic key material. SOURCE: CNSSI-4009
View definition →Production Model
INFOSEC equipment in its final mechanical and electrical form. SOURCE: CNSSI-4009
View definition →Profiling
Measuring the characteristics of expected activity so that changes to it can be more easily identified. SOURCE: SP 800-61; CNSSI-4009
View definition →Promiscuous Mode
A configuration setting for a network interface card that causes it to accept all incoming packets that it sees, regardless of their intended destinations. SOURCE: SP 800-94
View definition →Proprietary Information (PROPIN)
Material and information relating to or associated with a company's products, business, or activities, including but not limited to financial information; data or statements; trade…
View definition →Protected Distribution System (PDS)
Wire line or fiber optic system that includes adequate safeguards and/or countermeasures (e.g., acoustic, electric, electromagnetic, and physical) to permit its use for the transmi…
View definition →Protection Philosophy
Informal description of the overall design of an information system delineating each of the protection mechanisms employed. Combination of formal and informal techniques, appropria…
View definition →Protection Profile
Common Criteria specification that represents an implementationindependent set of security requirements for a category of Target of Evaluations (TOE) that meets specific consumer n…
View definition →Protective Distribution System
Wire line or fiber optic system that includes adequate safeguards and/or countermeasures (e.g., acoustic, electric, electromagnetic, and physical) to permit its use for the transmi…
View definition →Protective Packaging
Packaging techniques for COMSEC material that discourage penetration, reveal a penetration has occurred or was attempted, or inhibit viewing or copying of keying material prior to…
View definition →Protective Technologies
Special tamper-evident features and materials employed for the purpose of detecting tampering and deterring attempts to compromise, modify, penetrate, extract, or substitute inform…
View definition →Protocol
Set of rules and formats, semantic and syntactic, permitting information systems to exchange information. SOURCE: CNSSI-4009
View definition →Protocol Data Unit
A unit of data specified in a protocol and consisting of protocol information and, possibly, user data. SOURCE: FIPS 188
View definition →Protocol Entity
Entity that follows a set of rules and formats (semantic and syntactic) that determines the communication behavior of other entities. SOURCE: FIPS 188
View definition →Proxy
A proxy is an application that “breaks” the connection between client and server. The proxy accepts certain types of traffic entering or leaving a network and processes it and forw…
View definition →Proxy Agent
A software application running on a firewall or on a dedicated proxy server that is capable of filtering a protocol and routing it between the interfaces of the device. SOURCE: CNS…
View definition →Proxy Server
A server that services the requests of its clients by forwarding those requests to other servers. SOURCE: CNSSI-4009
View definition →Pseudonym
A false name. SOURCE: SP 800-63 1. A subscriber name that has been chosen by the subscriber that is not verified as meaningful by identity proofing. 2. An assigned identity that is…
View definition →Pseudorandom Number Generator (PRNG)
What's a A Pseudorandom Number Generator (PRNG)? A Pseudorandom Number Generator (PRNG) is an algorithm that produces a sequence of numbers that appears to be random, but is actual…
View definition →Public Domain Software
Software not protected by copyright laws of any nation that may be freely used without permission of, or payment to, the creator, and that carries no warranties from, or liabilitie…
View definition →Public Key
The public part of an asymmetric key pair that is typically used to verify signatures or encrypt data. SOURCE: FIPS 201; SP 800-63 A cryptographic key, used with a public key crypt…
View definition →Public Key (Asymmetric) Cryptographic Algorithm
A cryptographic algorithm that uses two related keys, a public key and a private key. The two keys have the property that deriving the private key from the public key is computatio…
View definition →Public Key Certificate
A digital document issued and digitally signed by the private key of a Certificate authority that binds the name of a Subscriber to a public key. The certificate indicates that the…
View definition →Public Key Cryptography
Encryption system that uses a public-private key pair for encryption and/or digital signature. SOURCE: CNSSI-4009
View definition →Public Key Enabling (PKE)
The incorporation of the use of certificates for security services such as authentication, confidentiality, data integrity, and non-repudiation. SOURCE: CNSSI-4009
View definition →Public Key Infrastructure (PKI)
A set of policies, processes, server platforms, software, and workstations used for the purpose of administering certificates and public-private key pairs, including the ability to…
View definition →Public Seed
A starting value for a pseudorandom number generator. The value produced by the random number generator may be made public. The public seed is often called a “salt.” SOURCE: CNSSI-…
View definition →Purge
Rendering sanitized data unrecoverable by laboratory attack methods. SOURCE: SP 800-88; CNSSI-4009
View definition →Quadrant
Short name referring to technology that provides tamper-resistant protection to cryptographic equipment. SOURCE: CNSSI-4009
View definition →Qualitative Assessment
Use of a set of methods, principles, or rules for assessing risk based on nonnumeric categories or levels. SOURCE: SP 800-30
View definition →Quality of Service
The measurable end-to-end performance properties of a network service, which can be guaranteed in advance by a Service-Level Agreement between a user and a service provider, so as…
View definition →Quantitative Assessment
Use of a set of methods, principles, or rules for assessing risks based on the use of numbers where the meanings and proportionality of values are maintained inside and outside the…
View definition →Quarantine
Store files containing malware in isolation for future disinfection or examination. SOURCE: SP 800-69
View definition →Radio Frequency Identification (RFID)
A form of automatic identification and data capture (AIDC) that uses electric or magnetic fields at radio frequencies to transmit information. SOURCE: SP 800-98
View definition →Random Bit Generator (RBG)
A device or algorithm that outputs a sequence of binary bits that appears to be statistically independent and unbiased. An RBG is either a DRBG or an NRBG. SOURCE: SP 800-90A
View definition →Random Number Generation (RNG)
Remote Number Generation (RNG) in Cybersecurity: Principles and Applications What is Remote Number Generation (RNG) in Cybersecurity? In cybersecurity, Remote Number Generation (RN…
View definition →Randomizer
Analog or digital source of unpredictable, unbiased, and usually independent bits. Randomizers can be used for several different functions, including key generation or to provide a…
View definition →Ransomware
What exactly is Ransomware? It is a significant cybersecurity threat that can cause substantial disruption and financial losses. Here's a breakdown of what it is: Definition: Ranso…
View definition →RBAC
See Role-Based Access Control.
