Find definitions for IT security and compliance in our online glossary of key terms, acronyms, and vocabulary.

AJAX progress indicator
  • Term
    Definition
  • Definition: The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions. Synonym(s): identity and access management
  • Definition: The process of granting or denying specific requests for or attempts to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities. Related Term(s): access control mechanism
  • Definition: Security measures designed to detect and deny unauthorized access and permit authorized access to an information system or a physical facility.
  • Definition: An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations. Related Term(s): passive attack
  • Definition: Software that is able to automatically carry out or trigger actions without the explicit intervention of a user.
  • Active data is information residing on the direct access storage media of computer systems, which is readily visible to the operating system and/or application software with which it was created and immediately accessible to users without undeletion, modification or reconstruction (i.e., word(...)
  • Files residing on disk drives of PCs, LAN file servers, laptops, etc. Include backup files created by application software such as Microsoft Word.
  • Active records are records related to current, ongoing or in process activities and are referred to on a regular basis to respond to day-to-day operational requirements. An active record resides in native application format and is accessible for purposes of business processing with no(...)
  • The term address can be used to mean:  • An Internet address - a unique location on the Internet.  • An e-mail address or  • A web page address (also known as a URL)
  • Definition: An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception).
  • Definition: An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. Related Term(s): threat agent, attacker
  • Definition: The physical separation or isolation of a system from other systems or networks.
  • Definition: A notification that a specific attack has been detected or directed at an organization’s information systems.
  • Definition: In the NICE Framework, cybersecurity work where a person: Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications.
  • Definition: A list of entities that are considered trustworthy and are granted access or privileges. Related Term(s): Blocklist
  • Definition: A NICE Framework category consisting of specialty areas responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.
  • Definition: A program that specializes in detecting and blocking or removing forms of spyware. Related Term(s): spyware
  • Definition: A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code.
  • An application is a collection of one or more related software programs that enables a user to enter, store, view, modify or extract information from files or databases. The term is commonly used in place of “program,” or “software.” Applications may include word processors, Internet browsing(...)
  • Archival data is information that is not directly accessible to the user of a computer system but that the organization maintains for long-term storage and record keeping purposes. Archival data may be written to removable media such as a CD, magneto-optical media, tape or other electronic(...)
  • Archives are long term repositories for the storage of records. Electronic archives preserve the content, prevent or track alterations and control access to electronic records.
  • Definition: Anything useful that contributes to the success of something, such as an organizational mission; assets are things of value or properties to which value can be assigned.
  • Synonym(s): public key cryptography
  • An attachment is a record or file associated with another record for the purpose of storage or transfer. There may be multiple attachments associated with a single “parent” or “master” record. The attachments and associated record may be managed and processed as a single unit. In common use,(...)
  • Definition: An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. Related Term(s): active attack, passive attack
  • Definition: The manner or technique and means an adversary may use in an assault on information or an information system.
  • Definition: The steps that an adversary takes or may take to plan, prepare for, and execute an attack.
  • Definition: A characteristic or distinctive pattern that can be searched for or that can be used in matching to previously identified attacks. Related Term(s): attack pattern
  • Definition: An information system's characteristics that permit an adversary to probe, attack, or maintain presence in the information system.
  • Definition: An individual, group, organization, or government that executes an attack. Related Term(s): adversary, threat agent
  • An attribute is a characteristic of data that sets it apart from other data, such as location, length, or type. The term attribute is sometimes used synonymously with “data element” or “property.”  ASCII (Acronym for American Standard Code): ASCII is a code that assigns a number to each(...)
  • Definition: The process of verifying the identity or other attributes of an entity (user, process, or device). Extended Definition: Also the process of verifying the source and integrity of data.
  • Definition: A property achieved through cryptographic methods of being genuine and being able to be verified and trusted, resulting in confidence in the validity of a transmission, information or a message, or sender of information or a message. Related Term(s): integrity, non-repudiation
  • The author of a document is the person, office or designated position responsible for its creation or issuance. In the case of a document in the form of a letter, the author or originator is usually indicated on the letterhead or by signature. In some cases, the software application producing(...)
  • Definition: A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. Extended Definition: The process or act of granting access privileges or the access privileges as granted.
  • Definition: In cybersecurity, applies to assets such as information or information systems. Related Term(s): confidentiality, integrity
  • To create a copy of data as a precaution against the loss or damage of the original data. Most users backup some of their files, and many computer networks utilize automatic backup software to make regular copies of some or all of the data on the network. Some backup systems use digital audio(...)
  • Backup data is information that is not presently in use by an organization and is routinely stored separately upon portable media, to free up space and permit data recovery in the event of disaster.
  • Files copied to diskettes, portable disk drives, backup tapes and compact disks, providing the user with access to data in case of emergency. Some backup files are created automatically by certain applications or operating systems, are not readily apparent to the user and are maintained (as(...)
  • Backup or disaster recovery tapes are portable media used to store data that is not presently in use by an organization to free up space but still allow for disaster recovery.
  • Backup tape recycling is the process whereby an organization’s backup tapes are overwritten with new backup data, usually on a fixed schedule (i.e., the use of nightly backup tapes for each day of the week with the daily backup tape for a particular day being overwritten on the same day the(...)
  • The amount of information or data that can be sent over a network connection in a given period of time. Bandwidth is usually stated in bits per second (bps), kilobits per second (kbps), or megabits per second (mps).
  • A bates production number is a tracking number assigned to each page of each document in the production set.
  • Definition: Observing activities of users, information systems, and processes and measuring the activities against organizational policies and rule, baselines of normal activity, thresholds, and trends.