View definition →Read
Fundamental operation in an information system that results only in the flow of information from an object to a subject. SOURCE: CNSSI-4009
View definition →Read Access
Permission to read information in an information system. SOURCE: CNSSI-4009
View definition →Real-Time Reaction
Immediate response to a penetration attempt that is detected and diagnosed in time to prevent access. SOURCE: CNSSI-4009
View definition →Recipient Usage Period
The period of time during the cryptoperiod of a symmetric key when protected information is processed. SOURCE: SP 800-57 Part 1
View definition →Reciprocity
Mutual agreement among participating enterprises to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed s…
View definition →Records
The recordings (automated and/or manual) of evidence of activities performed or results achieved (e.g., forms, reports, test results), which serve as a basis for verifying that the…
View definition →Records Management
The process for tagging information for records-keeping requirements as mandated in the Federal Records Act and the National Archival and Records Requirements. SOURCE: CNSSI-4009
View definition →Recovery Point Objective
The point in time to which data must be recovered after an outage. SOURCE: SP 800-34
View definition →Recovery Procedures
Actions necessary to restore data files of an information system and computational capability after a system failure. SOURCE: CNSSI-4009
View definition →Recovery Time Objective
The overall length of time an information system’s components can be in the recovery phase before negatively impacting the organization’s mission or mission/business functions. SOU…
View definition →RED
In cryptographic systems, refers to information or messages that contain sensitive or classified information that is not encrypted. See also BLACK. SOURCE: CNSSI-4009
View definition →Red Signal
Any electronic emission (e.g., plain text, key, key stream, subkey stream, initial fill, or control signal) that would divulge national security information if recovered. SOURCE: C…
View definition →Red Team
A group of people authorized and organized to emulate a potential adversary’s attack or exploitation capabilities against an enterprise’s security posture. The Red Team’s objective…
View definition →Red Team Exercise
An exercise, reflecting real-world conditions, that is conducted as a simulated adversarial attempt to compromise organizational missions and/or business processes to provide a com…
View definition →Red/Black Concept
Separation of electrical and electronic circuits, components, equipment, and systems that handle unencrypted information (Red), in electrical form, from those that handle encrypted…
View definition →Reference Monitor
The security engineering term for IT functionality that— 1) controls all access, 2) cannot be bypassed, 3) is tamper-resistant, and 4) provides confidence that the other three item…
View definition →Registration
The process through which a party applies to become a subscriber of a Credentials Service Provider (CSP) and a Registration Authority validates the identity of that party on behalf…
View definition →Registration Authority (RA)
A trusted entity that establishes and vouches for the identity of a Subscriber to a CSP. The RA may be an integral part of a CSP, or it may be independent of a CSP, but it has a re…
View definition →Regulatory Requirements
Cybersecurity Regulatory Requirements and Their Strategic Utility Cybersecurity Regulatory Requirements are legally mandated frameworks designed to protect digital assets, sensitiv…
View definition →Rekey
To change the value of a cryptographic key that is being used in a cryptographic system/application. SOURCE: CNSSI-4009
View definition →Rekey (a certificate)
To change the value of a cryptographic key that is being used in a cryptographic system application; this normally entails issuing a new certificate on the new public key. SOURCE:…
View definition →Release Prefix
Prefix appended to the short title of U.S.-produced keying material to indicate its foreign releasability. "A" designates material that is releasable to specific allied nations, an…
View definition →Relying Party
An entity that relies upon the subscriber’s credentials, typically to process a transaction or grant access to information or a system. SOURCE: CNSSI-4009 An entity that relies upo…
View definition →Remanence
Residual information remaining on storage media after clearing. See Magnetic Remanence and Clearing. SOURCE: CNSSI-4009
View definition →Remediation
The act of correcting a vulnerability or eliminating a threat. Three possible types of remediation are installing a patch, adjusting configuration settings, or uninstalling a softw…
View definition →Remediation Plan
A plan to perform the remediation of one or more threats or vulnerabilities facing an organization’s systems. The plan typically includes options to remove threats and vulnerabilit…
View definition →Remote Access
Access to an organizational information system by a user (or an information system acting on behalf of a user) communicating through an external network (e.g., the Internet). SOURC…
View definition →Remote Diagnostics/Maintenance
Maintenance activities conducted by authorized individuals communicating through an external network (e.g., the Internet). SOURCE: CNSSI-4009
View definition →Remote Maintenance
Maintenance activities conducted by individuals communicating external to an information system security perimeter. SOURCE: SP 800-18 Maintenance activities conducted by individual…
View definition →Remote Rekeying
Procedure by which a distant crypto-equipment is rekeyed electrically. See Automatic Remote Rekeying and Manual Remote Rekeying. SOURCE: CNSSI-4009
View definition →Removable Media
Portable electronic storage media such as magnetic, optical, and solid-state devices, which can be inserted into and removed from a computing device, and that is used to store text…
View definition →Renew (a certificate)
The act or process of extending the validity of the data binding asserted by a public key certificate by issuing a new certificate. SOURCE: SP 800-32
View definition →Repair Action
NSA-approved change to a COMSEC end-item that does not affect the original characteristics of the end-item and is provided for optional application by holders. Repair actions are l…
View definition →Replay Attacks
An attack that involves the capture of transmitted authentication or access control information and its subsequent retransmission with the intent of producing an unauthorized effec…
View definition →Repository
A database containing information and data relating to certificates as specified in a CP; may also be referred to as a directory. SOURCE: SP 800-32
View definition →Reserve Keying Material
Key held to satisfy unplanned needs. See Contingency Key. SOURCE: CNSSI-4009
View definition →Residual Risk
body { font-family: 'Inter', sans-serif; } .gradient-bg { background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%); } .icon-bg { background-color: rgba(255, 255, 255, 0.5); }…
View definition →Residue
Data left in storage after information-processing operations are complete, but before degaussing or overwriting has taken place. SOURCE: CNSSI-4009
View definition →Resilience
The ability to quickly adapt and recover from any known or unknown changes to the environment through holistic implementation of risk management, contingency, and continuity planni…
View definition →Resource Encapsulation
Method by which the reference monitor mediates accesses to an information system resource. Resource is protected and not directly accessible by a subject. Satisfies requirement for…
View definition →Responder
The entity that responds to the initiator of the authentication exchange. SOURCE: FIPS 196
View definition →Responsibility to Provide
An information distribution approach whereby relevant essential information is made readily available and discoverable to the broadest possible pool of potential users. SOURCE: CNS…
View definition →Responsible Individual
A trustworthy person designated by a sponsoring organization to authenticate individual applicants seeking certificates on the basis of their affiliation with the sponsor. SOURCE:…
View definition →Restricted Data
All data concerning (i) design, manufacture, or utilization of atomic weapons; (ii) the production of special nuclear material; or (iii) the use of special nuclear material in the…
View definition →Revoke a Certificate
To prematurely end the operational period of a certificate effective at a specific date and time. SOURCE: SP 800-32
View definition →RFID
See Radio Frequency Identification.
View definition →Rijndael
Cryptographic algorithm specified in the Advanced Encryption Standard (AES). SOURCE: FIPS 197
View definition →Risk
The level of impact on organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals resulting from the operation of an info…
View definition →Risk Analysis
The process of identifying the risks to system security and determining the likelihood of occurrence, the resulting impact, and the additional safeguards that mitigate this impact.…
View definition →Risk Assessment
body { font-family: 'Inter', sans-serif; scroll-behavior: smooth; /* Smooth scrolling for anchor links */ } /* Custom styles for FAQ accordion */ .accordion-header { cursor: pointe…
View definition →Risk Assessment Methodology
A risk assessment process, together with a risk model, assessment approach, and analysis approach. SOURCE: SP 800-30
View definition →Risk Assessment Report
The report which contains the results of performing a risk assessment or the formal output from the process of assessing risk. SOURCE: SP 800-30
View definition →Risk Assessor
What is a Risk Assessor? The individual, group, or organization responsible for conducting a risk assessment. SOURCE: SP 800-30 The individual responsible for conducting assessment…
View definition →Risk Executive (or Risk Executive Function)
An individual or group within an organization that helps to ensure that: (i) security risk-related considerations for individual information systems, to include the authorization d…
View definition →Risk Management
body { font-family: 'Inter', sans-serif; scroll-behavior: smooth; /* Smooth scrolling for anchor links */ } /* Custom styles for FAQ accordion */ .accordion-header { cursor: pointe…
View definition →Risk Management Framework
What's a Risk Management Framework (RMF)? A risk management framework (RMF) is a set of guidelines and processes that help organizations identify and reduce risks. It can be used t…
View definition →Risk Mitigation
Prioritizing, evaluating, and implementing the appropriate riskreducing controls/countermeasures recommended from the risk management process. SOURCE: CNSSI-4009; SP 800-30; SP 800…
View definition →Risk Model
A key component of a risk assessment methodology (in addition to assessment approach and analysis approach) that defines key terms and assessable risk factors. SOURCE: SP 800-30
View definition →Risk Monitoring
Maintaining ongoing awareness of an organization’s risk environment, risk management program, and associated activities to support risk decisions. SOURCE: SP 800-30; SP 800-39
View definition →Risk Response
Accepting, avoiding, mitigating, sharing, or transferring risk to organizational operations (i.e., mission, functions, image, or reputation), organizational assets, individuals, ot…
View definition →Risk Response Measure
A specific action taken to respond to an identified risk. SOURCE: SP 800-39
View definition →Risk Tolerance
The level of risk an entity is willing to assume in order to achieve a potential desired result. SOURCE: SP 800-32 The defined impacts to an enterprise’s information systems that a…
View definition →Risk-Adaptable Access Control (RAdAC)
A form of access control that uses an authorization policy that takes into account operational need, risk, and heuristics. SOURCE: CNSSI-4009
View definition →Robust Security Network (RSN)
A wireless security network that only allows the creation of Robust Security Network Associations (RSNAs). SOURCE: SP 800-48
View definition →Robust Security Network Association (RSNA)
A logical connection between communicating IEEE 802.11 entities established through the IEEE 802.11i key management scheme, also known as the four-way handshake. SOURCE: SP 800-48
View definition →Robustness
The ability of an Information Assurance entity to operate correctly and reliably across a wide range of operational conditions, and to fail gracefully outside of that operational r…