  • The Best Evidence Rule states that to prove the content of a written document, recording, or photograph, the "original" writing, recording, or photograph is ordinarily required.
  • Mathematical base 2, or numbers composed of a series of zeros and ones. Since zero's and one's can be easily represented by two voltage levels on an electronic device, the binary number system is widely used in digital computing.
  • Basic input output system
  • A measurement of data. It is the smallest unit of data. A bit is either the "1" or "0" component of the binary code. A collection of bits is put together to form a byte.
  • Definition: A list of entities that are blocked or denied privileges or access. Related Term(s): Allowlist
  • Blogs, also referred to as Web logs, are frequent, chronological Web publications consisting of links and postings. The most recent posting appears at the top of the page.
  • Definition: A group that defends an enterprise's information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to rules established and monitored by a neutral group (i.e., the White Team). Related Term(s): Red Team,(...)
  • Definition: A computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator. Synonym(s): zombie Related Term(s): botnet
  • Definition: The controller of a botnet that, from a remote location, provides direction to the compromised computers in the botnet. Synonym(s): bot herder
  • Definition: A collection of computers compromised by malicious code and controlled across a network.
  • Definition: An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. Can lead to application errors, crash, or vulnerablity
  • Definition: A set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks.
  • Slang for making (burning) a CD-ROM copy of data, whether it is music, software, or other data.
  • Eight bits. The byte is the basis for measurement of most computer data as multiples of the byte value. A "megabyte" is one million bytes or eight million bits or a "gigabyte" is one billion bytes or eight billion bits. 1 gigabyte = 1,000 megabytes 1 terabyte = 1,000 gigabytes
  • A fast storage buffer in the central processing unit of a computer that temporarily stores frequently used information for quick access.
  • Definition: The means to accomplish a mission, function, or objective. Related Term(s): intent
  • Data storage medium that uses compact discs to store about 1,500 floppy discs worth of data.
  • A chain of custody tracks evidence from its original source to what is offered as evidence in court
  • Synonym(s): cryptographic algorithm
  • Definition: Data or information in its encrypted form. Related Term(s): plaintext
  • A computer network design involving desktop PCs that depend on other (generally larger) computers to provide the PCs with information and/or applications. In the client/server environment, the client (PC) and the server are symbiotic and processing occurs in both places. Client- server(...)
  • Definition: A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
  • Document coding is the process of capturing case-relevant information (i.e. author, date authored, date sent, recipient, date opened, etc.) from a paper document.
  • Definition: A NICE Framework category consisting of specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.
  • Definition: In the NICE Framework, cybersecurity work where a person: Executes collection using appropriate strategies and within the priorities established through the collection management process.
  • A technology that reduces the size of a file. Compression programs are valuable to network users because they help save both time and bandwidth.
  • Computer forensics is the use of specialized techniques for recovery, authentication, and analysis of electronic data when a case involves issues relating to reconstruction of computer usage, examination of residual data, authentication of data by technical analysis or explanation of(...)
  • The science of obtaining, preserving, and documenting evidence from digital electronic storage devices, such as computers, pagers, PDAs, digital cameras, cell phones, and various memory storage devices. All must be done in a manner designed to preserve the probative value of the evidence and(...)
  • Definition: The actions taken to defend against unauthorized activity within computer networks.
  • Definition: In the NICE Framework, cybersecurity work where a person: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources; monitors(...)
  • Refers to the entire computing environment. This environment may consist of one large computer serving many users (e.g. a mainframe or mini- computer) or one or more personal computers working individually or linked together through a network. A computer system includes all hardware and(...)
  • Definition: A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information.Related Term(s): availability, integrity
  • Definition: In cybersecurity, the effect of a loss of confidentiality, integrity or availability of information or an information system on an organization's operations, its assets, on individuals, other organizations, or on national interests.
  • Definition: A document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption.Related Term(s): Business Continuity Plan, Disaster Recovery Plan, Contingency Plan
  • Small data files written to a user's hard drive by a Web server. These files contain specific information that identifies users (i.e., passwords and lists of pages visited). 
  • A copy is an accurate reproduction of information contained in the data objects independent of the original physical
  • Definition: The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters. Related Term(s): key resource
  • Definition: The operations performed in defeating or circumventing cryptographic protection of information by applying mathematical techniques and without an initial knowledge of the key employed in providing the protection.
  • Definition: A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. Related Term(s): key, encryption, decryption, symmetric key, asymmetric key
  • Definition: The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication. Extended Definition: The art or science concerning the principles, means, and methods for converting plaintext into(...)
  • Definition: The mathematical science that deals with cryptanalysis and cryptography. Related Term(s): cryptanalysis, cryptography
  • Definition: In the NICE Framework, cybersecurity work where a person: Addresses problems, installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support).
  • Definition: The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions.
  • Definition: A planned event during which an organization simulates a cyber disruption to develop or test capabilities such as preventing, detecting, mitigating, responding to or recovering from the disruption.
  • Definition: The information and communications systems and services composed of all hardware and software that process, store, and communicate information, or any combination of all of these elements:  Processing includes the creation, access, modification, and destruction of(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Performs activities to gather evidence on criminal or foreign intelligence entities in order to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist(...)
  • Definition: in the NICE Framework, cybersecurity work where a person: Performs in-depth joint targeting and cyber planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full(...)
  • Definition: The collecting, processing, organizing, and analyzing data into actionable information that relates to capabilities, opportunities, actions, and intent of adversaries in the cyber domain to meet a specific requirement determined by and informing decision-makers.
  • Definition: Strategy, policy, and standards regarding the security of and operations in cyberspace, and encompass[ing] the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities,(...)
  • Definition: The interdependent network of information technology infrastructures, that includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
  • Used as a storage medium in some backup systems.
  • Information stored on the computer system and used by applications to accomplish tasks. 3
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops and administers databases and/or data management systems that allow for the storage, query, and utilization of data.
  • Definition: The process of gathering and combining data from different sources, so that the combined data reveals new information. Related Term(s): data mining
  • Definition: The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. Related Term(s): data loss, data theft, exfiltration
  •  See File
  • Definition: The property that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner. Related Term(s): integrity, system integrity
  • Definition: The result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorized party. Related Term(s): data leakage, data theft
  • Definition: A set of procedures and mechanisms to stop sensitive data from leaving a security boundary. Related Term(s): data loss, data theft, data leak
  • Definition: The process or techniques used to analyze large sets of existing information to discover previously unrevealed patterns or correlations. Related Term(s): data aggregation
  • Definition: The deliberate or intentional act of stealing of information. Related Term(s): data aggregation, data leakage, data loss
  • De-Duplication (“De-Duping”) is the process of comparing electronic records based on their characteristics and removing duplicate records from the data set. 
  • Definition: To convert enciphered text to plain text by means of a cryptographic system. Synonym(s): decode, decrypt
  • Definition: To convert encoded text to plain text by means of a code. Synonym(s): decipher, decrypt
  • Definition: A generic term encompassing decode and decipher. Synonym(s): decipher, decode
  • Definition: The process of transforming ciphertext into its original plaintext. Extended Definition: The process of converting encrypted data back into its original form, so it can be understood.Synonym(s): decode, decrypt, decipher
  • Deleted data is data that, in the past, existed on the computer as live data and which has been deleted by the computer system or end-user activity. Deleted data remains on storage media in whole or in part until it is overwritten by ongoing usage or “wiped” with a software program(...)
  • A file with disk space that has been designated as available for reuse. The deleted file remains intact until it has been overwritten with a new file. 
  • Deletion is the process whereby data is removed from active files and other data storage structures on computers and rendered inaccessible except using special data recovery tools designed to recover deleted data.
  • Definition: An attack that prevents or impairs the authorized use of information system resources or services.
  • Usually refers to an individual PC -- a user's desktop computer.
  • Storing information as a string of digits – namely “1”s and “0”s. 
  • Information stored or transmitted in binary form that may be relied upon in court.
  • Definition: The processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes.Synonym(s): computer forensics, forensics
  • Definition: A form of access control technology to protect and manage use of digital content or devices in accordance with the content or device provider's intentions.
  • Definition: A value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data.Related Term(s): electronic signature
  • It may be a floppy disk, or it may be a hard disk. Either way, it is a magnetic storage medium on which data is digitally stored. A disc may also refer to a CD-ROM.  Distributed Data: Distributed data is that information belonging to an organization which resides on portable media and(...)
  • Definition: An event which causes unplanned interruption in operations or functions for an unacceptable length of time.
  • Definition: A denial of service technique that uses numerous systems to perform the attack simultaneously. Related Term(s): denial of service, botnet
  • Fed. R. Civ. P. 34(a) defines a document as “including writings, drawings, graphs, charts, photographs, phonorecords, and other data compilations.” In the electronic discovery world, a document also refers to a collection of pages representing an electronic file. E-mails, attachments,(...)
  • An external hardware devices with some memory inside it.
  • A duplicate is an accurate digital reproduction of all data objects contained on the original physical item.
  • Definition: The automated, on-the-fly changes of an information system's characteristics to thwart actions of an adversary.
  • A top most e-mail message store is the location in which an e-mail system stores its data. For instance, an Outlook PST (personal storage folder) is a type of top most file that is created when a user’s Microsoft Outlook mail account is set up. Additional Outlook PST files for that user can(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts training of personnel within pertinent subject domain; develop, plan, coordinate, deliver, and/or evaluate training courses, methods, and techniques as appropriate.
  • The discovery of electronic documents and data including e-mail, Web pages, word processing files, computer databases, and virtually anything that is stored on a computer. Technically, documents and data are “electronic” if they exist in a medium that can only be read through the use of(...)
  • Commonly referred to as “e-mail”, an electronic mail message is a document created or received via an electronic mail system, including brief notes, formal or substantive narrative documents, and any attachments, such as word processing and other electronic documents, which may be transmitted(...)
  • Information recorded in a form that requires a computer or other machine to process it and that otherwise satisfies the definition of a record. 
  • Definition: Any mark in electronic form associated with an electronic document, applied with the intent to sign the document.Related Term(s): digital signature
  • Definition: To convert plaintext to ciphertext by means of a cryptographic system.Synonym(s): encode, encrypt
  • Definition: To convert plaintext to ciphertext by means of a code.Synonym(s): encipher, encrypt
  • Definition: The generic term encompassing encipher and encode.Synonym(s): encipher, encode
  • Definition: The process of transforming plaintext into ciphertext. Converting data into a form that cannot be easily understood by unauthorized people.Synonym(s): encode, encrypt, encipher
  • A procedure that renders the contents of a message or file unintelligible to anyone not authorized to read it.
  • Definition: A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization’s ability to achieve its objectives.Related Term(s): risk management,(...)
  • A common way of networking PCs to create a LAN. 
  • Definition: An observable occurrence in an information system or network. Sometimes provides an indication that an incident is occurring or at least raises the suspicion that an incident may be occurring.Related Term(s): incident
  • Definition: The unauthorized transfer of information from an information system.Related Term(s): data breach
  • Definition: A technique to breach the security of a network or information system in violation of security policy.
  • Definition: In the NICE Framework, cybersecurity work where a person: Analyzes collected information to identify vulnerabilities and potential for exploitation.