View definition →Rogue Device
An unauthorized node on a network. SOURCE: SP 800-115
View definition →Role
A group attribute that ties membership to function. When an entity assumes a role, the entity is given certain rights that belong to that role. When the entity leaves the role, tho…
View definition →Role-Based Access Control – (RBAC)
What is Role-Based Access Control (RBAC)? A Plain-Language Guide for SMBs Role-Based Access Control (RBAC) is a security method that restricts network access based on a pers…
View definition →Root Cause Analysis
A principle-based, systems approach for the identification of underlying causes associated with a particular set of risks. SOURCE: SP 800-30; SP 800-39
View definition →Root Certification Authority
body { font-family: 'Inter', sans-serif; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } .tab-button.active { border-color: #2563eb; /* blue-600 */ color…
View definition →Rootkit
A set of tools used by an attacker after gaining root-level access to a host to conceal the attacker’s activities on the host and permit the attacker to maintain root-level access…
View definition →Round Key
Round keys are values derived from the Cipher Key using the Key Expansion routine; they are applied to the State in the Cipher and Inverse Cipher. SOURCE: FIPS 197
View definition →Rule-Based Security Policy
A security policy based on global rules imposed for all subjects. These rules usually rely on a comparison of the sensitivity of the objects being accessed and the possession of co…
View definition →Rules of Engagement (ROE)
Detailed guidelines and constraints regarding the execution of information security testing. The ROE is established before the start of a security test, and gives the test team aut…
View definition →Ruleset
A table of instructions used by a controlled interface to determine what data is allowable and how the data is handled between interconnected systems. SOURCE: SP 800-115; CNSSI-400…
View definition →S-box
Nonlinear substitution table used in several byte substitution transformations and in the Key Expansion routine to perform a onefor-one substitution of a byte value. SOURCE: FIPS 1…
View definition →S/MIME
A set of specifications for securing electronic mail. Secure/ Multipurpose Internet Mail Extensions (S/MIME) is based upon the widely used MIME standard and describes a protocol fo…
View definition →Safeguarding Statement
Statement affixed to a computer output or printout that states the highest classification being processed at the time the product was produced and requires control of the product,…
View definition →Safeguards
Protective measures prescribed to meet the security requirements (i.e., confidentiality, integrity, and availability) specified for an information system. Safeguards may include se…
View definition →Salt
A non-secret value that is used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an Attacker. SOURCE: SP 800-63;…
View definition →Sandboxing
A method of isolating application modules into distinct fault domains enforced by software. The technique allows untrusted programs written in an unsafe language, such as C, to be…
View definition →Sanitization
Process to remove information from media such that information recovery is not possible. It includes removing all labels, markings, and activity logs. SOURCE: FIPS 200 A general te…
View definition →SCADA
What is SCADA? In cybersecurity, SCADA (Supervisory Control and Data Acquisition) refers to the systems used in critical infrastructure. These are big systems like power grids, man…
View definition →Scanning
What is Scanning? A cyber scan is a cybersecurity process that identifies vulnerabilities in networks, applications, and APIs. Cyber scans can help organizations reduce the risk of…
View definition →Scatternet
A chain of piconets created by allowing one or more Bluetooth devices to each be a slave in one piconet and act as the master for another piconet simultaneously. A scatternet allow…
View definition →Scavenging
Searching through object residue to acquire data. SOURCE: CNSSI-4009
View definition →Scoping Guidance
A part of tailoring guidance providing organizations with specific policy/regulatory-related, technology-related, system component allocation-related, operational/environmental-rel…
View definition →Secret Key
A cryptographic key that is used with a secret-key (symmetric) cryptographic algorithm that is uniquely associated with one or more entities and is not made public. The use of the…
View definition →Secret Key (symmetric) Cryptographic Algorithm
A cryptographic algorithm that uses a single secret key for both encryption and decryption. SOURCE: FIPS 140-2 A cryptographic algorithm that uses a single key (i.e., a secret key)…
View definition →Secret Seed
A secret value used to initialize a pseudorandom number generator. SOURCE: CNSSI-4009
View definition →Secure Communication Protocol
A communication protocol that provides the appropriate confidentiality, authentication, and content-integrity protection. SOURCE: SP 800-57 Part 1; CNSSI-4009
View definition →Secure Communications
Telecommunications deriving security through use of NSA-approved products and/or Protected Distribution Systems. SOURCE: CNSSI-4009
View definition →Secure DNS (SECDNS)
Configuring and operating DNS servers so that the security goals of data integrity and source authentication are achieved and maintained. SOURCE: SP 800-81
View definition →Secure Erase
An overwrite technology using firmware-based process to overwrite a hard drive. Is a drive command defined in the ANSI ATA and SCSI disk drive interface specifications, which runs…
View definition →Secure Hash Algorithm (SHA)
A hash algorithm with the property that is computationally infeasible 1) to find a message that corresponds to a given message digest, or 2) to find two different messages that pro…
View definition →Secure Hash Standard
This Standard specifies secure hash algorithms -SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 -for computing a condensed representation of electronic data…
View definition →Secure Socket Layer (SSL)
A protocol used for protecting private information during transmission via the Internet. Note: SSL works by using a public key to encrypt data that's transferred over the SSL conne…
View definition →Secure State
Condition in which no subject can access any object in an unauthorized manner. SOURCE: CNSSI-4009
View definition →Secure Subsystem
Subsystem containing its own implementation of the reference monitor concept for those resources it controls. Secure subsystem must depend on other controls and the base operating…
View definition →Secure/Multipurpose Internet Mail Extensions (S/MIME)
A set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard [MIME] and describes a protocol for adding cryptographic security services…
View definition →Security
A condition that results from the establishment and maintenance of protective measures that enable an enterprise to perform its mission or critical functions despite risks posed by…
View definition →Security Assertion Markup Language (SAML)
An XML-based security specification developed by the Organization for the Advancement of Structured Information Standards (OASIS) for exchanging authentication (and authorization)…
View definition →Security Association
A relationship established between two or more entities to enable them to protect data they exchange. SOURCE: CNSSI-4009
View definition →Security Attribute
A security-related quality of an object. Security attributes may be represented as hierarchical levels, bits in a bit map, or numbers. Compartments, caveats, and release markings a…
View definition →Security Authorization
See Authorization.
View definition →Security Authorization (To Operate)
See Authorization (to operate). SOURCE: CNSSI-4009
View definition →Security Authorization Boundary
See Authorization Boundary.
View definition →Security Automation Domain
An information security area that includes a grouping of tools, technologies, and data. SOURCE: SP 800-137
View definition →Security Banner
A banner at the top or bottom of a computer screen that states the overall classification of the system in large, bold type. Also can refer to the opening screen that informs users…
View definition →Security Categorization
The process of determining the security category for information or an information system. See Security Category. SOURCE: SP 800-53 The process of determining the security category…
View definition →Security Category
The characterization of information or an information system based on an assessment of the potential impact that a loss of confidentiality, integrity, or availability of such infor…
View definition →Security Concept of Operations (Security CONOP)
A security-focused description of an information system, its operational policies, classes of users, interactions between the system and its users, and the system’s contribution to…
View definition →Security Content Automation Protocol (SCAP)
A method for using specific standardized testing methods to enable automated vulnerability management, measurement, and policy compliance evaluation against a standardized set of s…
View definition →Security Control Assessment
The testing and/or evaluation of the management, operational, and technical security controls in an information system to determine the extent to which the controls are implemented…
View definition →Security Control Assessor
The individual, group, or organization responsible for conducting a security control assessment. SOURCE: SP 800-37; SP 800-53A
View definition →Security Control Baseline
The set of minimum security controls defined for a low-impact, moderate-impact, or high-impact information system. SOURCE: SP 800-53; FIPS 200 One of the sets of minimum security c…
View definition →Security Control Effectiveness
The measure of correctness of implementation (i.e., how consistently the control implementation complies with the security plan) and how well the security plan meets organizational…
View definition →Security Control Enhancements
Statements of security capability to 1) build in additional, but related, functionality to a basic control; and/or 2) increase the strength of a basic control. SOURCE: CNSSI-4009;…
View definition →Security Control Inheritance
A situation in which an information system or application receives protection from security controls (or portions of security controls) that are developed, implemented, assessed, a…
View definition →Security Controls
The management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availa…
View definition →Security Controls Baseline
Baseline security controls are the fundamental, minimum security measures an organization implements to protect its information systems and data, ensuring confidentiality, integrit…
View definition →Security Domain
A set of subjects, their information objects, and a common security policy. SOURCE: SP 800-27 A collection of entities to which applies a single security policy executed by a singl…
View definition →Security Engineering
An interdisciplinary approach and means to enable the realization of secure systems. It focuses on defining customer needs, security protection requirements, and required functiona…
View definition →Security Fault Analysis (SFA)
An assessment, usually performed on information system hardware, to determine the security properties of a device when hardware fault is encountered. SOURCE: CNSSI-4009
View definition →Security Features Users Guide – (SFUG)
Guide or manual explaining how the security mechanisms in a specific system work. SOURCE: CNSSI-4009
View definition →Security Filter
A secure subsystem of an information system that enforces security policy on the data passing through it. SOURCE: CNSSI-4009
View definition →Security Functions
The hardware, software, and/or firmware of the information system responsible for enforcing the system security policy and supporting the isolation of code and data on which the pr…
View definition →Security Goals
The five security goals are confidentiality, availability, integrity, accountability, and assurance. SOURCE: SP 800-27
View definition →Security Impact Analysis
The analysis conducted by an organizational official to determine the extent to which changes to the information system have affected the security state of the system. SOURCE: SP 8…
View definition →Security Incident
See Incident.