  • Definition: The condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network.
  • An Internet based access method to a corporate intranet site by limited or total access through a security firewall. This type of access is typically utilized in cases of joint venture and vendor client relationships. 
  • Definition: The inability of a system or component to perform its required functions within specified performance requirements.
  • A family range describes the range of documents from the first Bates production number assigned to the first page of the top most parent document through the last Bates production number assigned to the last page of the last child document. 
  • A family relationship is formed among two or more documents that have a connection or relatedness because of some factor. 
  • Where the operating system stores information about a disk's structure. The FAT is a road map, which allows a computer to save information on the disk, locate and retrieve it. Different operating systems have more or less sophisticated FAT 4 capabilities and therefore are more or less(...)
  • A tag of three or four letters, preceded by a period, which identifies a data file's format or the application used to create the file. File extensions can streamline the process of locating data. For example, if one is looking for incriminating pictures stored on a computer, one might begin(...)
  • When several or many computers are networked together in a LAN situation, one computer may be utilized as a storage location for files for the group. File servers may be employed to store e-mail, financial data, word processing information or to back-up the network.
  • One of the key benefits of a network is the ability to share files stored on the server among several users.
  • Groups of information collectively placed under a name and stored on the computer. Files are organized in various directories and subdirectories. 
  • Definition: A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized.
  • A set of related programs that protect the resources of a private network from users from other networks.
  • Once the standard and now an increasingly rare storage medium consisting of a thin magnetic film disk housed in a protective sleeve. 
  • The internal structure of a file, which defines the way it is stored and used. Specific applications may define unique formats for their data (i.e., “MS Word document file format”). Many files may only be viewed or printed using their originating application or an application designed to work(...)
  • Fragmented data is live data that has been broken up and stored in various locations on a single hard drive or disk.
  • An Internet protocol that enables you to transfer files between computers on the Internet. 
  • A computer compression format for pictures. 
  • A gigabyte is a measure of computer data storage capacity and is a billion (1,000,000,000) bytes.
  • A set of screen presentations and metaphors that utilize graphic elements such as icons in an attempt to make an operating system easier to use. 
  • Definition: An unauthorized user who attempts to or gains access to an information system.
  • The primary storage unit on PCs and servers, consisting of one or more magnetic media platters on which digital data can be written and erased magnetically. Hearsay evidence; Hearsay can be defined as "a statement , other than one made by the declarant while testifying at the trial or hearing(...)
  • Definition: A numeric value resulting from applying a mathematical algorithm against a set of data such as a file. Synonym(s): cryptographic hash value Related Term(s): hashing
  • Definition: A process of applying a mathematical algorithm against a set of data to produce a numeric value (a 'hash value') that represents the data. Extended Definition: Mapping a bit string of arbitrary length to a fixed length bit string to produce the hash value.Related Term(s): hash value
  • Definition: A natural or man-made source or cause of harm or difficulty.Related Term(s): threat
  •  The tag-based ASCII language used to create pages on the Web. 
  • Definition: A man-made threat achieved through exploitation of the information and communications technology (ICT) system’s supply chain, including acquisition processes.Related Term(s): supply chain, threat
  • Definition: The methods and processes used to manage subjects and their authentication and authorizations to access specific objects.  Synonym(s): consequence
  • Inactive records are those Records related to closed, completed, or concluded activities. Inactive Records are no longer routinely referenced, but must be retained in order to fulfill reporting requirements or for purposes of audit or analysis. Inactive records generally reside in a long-term(...)
  • Definition: An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the(...)
  • Definition: The management and coordination of activities associated with an actual or potential occurrence of an event that may result in adverse consequences to information or information systems.
  • Definition: In the Workforce framework, cybersecurity work where a person: Responds to crisis or urgent situations within the pertinent domain to mitigate immediate and potential threats; uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of(...)
  • Definition: A set of predetermined and documented procedures to detect and respond to a cyber incident.
  • Definition: An occurrence or sign that an incident may have occurred or may be in progress.Related Term(s): precursor
  • Definition: An information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets.Related Term(s): Supervisory Control and Data Acquisition, Operations Technology
  • Definition: Any information technology, equipment, or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information.Related Term(s): information technology
  • Definition: The measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality.Related Term(s): information security
  • Definition: In the NICE Framework, cybersecurity work where a person: Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new IT systems meet the organization's information assurance and security requirements; ensures(...)
  • Definition: An aggregate of directives, regulations, rules, and practices that prescribe how an organization manages, protects, and distributes information.Related Term(s): security policy
  • Definition: An exchange of data, information, and/or knowledge to manage risks or respond to incidents.
  • Definition: The ability of an information system to: 1) continue to operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining essential operational capabilities; and  2) recover effectively in a timely manner.Related Term(s): resilience
  • Definition: In the NICE Framework, cybersecurity work where a person: Oversees the information assurance program of an information system in or outside the network environment; may include procurement duties (e.g., Information Systems Security Officer).
  • Definition: Any equipment or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information.Related Term(s): information and communication(s) technology
  • Definition: One or more individuals with the access and/or inside knowledge of a company, organization, or enterprise that would allow them to exploit the vulnerabilities of that entity's security, systems, services, products, or facilities with the intent to cause harm.Related Term: outsider(...)
  • Instant Messaging is a form of electronic communication which involves immediate correspondence between two or more users who are all online simultaneously. 
  • Definition: The structured approach that enables an enterprise or organization to share risk information and risk analysis and to synchronize independent yet complementary risk management strategies to unify efforts across the enterprise.Related Term(s): risk management, enterprise risk management
  • Definition: The property whereby information, an information system, or a component of a system has not been modified or destroyed in an unauthorized manner.Related Term(s): availability, confidentiality, data integrity, system integrity
  • Definition: A state of mind or desire to achieve an objective.Related Term(s): capability
  • The interconnecting global public network made by connecting smaller shared public networks. The most well-known Internet is the Internet, the worldwide network of networks which use the TCP/IP protocol to facilitate information exchange. 
  • Definition: The ability of two or more systems or components to exchange information and to use the information that has been exchanged.
  • A network of interconnecting smaller private networks that are isolated from the public Internet. 
  • Definition: An unauthorized act of bypassing the security mechanisms of a network or information system.Synonym(s): penetration
  • Definition: The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.
  • Definition: a NICE Framework category consisting of specialty areas responsible for the investigation of cyber events and/or crimes of IT systems, networks, and digital evidence
  • Definition: A systematic and formal inquiry into a qualified threat or incident using digital forensics and perhaps other traditional criminal inquiry techniques to determine the events that transpired and to collect evidence.
  • A string of four numbers separated by periods used to represent a computer on the Internet. 
  • Usually refers to the people who make computers and computer systems run. 
  • A business that delivers access to the Internet.
  • An image compression standard for photographs. 
  • Definition: The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification. Related Term(s): private key, public key, secret key, symmetric key
  • Definition: Two mathematically related keys having the property that one key can be used to encrypt a message that can only be decrypted using the other key.Related Term(s): private key, public key
  • Definition: A publicly or privately controlled asset necessary to sustain continuity of government and/or economic operations, or an asset that is of great historical significance.Related Term(s): critical infrastructure
  • Definition: Software or hardware that tracks keystrokes and keyboard events, usually surreptitiously / secretly, to monitor actions by the user of an information system.Related Term(s): spyware
  • A search for documents containing one or more words that are specified by a user. 
  • One thousand bytes of data is 1K of data.
  • Definition: In the NICE Framework, cybersecurity work where a person: Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
  • Usually refers to a network of computers in a single building or other discrete location.
  • Legacy Data is information in the development of which an organization may have invested significant resources and which has retained its importance, but which has been created or stored by the use of software and/or hardware that has been rendered outmoded or obsolete.
  • Definition: In the NICE Framework, cybersecurity work where a person: Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain; advocates legal and policy changes and makes a case on behalf of client via a(...)
  • A legal hold is a communication issued as a result of current or anticipated litigation, audit, government investigation or other such matter that suspends the normal disposition or processing of records. The specific communication to business or IT organizations may also be called a “hold,”(...)
  • Definition: A field concerned with designing and developing artificial intelligence algorithms for automated knowledge discovery and innovation by information systems.
  • Definition: A type of malicious code that attaches itself to documents and uses the macro programming capabilities of the document’s application to execute, replicate, and spread or propagate itself.Related Term(s): virus
  • A computer network design where large (main frame) computers maintain and process data and send information to users' terminals. In a classic mainframe set up, no processing occurs at the desktop, which is merely a means of viewing information contained in and processed on the main frame(...)
  • Definition: A small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system.Related Term(s): malicious code
  • Definition: Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system. Extended Definition: Includes software, firmware, and scripts.Related Term(s): malicious logic
  • Definition: Hardware, firmware, or software that is intentionally included or inserted in a system to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.Related Term(s): malicious code
  • Definition: Software that compromises the operation of a system by performing an unauthorized function or process.Synonym(s): malicious code, malicious applet, malicious logic
  • A million bytes of data is a megabyte, or simply a meg. 
  • Memory cards, sometimes referred to as Flash Memory Cards, are removable solid-state storage devices employing flash memory technology. Some popular types of flash memory cards for use in digital cameras are: CompactFlash (CF), SmartMedia (SM), Memory Stick (MS), MultiMediaCard (MMC) Secure(...)
  • Metadata is information about a particular data set which may describe, for example, how, when, and by whom it was received, created, accessed, and/or modified and how it is formatted. Some metadata, such as file dates and sizes, can easily be seen by users; other metadata can be hidden or(...)
  • Migrated Data is information that has been moved from one database or format to another, usually as a result of a change from one hardware or software technology to another. 
  • Used in computer forensic investigations and some electronic discovery investigations, a mirror image is a bit-by-bit copy of a computer hard drive that ensures the operating system is not altered during the forensic examination. May also be referred to as “disc mirroring,” or as a “forensic(...)
  • Management information systems.
  • Definition: The application of one or more measures to reduce the likelihood of an unwanted occurrence and/or lessen its consequences.
  • A piece of hardware that lets a computer talk to another computer over a phone line. 
  • The process of making off-line data available for on-line processing. For example, placing a magnetic tape in a drive and setting up the software to recognize or read that tape. The terms “load” and “loading” are often used in conjunction with, or synonymously with, “mount” and “mounting” (as(...)
  • Definition: The presentation of a dynamic attack surface, increasing an adversary's work factor necessary to probe, attack, or maintain presence in a cyber target.
  • Electronic documents have an associated file structure defined by the original creating application. This file structure is referred to as the “native format” of the document. Because viewing or searching documents in the native format may require the original application (i.e., viewing a(...)
  • Document nesting occurs when one document is inserted within another document (i.e., an attachment is nested within an email; graphics files are nested within a Microsoft Word document).
  • Definition: The ability of a network to: (1) provide continuous operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged); (2) recover effectively if failure does occur; and (3) scale to meet rapid or unpredictable demands.
  • Definition: In the NICE Framework, cybersecurity work where a person: Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor(...)
  • The hardware and software combinations that allow the exchange of data and sharing of resources. Two common ways PCs are networked are peer-to- peer and client-server.