View definition →Security Information and Event Management (SIEM) Tool
Application that provides the ability to gather security data from information system components and present that data as actionable information via a single interface. SOURCE: SP…
View definition →Security Inspection
Examination of an information system to determine compliance with security policy, procedures, and practices. SOURCE: CNSSI-4009
View definition →Security Kernel
Hardware, firmware, and software elements of a trusted computing base implementing the reference monitor concept. Security kernel must mediate all accesses, be protected from modif…
View definition →Security Label
The means used to associate a set of security attributes with a specific information object as part of the data structure for that object. SOURCE: SP 800-53 A marking bound to a re…
View definition →Security Level
A hierarchical indicator of the degree of sensitivity to a certain threat. It implies, according to the security policy being enforced, a specific level of protection. SOURCE: FIPS…
View definition →Security Management Dashboard
A tool that consolidates and communicates information relevant to the organizational security posture in near real-time to security management stakeholders. SOURCE: SP 800-128
View definition →Security Marking
Human-readable information affixed to information system components, removable media, or output indicating the distribution limitations, handling caveats, and applicable security m…
View definition →Security Markings
Human-readable indicators applied to a document, storage media, or hardware component to designate security classification, categorization, and/or handling restrictions applicable…
View definition →Security Mechanism
A device designed to provide one or more security services usually rated in terms of strength of service and assurance of the design. SOURCE: CNSSI-4009
View definition →Security Net Control Station
Management system overseeing and controlling implementation of network security policy. SOURCE: CNSSI-4009
View definition →Security Objective
Confidentiality, integrity, or availability. SOURCE: SP 800-53; SP 800-53A; SP 800-60; SP 800-37; FIPS 200; FIPS 199
View definition →Security Perimeter
See Authorization Boundary. A physical or logical boundary that is defined for a system, domain, or enclave, within which a particular security policy or security architecture is a…
View definition →Security Plan
Formal document that provides an overview of the security requirements for an information system or an information security program and describes the security controls in place or…
View definition →Security Policy
What is a Security Policy? A security policy is a document outlining an organization's rules, expectations, and approach to maintaining the confidentiality, integrity, and availabi…
View definition →Security Program Plan
Formal document that provides an overview of the security requirements for an organization-wide information security program and describes the program management security controls…
View definition →Security Range
Highest and lowest security levels that are permitted in or on an information system, system component, subsystem, or network. SOURCE: CNSSI-4009
View definition →Security Requirements
Requirements levied on an information system that are derived from applicable laws, Executive Orders, directives, policies, standards, instructions, regulations, or procedures, or…
View definition →Security Requirements Baseline
Description of the minimum requirements necessary for an information system to maintain an acceptable level of risk. SOURCE: CNSSI-4009
View definition →Security Safeguards
What are Security Safeguards? Security safeguards are protective measures and controls designed to safeguard information systems and assets from various threats, ensuring confident…
View definition →Security Service
A capability that supports one, or many, of the security goals. Examples of security services are key management, access control, and authentication. SOURCE: SP 800-27 A capability…
View definition →Security Specification
Detailed description of the safeguards required to protect an information system. SOURCE: CNSSI-4009
View definition →Security Strength
What is Security Strength? Security strength in cryptography refers to the amount of computational work required to break a particular cryptographic algorithm or system. It's often…
View definition →Security Tag
Information unit containing a representation of certain securityrelated information (e.g., a restrictive attribute bit map). SOURCE: FIPS 188
View definition →Security Target
Common Criteria specification that represents a set of security requirements to be used as the basis of an evaluation of an identified Target of Evaluation (TOE). SOURCE: CNSSI-400…
View definition →Security Test & Evaluation (ST&E)
Examination and analysis of the safeguards required to protect an information system, as they have been applied in an operational environment, to determine the security posture of…
View definition →Security Testing
Process to determine that an information system protects data and maintains functionality as intended. SOURCE: CNSSI-4009
View definition →Security-Relevant Change
Any change to a system’s configuration, environment, information content, functionality, or users which has the potential to change the risk imposed upon its continued operations.…
View definition →Security-Relevant Event
An occurrence (e.g., an auditable event or flag) considered to have potential security implications to the system or its environment that may require further action (noting, invest…
View definition →Security-Relevant Information
Any information within the information system that can potentially impact the operation of security functions in a manner that could result in failure to enforce the system securit…
View definition →Seed Key
Initial key used to start an updating or key generation process. SOURCE: CNSSI-4009
View definition →Semi-Quantitative Assessment
Use of a set of methods, principles, or rules for assessing risk based on bins, scales, or representative numbers whose values and meanings are not maintained in other contexts. SO…
View definition →Sender Policy Framework (SPF)
SPF (Sender Policy Framework) is an email authentication protocol that helps prevent email spoofing by verifying that incoming emails originate from authorized servers listed in a…
View definition →Senior Agency Information Security Officer (SAISO)
Official responsible for carrying out the Chief Information Officer responsibilities under the Federal Information Security Management Act (FISMA) and serving as the Chief Informat…
View definition →Senior Information Security Officer
See Senior Agency Information Security Officer
View definition →Sensitive Compartmented Information (SCI)
Classified information concerning or derived from intelligence sources, methods, or analytical processes, which is required to be handled within formal access control systems estab…
View definition →Sensitive Compartmented Information Facility (SCIF)
What is a SCIF? SCIF stands for Sensitive Compartmented Information Facility. It's a secure area where sensitive classified information can be stored, processed, or discussed. SCIF…
View definition →Sensitive Information
Information, the loss, misuse, or unauthorized access to or modification of, that could adversely affect the national interest or the conduct of federal programs, or the privacy to…
View definition →Sensitivity
A measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection. SOURCE: SP 800-60; CNSSI-4009
View definition →Sensitivity Label
Information representing elements of the security label(s) of a subject and an object. Sensitivity labels are used by the trusted computing base (TCB) as the basis for mandatory ac…
View definition →Service-Level Agreement
Defines the specific responsibilities of the service provider and sets the customer expectations. SOURCE: CNSSI-4009
View definition →Shared Secret
A secret used in authentication that is known to the Claimant and the Verifier. SOURCE: SP 800-63
View definition →Shielded Enclosure
Room or container designed to attenuate electromagnetic radiation, acoustic signals, or emanations. SOURCE: CNSSI-4009
View definition →Short Title
Identifying combination of letters and numbers assigned to certain COMSEC materials to facilitate handling, accounting, and controlling. SOURCE: CNSSI-4009
View definition →Signature
A recognizable, distinguishing pattern associated with an attack, such as a binary string in a virus or a particular set of keystrokes used to gain unauthorized access to a system.…
View definition →Signature Certificate
A public key certificate that contains a public key intended for verifying digital signatures rather than encrypting data or performing any other cryptographic functions. SOURCE: S…
View definition →Signature Generation
Uses a digital signature algorithm and a private key to generate a digital signature on data. SOURCE: SP 800-57 Part 1 The process of using a digital signature algorithm and a priv…
View definition →Signature Validation
The (mathematical) verification of the digital signature and obtaining the appropriate assurances (e.g., public key validity, private key possession, etc.). SOURCE: FIPS 186
View definition →Signature Verification
The use of a digital signature algorithm and a public key to verify a digital signature on data. SOURCE: SP 800-57 Part 1 The process of using a digital signature algorithm and a p…
View definition →Signed Data
Data on which a digital signature is generated. SOURCE: FIPS 196
View definition →Single Point Keying
Means of distributing key to multiple, local crypto equipment or devices from a single fill point. SOURCE: CNSSI-4009
View definition →Single-Hop Problem
The security risks resulting from a mobile software agent moving from its home platform to another platform. SOURCE: SP 800-19
View definition →Situational Awareness
Within a volume of time and space, the perception of an enterprise’s security posture and its threat environment; the comprehension/meaning of both taken together (risk); and the p…
View definition →Skimming
The unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag. SOURCE: SP 800-98
View definition →Smart Card
A credit card-sized card with embedded integrated circuits that can store, process, and communicate information. SOURCE: CNSSI-4009
View definition →Smishing
body { font-family: 'Inter', sans-serif; } .chart-container { position: relative; width: 100%; max-width: 450px; margin-left: auto; margin-right: auto; height: 350px; max-height: 4…
View definition →Sniffer
See Packet Sniffer or Passive Wiretapping.