  • Definition: NIST Special Publication 800-181 revision 1, the Workforce Framework for Cybersecurity (NICE Framework), provides a set of building blocks for describing the tasks, knowledge, and skills that are needed to perform cybersecurity work performed by individuals and teams.
  • Any device connected to network. PCs, servers, and printers are all nodes on the network. Non-Printing Information The non-printing information carried by most data files is another excellent source of information. A common example is the date and time stamp an OS may put on a file. Some(...)
  • Definition: Provides the capability to determine whether a given individual took a particular action such as creating information, sending a message, approving information, and receiving a message.Related Term(s): integrity, authenticity
  • Definition: A passive information system-related entity containing or receiving information.Related Term(s): subject, access, access control
  • Optical character recognition is a technology which takes data from a paper document and turns it editable text data. The document is first scanned. Then OCR software searches the document for letters, numbers, and other characters.
  • The storage of electronic data outside the network in daily use (i.e., on backup tapes) that is only accessible through the off-line storage system, not the network. 
  • Not connected (to a network). 
  • The storage of electronic data as fully accessible information in daily use on the network or elsewhere. 
  • Connected (to a network).
  • Definition: A NICE Framework category consisting of specialty areas responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security.
  • System software that controls the workings of the computer (e.g., Windows, Unix, Linux). The OS handles essential, but often invisible, tasks such as maintaining files. 
  • Definition: An action-based exercise where personnel rehearse reactions to an incident scenario, drawing on their understanding of plans and procedures, roles, and responsibilities.
  • Definition: The hardware and software systems used to operate industrial control devices.Related Term(s): Industrial Control System
  • Physical items and those data objects, which are associated with thoseitems at the time of seizure.
  • Definition: A person or group of persons external to an organization who are not authorized to access its assets and pose a potential risk to the organization and its assets.Related Term(s): inside( r) threat
  • Definition: A NICE Framework category consisting of specialty areas providing leadership, management, direction, and/or development and advocacy so that all individuals and the organization may effectively conduct cybersecurity work.
  • Paper discovery refers to the discovery of writings on paper that can be read without the aid of some devices. 
  • Parent-child relationships is a term used in e-discovery to describe a chain of documents that stems from a single e-mail or storage folder. These types of relationships are primarily encountered when a party is faced with a discovery request for e-mail. A “child” (i.e., an attachment) is(...)
  • Definition: An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, its data, or its operations.Related Term(s): active attack
  • Definition: A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.
  • Personal computer.
  • Handheld digital organizers.
  • An Adobe technology for formatting documents so that they can be viewed and printed using the Adobe Acrobat reader.  Peer-to-peer networks physically connect each computer in the network to every other computer in the network. Files are stored on the hard drives of the individual PCs with(...)
  • Definition: A colloquial term for penetration test or penetration testing.Synonym(s): penetration testing
  • Definition: An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.
  • Definition: The information that permits the identity of an individual to be directly or indirectly inferred.
  • A petabyte is a measure of computer data storage capacity and is one thousand million million (1,000,000,000,000,000) bytes. 
  • Definition: A digital form of social engineering to deceive individuals into providing sensitive information.
  • Definition: Unencrypted information.Related Term(s): ciphertext
  • The least formatted and therefore most portable form of text for computerized documents. 
  • A pointer is an index entry in the directory of a disk (or other storage medium) that identifies the space on the disc in which an electronic document or piece of electronic data resides, thereby preventing that space from being overwritten by other data. In most cases, when an electronic(...)
  • Definition: An observable occurrence or sign that an attacker may be preparing to cause an incident.Related Term(s): indicator
  • Definition: The activities to build, sustain, and improve readiness capabilities to prevent, protect against, respond to, and recover from natural or manmade incidents.
  • See Legal Hold. 
  •  Prima Facie evidence that is sufficient to raise a presumption of fact or to establish the fact in question unless rebutted. 
  • Definition: The ability of individuals to understand and exercise control over how information about themselves may be used by others.
  • Definition: A cryptographic key that must be kept confidential and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. Related Term(s): public key, asymmetric cryptography
  • A network that is connected to the Internet but is isolated from the Internet.
  •  Evidence that is sufficiently useful to prove something important in a trial. However, probative value of proposed evidence must be weighed by the trial judge against prejudicing in the minds of jurors toward the opposing party or criminal defendant. 
  • Definition: A NICE Framework category consisting of specialty areas responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks.
  • The place where Outlook stores its data (when Outlook is used without Microsoft® Exchange Server). A PST file is created when a mail account is set up. Additional PST files can be created for backing up and archiving Outlook folders, messages, forms and files. The file extension given to PST(...)
  • Definition: A cryptographic key that may be widely published and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. Extended Definition: The public part of an asymmetric key pair that is uniquely associated with an entity and that may be made(...)
  • Definition: A branch of cryptography in which a cryptographic system or algorithms use two uniquely linked keys: a public key and a private key (a key pair).Synonym(s): asymmetric cryptography, public key encryption
  • Synonym(s): public key cryptography
  • Definition: A framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the Internet.
  • A network that is part of the public Internet. 
  • To search or ask. In the context of online computing, this often refers to the process of requesting information in a search engine, index directory, or database. 
  • Random Access Memory is the short-term memory that provides working space into which application programs can be loaded and executed and for the computer to work with data within. Information stored in RAM typically is lost when the device is turned off. 
  • Evidence afforded by the production of physical objects for inspection or other examination by the court. 
  • Information, regardless of medium or format that has value to an organization. Collectively the term is used to describe both documents and electronically stored information.
  • A records custodian is an individual responsible for the physical storage and protection of records throughout their retention period. In the context of electronic records, custodianship may not be a direct part of the records management function in all organizations. 