View definition →Social Engineering
An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks. SOURCE: SP 800-61 A general term for attackers trying to t…
View definition →Software
Computer programs and associated data that may be dynamically written or modified during execution. SOURCE: CNSSI-4009
View definition →Software Assurance
Level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that…
View definition →Software System Test and Evaluation Process
Process that plans, develops, and documents the qualitative/quantitative demonstration of the fulfillment of all baseline functional performance, operational, and interface require…
View definition →Software-Based Fault Isolation
What is Software-Based Fault Isolation? Software-Based Fault Isolation (SFI) is a technique that protects software systems by creating isolated compartments or "sandboxes" (see mor…
View definition →Source Code
What is Source Code? Source Code is the plain text instructions written by programmers using a specific programming language, like C++, Python, or HTML. It's the foundation of soft…
View definition →Spam
The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. SOURCE: SP 800-53 Unsolicited bulk commercial email messages. SOURCE: SP 800-45 Electr…
View definition →Spam Filtering Software
A program that analyzes emails to look for characteristics of spam, and typically places messages that appear to be spam in a separate email folder. SOURCE: SP 800-69
View definition →Special Access Program (SAP)
A program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the sa…
View definition →Special Access Program Facility – (SAPF)
Facility formally accredited by an appropriate agency in accordance with DCID 6/9 in which SAP information may be processed. SOURCE: CNSSI-4009
View definition →Special Character
Any non-alphanumeric character that can be rendered on a standard American-English keyboard. Use of a specific special character may be application-dependent. The list of special c…
View definition →Specification
An assessment object that includes document-based artifacts (e.g., policies, procedures, plans, system security requirements, functional specifications, and architectural designs)…
View definition →Spillage
Security incident that results in the transfer of classified or CUI information onto an information system not accredited (i.e., authorized) for the appropriate security level. SOU…
View definition →Split Knowledge
A procedure by which a cryptographic key is split into n multiple key components, individually providing no knowledge of the original key, which can be subsequently combined to rec…
View definition →Spoofing
“IP spoofing” refers to sending a network packet that appears to come from a source other than its actual source. SOURCE: SP 800-48 Involves— 1) the ability to receive a message by…
View definition →Spread Spectrum
Telecommunications techniques in which a signal is transmitted in a bandwidth considerably greater than the frequency content of the original information. Frequency hopping, direct…
View definition →Spyware
Software that is secretly or surreptitiously installed into an information system to gather information on individuals or organizations without their knowledge; a type of malicious…
View definition →SRTM- Security Requirements Traceability Matrix
This Security Requirements Traceability Matrix (SRTM) workbook is to be used to document the test results from a 3PAO assessment. Definition: SRTM is a Matrix that captures all sec…
View definition →SSL
See Secure Sockets Layer.
View definition →Standard
A published statement on a topic specifying characteristics, usually measurable, that must be satisfied or achieved in order to comply with the standard. SOURCE: FIPS 201
View definition →Start-Up KEK
Key-encryption-key held in common by a group of potential communicating entities and used to establish ad hoc tactical networks. SOURCE: CNSSI-4009
View definition →State
Intermediate Cipher result that can be pictured as a rectangular array of bytes. SOURCE: FIPS 197
View definition →Static Key
A key that is intended for use for a relatively long period of time and is typically intended for use in many instances of a cryptographic key establish scheme SOURCE: SP 800-57 Pa…
View definition →Status Monitoring
Monitoring the information security metrics defined by the organization in the information security ISCM strategy. SOURCE: SP 800-137
View definition →Steganography
The art and science of communicating in a way that hides the existence of the communication. For example, a child pornography image can be hidden inside another graphic image file,…
View definition →Storage Object
Object supporting both read and write accesses to an information system. SOURCE: CNSSI-4009
View definition →Strength of Mechanism (SoM)
A scale for measuring the relative strength of a security mechanism. SOURCE: CNSSI-4009
View definition →Striped Core
A network architecture in which user data traversing a core IP network is decrypted, filtered and re-encrypted one or more times. Note: The decryption, filtering, and re-encryption…
View definition →Strong Authentication
The requirement to use multiple factors for authentication and advanced technology, such as dynamic passwords or digital certificates, to verify an entity’s identity. SOURCE: CNSSI…
View definition →Subassembly
Major subdivision of an assembly consisting of a package of parts, elements, and circuits that perform a specific function. SOURCE: CNSSI-4009
View definition →Subject
Generally an individual, process, or device causing information to flow among objects or changes to the system state. See Object. SOURCE: SP 800-53 An active entity (generally an i…
View definition →Subject Security Level
Sensitivity label(s) of the objects to which the subject has both read and write access. Security level of a subject must always be dominated by the clearance level of the user ass…
View definition →Subordinate Certification Authority
In a hierarchical PKI, a Certification Authority whose certificate signature key is certified by another CA, and whose activities are constrained by that other CA. SOURCE: SP 800-3…
View definition →Subscriber
A party who receives a credential or token from a CSP (Credentials Service Provider) and becomes a claimant in an authentication protocol. SOURCE: CNSSI-4009 A party who receives a…
View definition →Subsystem
A major subdivision or component of an information system consisting of information, information technology, and personnel that perform one or more specific functions. SOURCE: SP 8…
View definition →Suite A
A specific set of classified cryptographic algorithms used for the protection of some categories of restricted mission-critical information. SOURCE: CNSSI-4009
View definition →Suite B
A specific set of cryptographic algorithms suitable for protecting national security systems and information throughout the U.S. government and to support interoperability with all…
View definition →Superencryption
Process of encrypting encrypted information. Occurs when a message, encrypted off-line, is transmitted over a secured, online circuit, or when information encrypted by the originat…
View definition →Superior Certification Authority
In a hierarchical PKI, a Certification Authority who has certified the certificate signature key of another CA, and who constrains the activities of that CA. SOURCE: SP 800-32; CNS…
View definition →Supersession
Scheduled or unscheduled replacement of COMSEC material with a different edition. SOURCE: CNSSI-4009
View definition →Supervisory Control and Data Acquisition (SCADA)
A generic name for a computerized system that is capable of gathering and processing data and applying operational controls over long distances. Typical uses include power transmis…
View definition →Supplementation (Security Controls)
The process of adding security controls or control enhancements to a security control baseline from NIST Special Publication 800-53 or CNSS Instruction 1253 in order to adequately…
View definition →Supplementation (Assessment Procedures)
The process of adding assessment procedures or assessment details to assessment procedures in order to adequately meet the organization’s risk management needs. SOURCE: SP 800-53A
View definition →Supply Chain
A system of organizations, people, activities, information, and resources, possibly international in scope, that provides products or services to consumers. SOURCE: SP 800-53; CNSS…
View definition →Supply Chain Attack
What is a Supply Chain Attack? A supply chain attack is a cyberattack that targets an organization's trusted third-party vendors or partners in order to compromise their digital in…
View definition →Suppression Measure
Action, procedure, modification, or device that reduces the level of, or inhibits the generation of, compromising emanations in an information system. SOURCE: CNSSI-4009
View definition →Surrogate Access
See Discretionary Access Control.
View definition →Syllabary
List of individual letters, combination of letters, or syllables, with their equivalent code groups, used for spelling out words or proper names not present in the vocabulary of a…
View definition →Symmetric Encryption Algorithm
Encryption algorithms using the same secret key for encryption and decryption. SOURCE: SP 800-49; CNSSI-4009
View definition →Symmetric Key
A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt and decrypt, or create a message authentication code and to ver…
View definition →Synchronous Crypto-Operation
Encryption algorithms using the same secret key for encryption and decryption. SOURCE: CNSSI-4009
View definition →System
See Information System. Any organized assembly of resources and procedures united and regulated by interaction or interdependence to accomplish a set of specific functions. SOURCE:…
View definition →System Administrator
A person who manages the technical aspects of a system. SOURCE: SP 800-40 Individual responsible for the installation and maintenance of an information system, providing effective…
View definition →System Assets
Any software, hardware, data, administrative, physical, communications, or personnel resource within an information system. SOURCE: CNSSI-4009
View definition →System Development Methodologies
Methodologies developed through software engineering to manage the complexity of system development. Development methodologies include software engineering aids and high-level desi…
View definition →System Development Life Cycle (SDLC)
The scope of activities associated with a system, encompassing the system’s initiation, development and acquisition, implementation, operation and maintenance, and ultimately its d…
View definition →System High
Highest security level supported by an information system. SOURCE: CNSSI-4009
View definition →System High Mode
Information systems security mode of operation wherein each user, with direct or indirect access to the information system, its peripherals, remote terminals, or remote hosts, has…
View definition →System Indicator
Symbol or group of symbols in an off-line encrypted message identifying the specific cryptosystem or key used in the encryption. SOURCE: CNSSI-4009
View definition →System Integrity
The quality that a system has when it performs its intended function in an unimpaired manner, free from unauthorized manipulation of the system, whether intentional or accidental.…
View definition →System Interconnection
The direct connection of two or more IT systems for the purpose of sharing data and other information resources. SOURCE: SP 800-47; CNSSI-4009
View definition →System Low
Lowest security level supported by an information system. SOURCE: CNSSI-4009
View definition →System Of Records
A group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying…
View definition →System Owner
Person or organization having responsibility for the development, procurement, integration, modification, operation and maintenance, and/or final disposition of an information syst…
View definition →System Profile
Detailed security description of the physical structure, equipment component, location, relationships, and general operating environment of an information system. SOURCE: CNSSI-400…
View definition →System Security
See Information System Security.
View definition →System Security Plan
Formal document that provides an overview of the security requirements for the information system and describes the security controls in place or planned for meeting those requirem…
View definition →System Software
The special software within the cryptographic boundary (e.g., operating system, compilers or utility programs) designed for a specific computer system or family of computer systems…
View definition →System-Specific Security Control
A security control for an information system that has not been designated as a common security control or the portion of a hybrid control that is to be implemented within an inform…
View definition →Systems Security Engineering
See Information Systems Security Engineering
View definition →Systems Security Officer
See Information Systems Security Officer
View definition →Tabletop Exercise
A discussion-based exercise where personnel with roles and responsibilities in a particular IT plan meet in a classroom setting or in breakout groups to validate the content of the…
View definition →Tactical Data
Information that requires protection from disclosure and modification for a limited duration as determined by the originator or information owner. SOURCE: CNSSI-4009
View definition →Tactical Edge
The platforms, sites, and personnel (U. S. military, allied, coalition partners, first responders) operating at lethal risk in a battle space or crisis environment characterized by…
View definition →Tailored Security Control Baseline
A set of security controls resulting from the application of tailoring guidance to the security control baseline. See Tailoring. SOURCE: SP 800-37; SP 800-53; SP 800-53A
View definition →Tailoring
The process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed;…
View definition →Tailoring (Assessment Procedures)
The process by which assessment procedures defined in Special Publication 800-53A are adjusted, or scoped, to match the characteristics of the information system under assessment,…
View definition →Tampering
An intentional event resulting in modification of a system, its intended behavior, or data. SOURCE: CNSSI-4009
View definition →Technical Controls
The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms conta…
View definition →Technical Non-repudiation
The contribution of public key mechanisms to the provision of technical evidence supporting a non-repudiation security service. SOURCE: SP 800-32
View definition →Technical Reference Model(TRM)
A component-driven, technical framework that categorizes the standards and technologies to support and enable the delivery of service components and capabilities. SOURCE: CNSSI-400…
View definition →Technical Security Controls
Security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained…
View definition →Technical Vulnerability Information
body { font-family: 'Inter', sans-serif; background-color: #0c1427; /* Dark blue background */ color: #E0E0E0; } .gradient-bg { background: linear-gradient(135deg, rgba(22, 163, 74…
View definition →Telecommunications
Preparation, transmission, communication, or related processing of information (writing, images, sounds, or other data) by electrical, electromagnetic, electromechanical, electro-o…
View definition →Telework
The ability for an organization’s employees and contractors to perform work from locations other than the organization’s facilities. SOURCE: SP 800-46
View definition →Tempest
A name referring to the investigation, study, and control of unintentional compromising emanations from telecommunications and automated information systems equipment. SOURCE: FIPS…
View definition →TEMPEST
A name referring to the investigation, study, and control of compromising emanations from telecommunications and automated information systems equipment. SOURCE: CNSSI-4009
View definition →TEMPEST Test
Laboratory or on-site test to determine the nature of compromising emanations associated with an information system. SOURCE: CNSSI-4009
View definition →TEMPEST Zone
Designated area within a facility where equipment with appropriate TEMPEST characteristics (TEMPEST zone assignment) may be operated. SOURCE: CNSSI-4009
View definition →Tennessee Data Breach Law
body { font-family: sans-serif; line-height: 1.6; margin: 20px; } h1, h2, h3 { color: #333; } a { color: #007bff; text-decoration: none; } a:hover { text-decoration: underline; } .…
View definition →Test
A type of assessment method that is characterized by the process of exercising one or more assessment objects under specified conditions to compare actual with expected behavior, t…
View definition →Test Key
Key intended for testing of COMSEC equipment or systems. SOURCE: CNSSI-4009
View definition →Third-Party Risk Management (TPRM)
What is Third-Party Risk Management (TPRM)? Third-Party Risk Management (TPRM) is one of the most important cybersecurity issues of our time. In early 2025, The World Economic Foru…
View definition →Threat
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals,…
View definition →Threat Analysis
The examination of threat sources against system vulnerabilities to determine the threats for a particular system in a particular operational environment. SOURCE: SP 800-27 See Thr…
View definition →Threat Assessment
Formal description and evaluation of threat to an information system. SOURCE: SP 800-53; SP 800-18 Process of formally evaluating the degree of threat to an information system or e…
View definition →Threat Event
An event or situation that has the potential for causing undesirable consequences or impact. SOURCE: SP 800-30
View definition →Threat Identification
What is Threat Identification? Threat identification is the process of recognizing potential dangers to a system, often done through methods like vulnerability scanning, insider th…
View definition →Threat Monitoring
Analysis, assessment, and review of audit trails and other information collected for the purpose of searching out system events that may constitute violations of system security. S…
View definition →Threat Scenario
A set of discrete threat events, associated with a specific threat source or multiple threat sources, partially ordered in time. SOURCE: SP 800-30
View definition →Threat Shifting
Response from adversaries to perceived safeguards and/or countermeasures (i.e., security controls), in which the adversaries change some characteristic of their intent to do harm i…
View definition →Threat Source
The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Ag…
View definition →Time Bomb
Resident computer program that triggers an unauthorized act at a predefined time. SOURCE: CNSSI-4009
View definition →Time-Compliance Date
Date by which a mandatory modification to a COMSEC end-item must be incorporated if the item is to remain approved for operational use. SOURCE: CNSSI-4009
View definition →Time-Dependent Password
Password that is valid only at a certain time of day or during a specified interval of time. SOURCE: CNSSI-4009
View definition →TOE Security Functions (TSF)
Set consisting of all hardware, software, and firmware of the TOE that must be relied upon for the correct enforcement of the TOE Security Policy (TSP). SOURCE: CNSSI-4009
View definition →TOE Security Policy (TSP)
What Is TOE Security Policy (TSP)? Definition: Set of rules that regulate how assets are managed, protected, and distributed within the TOE. SOURCE: CNSSI-4009 Overview of t…
View definition →Token
Something that the Claimant possesses and controls (typically a key or password) that is used to authenticate the Claimant’s identity. SOURCE: SP 800-63 Something that the claimant…
View definition →Total Risk
The potential for the occurrence of an adverse event if no mitigating action is taken (i.e., the potential for any applicable threat to exploit a system vulnerability). SOURCE: SP…
View definition →Tracking Cookie
A cookie placed on a user’s computer to track the user’s activity on different Web sites, creating a detailed profile of the user’s behavior. SOURCE: SP 800-83
View definition →Tradecraft Identity
An identity used for the purpose of work-related interactions that may or may not be synonymous with an individual’s true identity. SOURCE: CNSSI-4009
View definition →Traditional INFOSEC Program
Program in which NSA acts as the central procurement agency for the development and, in some cases, the production of INFOSEC items. This includes the Authorized Vendor Program. Mo…
View definition →Traffic Analysis
A form of passive attack in which an intruder observes information about calls (although not necessarily the contents of the messages) and makes inferences, e.g., from the source a…
View definition →Traffic Encryption Key (TEK)
Key used to encrypt plain text or to superencrypt previously encrypted text and/or to decrypt cipher text. SOURCE: CNSSI-4009
View definition →Traffic Padding
Generation of mock communications or data units to disguise the amount of real data units being sent. SOURCE: CNSSI-4009
View definition →Traffic-Flow Security (TFS)
Techniques to counter Traffic Analysis. SOURCE: CNSSI-4009
View definition →Training (Information Security)
Training strives to produce relevant and needed (information) security skills and competencies. SOURCE: SP 800-50
View definition →Training Assessment
An evaluation of the training efforts. SOURCE: SP 800-16
View definition →Training Effectiveness
A measurement of what a given student has learned from a specific course or training event. SOURCE: SP 800-16
View definition →Training Effectiveness Evaluation
Information collected to assist employees and their supervisors in assessing individual students’ subsequent on-the-job performance, to provide trend data to assist trainers in imp…
View definition →Tranquility
Property whereby the security level of an object cannot change while the object is being processed by an information system. SOURCE: CNSSI-4009
View definition →Transmission
The state that exists when information is being electronically sent from one location to one or more other locations. SOURCE: CNSSI-4009
View definition →Transmission Security (TRANSEC)