  • The time period from when a record is created until it is disposed. 
  •  See Legal Hold.
  •  Records Management is the planning, controlling, directing, organizing, training, promoting and other managerial activities involving the lifecycle of information, including creation, Records Retention Period, Retention Period: The length of time a given records series must be kept,(...)
  • A plan for the management of records, listing types of records and how long they should be kept; the purpose is to provide continuing authority to dispose of or transfer records to historical archives. 
  • Definition: The activities after an incident or event to restore essential services and operations in the short and medium term and fully restore all capabilities in the longer term.
  • Definition: A group authorized and organized to emulate a potential adversary’s attack or exploitation capabilities against an enterprise’s cybersecurity posture. Related Term(s): Blue Team, White Team
  • Definition: An exercise, reflecting real-world conditions, that is conducted as a simulated attempt by an adversary to attack or exploit vulnerabilities in an enterprise's information systems.Related Term(s): cyber exercise
  • Definition: Additional or alternative systems, sub-systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system, sub-system, asset, or process.
  • Digital media such as floppy disks, CDs, DVDs, cartridges, tapes or removable media cards (small-sized data storage media typically found in cameras, PDAs or music players) that store data and can be easily removed. 
  • Repository for Electronic Records is a direct access device on which the electronic records and associated metadata are stored. Sometimes called a “records store,” “online repository” or “records archive.”
  • Also called "recoverable files." Residual Data (sometimes referred to as “Ambient Data”) refers to data that is not active on a computer system. Residual data includes (1) data found on media free space; (2) data found in file slack space; and (3) data within files that has functionally been(...)
  • Definition: The ability to adapt to changing conditions and prepare for, withstand, and rapidly recover from disruption.
  • Definition: The activities that address the short-term, direct effects of an incident and may also support short-term recovery.Related Term(s): recovery
  • To transfer data from a backup medium (such as tapes) to an on-line system, often for the purpose of recovery from a problem, failure, or disaster. Restoration of archival media is the transfer of data from an archival store to an on-line system for the purposes of processing (such as query,(...)
  • Definition: The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences.
  • Definition: The systematic examination of the components and characteristics of risk.Related Term(s): risk assessment, risk
  • Definition: The product or process which collects information and assigns values to risks for the purpose of informing priorities, developing or comparing courses of action, and informing decision making.Related Term(s): risk analysis, risk
  • Definition: A structured approach to managing risks to data and information by which an organization selects and applies appropriate security controls in compliance with policy and commensurate with the sensitivity and value of the data.
  • Definition: The process of identifying, analyzing, assessing, and communicating risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken. Includes: 1) conducting a risk assessment; 2) implementing(...)
  • Definition: A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.
  • A piece of hardware that routes data from a local area network (LAN) to a phone line. 
  • Sampling usually (but not always) refers to the process of statistically testing a data set for the likelihood of relevant information. It can be a useful technique in addressing a number of issues relating to litigation, including decisions as to which repositories of data should be(...)
  •  A network or series of networks that are not connected to other networks. 
  • Scanning is the process of converting a hard copy paper document into a digital image for use in a computer system. After a document has been scanned, it can be reviewed using field and full-text searching, instant document retrieval, and a complete range of electronic document review options. 
  • Definition: A cryptographic key that is used for both encryption and decryption, enabling the operation of a symmetric key cryptography scheme. Extended Definition: Also, a cryptographic algorithm that uses a single key (i.e., a secret key) for both encryption of plaintext and decryption(...)
  • Definition: A NICE Framework category consisting of specialty areas concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems' development.
  • Definition: The use of information technology in place of manual processes for cyber incident response and management.
  • Definition: A rule or set of rules that govern the acceptable use of an organization's information and services to a level of acceptable risk and the means for protecting the organization's information assets.
  • Definition: In the NICE Framework, cybersecurity work where a person: Manages information security (e.g., information security) implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, policy enforcement,(...)
  • Any computer on a network that contains data or applications shared by users of the network on their client PCs. 
  • Software distributed free on a trial basis with the understanding that the user will pay if the software is used beyond the trial period. 
  • A sibling is a document that shares a common parent with the document in question (e.g. two attachments that share the same parent email or are sibling documents in the same Zip file). 
  • Definition: A recognizable, distinguishing pattern. Types of signatures: attack signature, digital signature, electronic signature.
  • Definition: In cybersecurity, comprehending the current status and security posture with respect to availability, confidentiality, and integrity of networks, systems, users, and data, as well as projecting future states of these.
  • A form of residual data, slack space is the amount of on-disk file space from the end of the logical record information to the end of the physical disk record. It is unused space in a disk cluster. Slack space can contain information soft-deleted from the record, information from prior(...)
  • Plastic, credit card sized cards with an embedded integrated electronic chip.
  • Coded instructions (programs) that make a computer do useful work. 
  • Definition: The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs following software assurance best practices.
  • Definition: The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.
  • Spoliation is the destruction of records which may be relevant to ongoing or anticipated litigation, government investigation or audit. Courts differ in their interpretation of the level of intent required before sanctions may be warranted. 
  • Definition: Faking the sending address of a transmission to gain illegal [unauthorized] entry into a secure system.Extended Definition: The deliberate inducement of a user or resource to take incorrect action. Note: Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing.
  • Definition: Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner.Related Term(s): keylogger
  • A personal computer that is not connected to any other computer or network, except possibly through a modem. 
  • Definition: In the NICE Framework, cybersecurity work where a person: Applies knowledge of priorities to define an entity.
  • Definition: An individual, process, or device causing information to flow among objects or a change to the system state.Related Term(s): object, access, access control
  • Definition: A generic name for a computerized system that is capable of gathering and processing data and applying operational controls to geographically dispersed assets over long distances. Related Term(s): Industrial Control System
  • Definition: A system of organizations, people, activities, information and resources, for creating and moving products including product components and/or services from suppliers through to their customers.Related Term(s): supply chain risk management
  • Definition: The process of identifying, analyzing, and assessing supply chain risk and accepting, avoiding, transferring or controlling it to an acceptable level considering associated costs and benefits of any actions taken.Related Term(s): supply chain
  • Definition: A branch of cryptography in which a cryptographic system or algorithms use the same secret key (a shared secret key).
  • Definition: A cryptographic key that is used to perform both the cryptographic operation and its inverse, for example to encrypt plaintext and decrypt ciphertext, or create a message authentication code and to verify the code.Related Term(s): secret key
  • Definition: In the NICE Framework, cybersecurity work where a person: Installs, configures, troubleshoots, and maintains server configurations (hardware and software) to ensure their confidentiality, integrity, and availability; also manages accounts, firewalls, and patches; responsible for(...)
  • The person in charge of keeping a network working. 
  • Definition: The attribute of an information system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.Related Term(s): integrity, data integrity
  • Usually the largest part of a PC, the system unit is a box that contains the major components including disk drives and the ports for connecting the keyboard, mouse, printer and other devices. 
  • Definition: In the NICE Framework, cybersecurity work where a person: Works on the development phases of the systems development lifecycle.
  • Definition: In the NICE Framework, cybersecurity work where a person: Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions; provides guidance to customers about applicability of information systems to meet business needs.
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts the integration/testing, operations, and maintenance of systems security.
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops system concepts and works on the capabilities phases of the systems development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.
  • Definition: A discussion-based exercise where personnel meet in a classroom setting or breakout groups and are presented with a scenario to validate the content of plans, procedures, policies, cooperative agreements or other information for managing an incident.
  • Definition: A cyberspace environment that provides a user with confidence in its security, using automated mechanisms to ascertain security conditions and adjust the level of security based on the user's context and in the face of an evolving range of threats.
  • A long strip of magnetic coated plastic used to record computer data.
  • Definition: In the NICE Framework, cybersecurity work where a person: Applies current knowledge of one or more regions, countries, non-state entities, and/or technologies.
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts technology assessment and integration processes; provides and supports a prototype capability and/or evaluates its utility.
  • A terabyte is a measure of computer data storage capacity and is one thousand billion (1,000,000,000,000) bytes. 
  • Definition: In the NICE Framework, cybersecurity work where a person: Develops and conducts tests of systems to evaluate compliance with specifications and requirements by applying principles and methods for cost-effective planning, evaluating, verifying, and validating of technical,(...)
  • Definition: A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or(...)
  • Definition: An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. Related Term(s): adversary, attacker
  • Definition: In the NICE Framework, cybersecurity work where a person: Identifies and assesses the capabilities and activities of cyber criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.
  • Definition: The product or process of identifying or evaluating entities, actions, or occurrences, whether natural or man-made, that have or indicate the potential to harm life, information, operations, and/or property.Related Term(s): threat analysis
  • Definition: In access control, data that authenticates the identity of a client or a service and, together with a temporary encryption key (a session key), forms a credential.
  • One of the most widely supported file formats for storing bit-mapped images. Files in TIFF format often end with a .tif extension. 
  • Definition: A set of designations employing four colors (RED, AMBER, GREEN, and WHITE) used to ensure that sensitive information is shared with the correct audience.
  • A collection of protocols that define the basic workings of the features of the Internet. 
  • Definition: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
  • A malicious computer program that is disguised as or hidden within another program
  • Definition: Any access that violates the stated security policy.
  • The Uniform Resource Locator is commonly known as the address for a website such as www.janusassociates.com. 
  • Definition: A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.Related Term(s): macro virus
  • A piece of malicious programming code designed to create an unexpected and, for the victim, usually undesirable event. 
  • A vlog is a Weblog that uses video as its primary medium for distributing content. Vlog posts are usually accompanied by text, image, and other metadata to provide a context or overview for the video. 
  • A virtually private network that is constructed by using public wires to connect nodes.
  • Definition: A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard. Extended Definition: Characteristic of location or security posture or of design,(...)
  • Definition: In the NICE Framework, cybersecurity work where a person: Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation(...)
  • Definition: A shortcoming or imperfection in software code, design, architecture, or deployment that, under proper conditions, could become a vulnerability or contribute to the introduction of vulnerabilities.Related Term(s): vulnerability
  • A collection of Uniform Resource Indicators (URIs, including URLs (Uniform Resource Locators)) in the control of one administrative entity. May include different types of URIs (i.e., file transfer protocol sites, telnet sites, as well as World Wide Web sites). 
  • Definition: A group responsible for refereeing an engagement between a Red Team of mock attackers and a Blue Team of actual defenders of information systems.Related Term(s): Blue Team, Red Team
  • A software program used for preparing documents 
  • Definition: An estimate of the effort or time needed by a potential adversary, with specified expertise and resources, to overcome a protective measure.
  • The WWW is made up of all of the computers on the Internet which use HTML-capable software (Netscape, Explorer, etc.) to exchange data. Data exchange on the WWW is characterized by easy-to-use graphical interfaces, hypertext links, images, and sound. Today the WWW has become synonymous with(...)
  • Definition: A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.
  • A malicious software program capable of moving from computer to computer over a network without being carried by another program. 
  • An open standard for compression and decompression used widely for PC download archives. ZIP is used on Windows-based programs such as WinZip and Drag and Zip. The file extension given to ZIP files is .zip.