Measures (security controls) applied to transmissions in order to prevent interception, disruption of reception, communications deception, and/or derivation of intelligence by anal…
View definition →Transport Layer Security (TLS)
An authentication and security protocol widely implemented in browsers and Web servers. SOURCE: SP 800-63
View definition →Trap Door
1. A means of reading cryptographically protected information by the use of private knowledge of weaknesses in the cryptographic algorithm used to protect the data. 2. In cryptogra…
View definition →Triple DES
An implementation of the Data Encryption Standard (DES) algorithm that uses three passes of the DES algorithm instead of one as used in ordinary DES applications. Triple DES provid…
View definition →Trojan Horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitim…
View definition →Trust Agent
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px;…
View definition →Trust Anchor
A public key and the name of a certification authority that is used to validate the first certificate in a sequence of certificates. The trust anchor’s public key is used to verify…
View definition →Trust List
The collection of trusted certificates used by Relying Parties to authenticate other certificates. SOURCE: SP 800-32; CNSSI-4009
View definition →Trusted Agent
A "trusted agent" is a concept used in various contexts, primarily within security and access control systems, as well as in the legal and financial realms. In essence, a trusted a…
View definition →Trusted Certificate
A certificate that is trusted by the Relying Party on the basis of secure and authenticated delivery. The public keys included in trusted certificates are used to start certificati…
View definition →Trusted Channel
A channel where the endpoints are known and data integrity is protected in transit. Depending on the communications protocol used, data privacy may be protected in transit. Example…
View definition →Trusted Computer System
A system that employs sufficient hardware and software assurance measures to allow its use for processing simultaneously a range of sensitive or classified information. SOURCE: CNS…
View definition →Trusted Computing Base (TCB)
Totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination responsible for enforcing a security policy. SOURCE: CNSSI-4…
View definition →Trusted Distribution
Method for distributing trusted computing base (TCB) hardware, software, and firmware components that protects the TCB from modification during distribution. SOURCE: CNSSI-4009
View definition →Trusted Foundry
Facility that produces integrated circuits with a higher level of integrity assurance. SOURCE: CNSSI-4009
View definition →Trusted Identification Forwarding
Identification method used in information system networks whereby the sending host can verify an authorized user on its system is attempting a connection to another host. The sendi…
View definition →Trusted Path
A mechanism by which a user (through an input device) can communicate directly with the security functions of the information system with the necessary confidence to support the sy…
View definition →Trusted Platform Module (TPM) Chip
A tamper-resistant integrated circuit built into some computer motherboards that can perform cryptographic operations (including key generation) and protect small amounts of sensit…
View definition →Trusted Process
Process that has been tested and verified to operate only as intended. SOURCE: CNSSI-4009
View definition →Trusted Recovery
Ability to ensure recovery without compromise after a system failure. SOURCE: CNSSI-4009
View definition →Trusted Timestamp
A digitally signed assertion by a trusted authority that a specific digital object existed at a particular time. SOURCE: SP 800-32; CNSSI-4009
View definition →Trustworthiness
The attribute of a person or organization that provides confidence to others of the qualifications, capabilities, and reliability of that entity to perform specific tasks and fulfi…
View definition →Trustworthy System
Computer hardware, software and procedures that— 1) are reasonably secure from intrusion and misuse; 2) provide a reasonable level of availability, reliability, and correct operati…
View definition →TSEC
Telecommunications Security. SOURCE: CNSSI-4009
View definition →TSEC Nomenclature
System for identifying the type and purpose of certain items of COMSEC material. SOURCE: CNSSI-4009
View definition →Tunneling
Technology enabling one network to send its data via another network’s connections. Tunneling works by encapsulating a network protocol within packets carried by the second network…
View definition →Two-Part Code
What is Two Part-Code? A "Two-Part Code" in cryptography refers to a code system that uses two separate codebooks, one for encoding and one for decoding. This system enhances secur…
View definition →Two-Person Control (TPC)
Continuous surveillance and control of positive control material at all times by a minimum of two authorized individuals, each capable of detecting incorrect and unauthorized proce…
View definition →Two-Person Integrity (TPI)
System of storage and handling designed to prohibit individual access by requiring the presence of at least two authorized individuals, each capable of detecting incorrect or unaut…
View definition →Type 1 Key
Generated and distributed under the auspices of NSA for use in a cryptographic device for the protection of national security information. SOURCE: CNSSI-4009, as modified
View definition →Type 1 Product
Cryptographic equipment, assembly or component classified or certified by NSA for encrypting and decrypting national security information when appropriately keyed. Developed using…
View definition →Type 2 Key
Generated and distributed under the auspices of NSA for use in a cryptographic device for the protection of unclassified information. SOURCE: CNSSI-4009, as modified
View definition →Type 2 Product
Cryptographic equipment, assembly, or component certified by NSA for encrypting or decrypting sensitive information when appropriately keyed. Developed using established NSA busine…
View definition →Type 3 Key
Used in a cryptographic device for the protection of unclassified sensitive information, even if used in a Type 1 or Type 2 product. SOURCE: CNSSI-4009
View definition →Type 3 Product
Unclassified cryptographic equipment, assembly, or component used, when appropriately keyed, for encrypting or decrypting unclassified sensitive U.S. government or commercial infor…
View definition →Type 4 Key
Used by a cryptographic device in support of its Type 4 functionality, i.e., any provision of key that lacks U.S. government endorsement or oversight. SOURCE: CNSSI-4009
View definition →Type 4 Product
Unevaluated commercial cryptographic equipment, assemblies, or components that neither NSA nor NIST certify for any government usage. These products are typically delivered as part…
View definition →Type Accreditation
A form of accreditation that is used to authorize multiple instances of a major application or general support system for operation at approved locations with the same type of comp…
View definition →Type Certification
The certification acceptance of replica information systems based on the comprehensive evaluation of the technical and nontechnical security features of an information system and o…
View definition →U.S. Person
Federal law and Executive Order define a U.S. Person as: a citizen of the United States; an alien lawfully admitted for permanent residence; an unincorporated association with a su…
View definition →U.S.-Controlled Facility
Base or building to which access is physically controlled by U.S. individuals who are authorized U.S. government or U.S. government contractor employees. SOURCE: CNSSI-4009
View definition →U.S.-Controlled Space
Room or floor within a facility that is not a U.S.-controlled facility, access to which is physically controlled by U.S. individuals who are authorized U.S. government or U.S. gove…
View definition →Unauthorized Access
Occurs when a user, legitimate or unauthorized, accesses a resource that the user is not permitted to use. SOURCE: FIPS 191 Any access that violates the stated security policy. SOU…
View definition →Unauthorized Disclosure
An event involving the exposure of information to entities not authorized access to the information. SOURCE: SP 800-57 Part 1; CNSSI-4009
View definition →Unclassified
Information that has not been determined pursuant to E.O. 12958, as amended, or any predecessor order, to require protection against unauthorized disclosure and that is not designa…
View definition →United States Government Configuration Baseline (USGCB)
The United States Government Configuration Baseline (USGCB) provides security configuration baselines for Information Technology products widely deployed across the federal agencie…
View definition →Unsigned data
Data included in an authentication token, in addition to a digital signature. SOURCE: FIPS 196
View definition →Untrusted Process
Process that has not been evaluated or examined for correctness and adherence to the security policy. It may include incorrect or malicious code that attempts to circumvent the sec…
View definition →Update (a Certificate)
The act or process by which data items bound in an existing public key certificate, especially authorizations granted to the subject, are changed by issuing a new certificate. SOUR…
View definition →Update (key)
Automatic or manual cryptographic process that irreversibly modifies the state of a COMSEC key. SOURCE: CNSSI-4009
View definition →US-CERT
A partnership between the Department of Homeland Security and the public and private sectors, established to protect the nation's Internet infrastructure. US-CERT coordinates defen…
View definition →User
Individual or (system) process authorized to access an information system. SOURCE: FIPS 200 Individual, or (system) process acting on behalf of an individual, authorized to access…
View definition →User ID
Unique symbol or character string used by an information system to identify a specific user. SOURCE: CNSSI-4009
View definition →User Initialization
A function in the life cycle of keying material; the process whereby a user initializes its cryptographic application (e.g., installing and initializing software and hardware). SOU…
View definition →User Partnership Program (UPP)
Partnership between the NSA and a U.S. government agency to facilitate development of secure information system equipment incorporating NSA-approved cryptography. The result of thi…
View definition →User Registration
A function in the life cycle of keying material; a process whereby an entity becomes a member of a security domain. SOURCE: SP 800-57 Part 1
View definition →User Representative (COMSEC)
Individual authorized by an organization to order COMSEC keying material and interface with the keying system, provide information to key users, and ensure the correct type of key…
View definition →User Representative (Risk Management)
What's a User Representative in cybersecurity? In basic cybersecurity, a User Representative is basically a person who acts on behalf of the users of a system or service to ensure…
View definition →Valid Data Element
A payload, an associated data string, or a nonce that satisfies the restrictions of the formatting function. SOURCE: SP 800-38C
View definition →Validation
The process of demonstrating that the system under consideration meets in all respects the specification of that system. SOURCE: FIPS 201 Confirmation (through the provision of str…
View definition →Variant
One of two or more code symbols having the same plain text equivalent. SOURCE: CNSSI-4009
View definition →Verification
Confirmation, through the provision of objective evidence, that specified requirements have been fulfilled (e.g., an entity’s requirements have been correctly defined, or an entity…
View definition →Verified Name
A Subscriber name that has been verified by identity proofing. SOURCE: SP 800-63
View definition →Verifier
What's a Verifier? Definitions An entity that verifies the Claimant’s identity by verifying the Claimant’s possession and control of a token using an authentication protocol. To do…
View definition →Verifier
Whats a Verifier? In cybersecurity, a verifier is an entity that checks the authenticity or validity of something, often a digital signature or credential. It confirms that a claim…
View definition →Verifier Impersonation Attack
A Verifier Impersonation Attack is a type of impersonation attack where a perpetrator pretends to be a legitimate authentication server (verifier). This tricks users into revealing…
View definition →Virtual Machine (VM)
Software that allows a single host to run one or more guest operating systems. SOURCE: SP 800-115
View definition →Virtual Private Network (VPN)
A virtual network, built on top of existing physical networks, that provides a secure communications tunnel for data and other information transmitted between networks. SOURCE: SP…
View definition →Virus
A computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to…
View definition →Vishing
Vishing in Cybersecurity: Understanding Voice Phishing Attacks What is Vishing in Cybersecurity? Vishing (a portmanteau of "voice" and "phishing") is a type of cybercrime that uses…
View definition →Vulnerability
body { font-family: 'Inter', sans-serif; background-color: #121212; color: #EAEAEA; } .gradient-bg { background: linear-gradient(135deg, rgba(255, 224, 178, 0.1), rgba(255, 204, 12…
View definition →Vulnerability Analysis
What is Vulnerability Analysis? Vulnerability analysis is a process of identifying and evaluating potential weaknesses in systems, networks, or applications that could be exploited…
View definition →Vulnerability Assessment
What is a Vulnerability Assessment? A Vulnerability Assessment is a process essentially acting like a "health check" to discover potential vulnerabilities before they can be exploi…
View definition →Warm Site
An environmentally conditioned workspace that is partially equipped with information systems and telecommunications equipment to support relocated operations in the event of a sign…
View definition →Washington, D.C. Data Breach Law
Washington, D.C. Notification Requirements and Fines In the District of Columbia, any business that experiences a data breach must notify affected D.C. residents as soon as possibl…
View definition →Web Bug
A tiny image, invisible to a user, placed on Web pages in such a way to enable third parties to track use of Web servers and collect information about the user, including IP addres…
View definition →Web Content Filtering Software
A program that prevents access to undesirable Web sites, typically by comparing a requested Web site address to a list of known bad Web sites. SOURCE: SP 800-69
View definition →Web Risk Assessment
Processes for ensuring Web sites are in compliance with applicable policies. SOURCE: CNSSI-4009
View definition →What are South Carolina Data Security & Breach Laws?
South Carolina Data Security & Breach Laws Do you know about South Carolina Data Security Insurance & Breach Laws? Well, before you get called a yankee carpetbagger and a n…
View definition →What Is Flaw Hypothesis Methodology?
The flaw hypothesis methodology is a technique used to predict and analyze flaws in software systems. It involves compiling a list of potential flaws based on a system's documentat…
View definition →What is HIPAA?
HIPAA HISTORY > TODAY The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects patient health information. If you provide cloud host…
View definition →What is Security Posture?
body { font-family: 'Inter', sans-serif; background-color: #f8fafc; /* Light gray background */ color: #334155; /* Dark slate gray text */ } .container { max-width: 1200px; } .sect…
View definition →White Team
1. The group responsible for refereeing an engagement between a Red Team of mock attackers and a Blue Team of actual defenders of their enterprise’s use of information systems. In…
View definition →Whitelist
A Whitelist, also known as an allowlist, is a list of items (like email addresses, IP addresses, or applications) that are specifically permitted or approved to access a system, ne…
View definition →Wi-Fi Protected Access-2 (WPA2)
The approved Wi-Fi Alliance interoperable implementation of the IEEE 802.11i security standard. For federal government use, the implementation must use FIPS-approved encryption, su…
View definition →Wiki
Web applications or similar tools that allow identifiable users to add content (as in an Internet forum) and allow anyone to edit that content collectively. SOURCE: CNSSI-4009
View definition →Wired Equivalent Privacy (WEP)
A security protocol, specified in the IEEE 802.11 standard, that is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wire…
View definition →Wireless Access Point (WAP)
A device that acts as a conduit to connect wireless communication devices together to allow them to communicate and create a wireless network. SOURCE: CNSSI-4009
View definition →Wireless Application Protocol (WAP)
A standard that defines the way in which Internet communications and other advanced services are provided on wireless mobile devices. SOURCE: CNSSI-4009
View definition →Wireless Local Area Network – (WLAN)
A group of wireless networking devices within a limited geographic area, such as an office building, that exchange data through radio communications. The security of each WLAN is h…
View definition →Wireless Technology
Technology that permits the transfer of information between separated points without physical connection. Note: Currently wireless technologies use infrared, acoustic, radio freque…
View definition →WISP
What is a WISP? A WISP is a Written Information Security Plan (WISP) is a document that outlines your company's policies, procedures, and solution controls for protecting sensitive…
View definition →Work Factor
Work factor is a measure of the time or effort required to overcome a protective measure. It can be used in cryptography, physical security, and other fields. Definition Estimate o…
View definition →Workcraft Identity
Synonymous with Tradecraft Identity. SOURCE: CNSSI-4009
View definition →Worm
A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself. See Malicious Code. SOURCE: CNSSI-4009
View definition →Write
Fundamental operation in an information system that results only in the flow of information from a subject to an object. See Access Type. SOURCE: CNSSI-4009
View definition →Write Access
Permission to write to an object in an information system. SOURCE: CNSSI-4009
View definition →Write-Blocker
A device that allows investigators to examine media while preventing data writes from occurring on the subject media. SOURCE: SP 800-72
View definition →X.509 Certificate
What is an X.509 Attribute Certificate? DEFINITION: The X.509 public-key certificate or the X.509 attribute certificate, as defined by the ISO/ITU-T X.509 standard. Most commonly (…
View definition →X.509 Public Key Certificate
Definition An X.509 Public Key Certificate is a digital certificate containing a public key for entity and a name for the entity, together with some other information that is rende…
View definition →Zero Fill
To fill unused storage locations in an information system with the representation of the character denoting "0." SOURCE: CNSSI-4009
View definition →Zeroization
Zeroization, in the context of information security and cryptography, is the process of securely erasing data, particularly sensitive information like cryptographic keys or critica…
View definition →Zeroize
What does Zeroize mean in cybersecurity? this means erasing electronically stored data in a way that it cannot be retrieved. What is the primary purpose of zeroization in a cryptog…
View definition →Zombie
What Is A Zombie? What is a Zombie? Here's a definition... A program that is installed on a system to cause it to attack other systems. SOURCE: SP 800-83 A zombie is a compu…
View definition →Zone Of Control
What is Zone of Control? Zone of Control Cybersecurity Best Practices : a "Zone of Control" refers to a specific network segment or area within an organization's infrastructure. Th…
View definition →No terms match your search.
LinkedIn
Youtube
Mail
Facebook
Instagram