Cybersecurity Fundamentals – System and Network Security Glossary

Term	Definition
Acceptable interruption window	The maximum period of time that a system can be unavailable before compromising the achievement of the enterprise’s business objectives
Acceptable use policy	A policy that establishes an agreement between users and the enterprise and defines for all parties’ the ranges of use that are approved before gaining access to a network or the Internet
Access control list (ACL)	An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals Scope Note: Also referred to as access control tables
Access path	The logical route that an end user takes to access computerized information Scope Note: Typically includes a route through the operating system, telecommunications software, selected application software and the access control system
Access rights	The permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy
Accountability	The ability to map a given activity or event back to the responsible party
Advanced Encryption Standard (AES)	A public algorithm that supports keys from 128 bits to 256 bits in size
Advanced persistent threat (APT)	An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives using multiple attack vectors (NIST SP800-61) Scope Note: The APT: 1. pursues its objectives repeatedly over an extended period of time 2. adapts to defenders’ efforts to resist it 3. is determined to maintain the level of interaction needed to execute its objectives

Term	Definition
Adversary	A threat agent
Adware	A software package that automatically plays, displays or downloads advertising material to a computer after the software is installed on it or while the application is being used Scope Note: In most cases, this is done without any notification to the user or without the user’s consent. The term adware may also refer to software that displays advertisements, whether or not it does so with the user’s consent; such programs display advertisements as an alternative to shareware registration fees. These are classified as adware in the sense of advertising supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a specific service.
Alert situation	The point in an emergency procedure when the elapsed time passes a threshold and the interruption is not resolved. The enterprise entering into an alert situation initiates a series of escalation steps.
Alternate facilities	Locations and infrastructures from which emergency or backup processes are executed, when the main premises are unavailable or destroyed Scope Note: Includes other buildings, offices or data processing centers
Alternate process	Automatic or manual process designed and established to continue critical business processes from point-of failure to return-to-normal
Analog	A transmission signal that varies continuously in amplitude and time and is generated in wave formation Scope Note: Analog signals are used in telecommunications
Anti-malware	A technology widely used to prevent, detect and remove many categories of malware, including computer viruses, worms, Trojans, keyloggers, malicious browser plug-ins, adware and spyware
Antivirus software	An application software deployed at multiple points in an IT architecture It is designed to detect and potentially eliminate virus code before damage is done and repair or quarantine files that have already been infected

Term	Definition
Application layer	In the Open Systems Interconnection (OSI) communications model, the application layer provides services for an application program to ensure that effective communication with another application program in a network is possible. Scope Note: The application layer is not the application that is doing the communication; a service layer that provides these services.
Architecture	Description of the fundamental underlying design of the components of the business system, or of one element of the business system (e.g., technology), the relationships among them, and the manner in which they support enterprise objectives
Asset	Something of either tangible or intangible value that is worth protecting, including people, information, infrastructure, finances and reputation
Asymmetric key (public key)	A cipher technique in which different cryptographic keys are used to encrypt and decrypt a message Scope Note: See Public key encryption.
Attack	An actual occurrence of an adverse event
Attack mechanism	A method used to deliver the exploit. Unless the attacker is personally performing the attack, an attack mechanism may involve a payload, or container, that delivers the exploit to the target.
Attack vector	A path or route used by the adversary to gain access to the target (asset) Scope Note: There are two types of attack vectors: ingress and egress (also known as data exfiltration)
Attenuation	Reduction of signal strength during transmission
Audit trail	A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source
Authentication	1. The act of verifying identity (i.e., user, system) Scope Note: Risk: Can also refer to the verification of the correctness of a piece of data 2. The act of verifying the identity of a user and the user’s eligibility to access computerized information Scope Note: Assurance: Authentication is designed to protect against fraudulent logon activity. It can also refer to the verification of the correctness of a piece of data.

Term	Definition
Authenticity	Undisputed authorship
Availability	Ensuring timely and reliable access to and use of information
Back door	A means of regaining access to a compromised system by installing software or configuring existing software to enable remote access under attacker-defined conditions
Bandwidth	The range between the highest and lowest transmittable frequencies. It equates to the transmission capacity of an electronic line and is expressed in bytes per second or Hertz (cycles per second).
Bastion	System heavily fortified against attacks
Biometrics	A security technique that verifies an individual’s identity by analyzing a unique physical attribute, such as a handprint
Block cipher	A public algorithm that operates on plaintext in blocks (strings or groups) of bits
Botnet	A term derived from “robot network;” is a large automated and distributed network of previously compromised computers that can be simultaneously controlled to launch large-scale attacks such as a denial-of-service attack on selected victims
Boundary	Logical and physical controls to define a perimeter between the organization and the outside world
Bridge	Data link layer device developed in the early 1980s to connect local area networks (LANs) or create two separate LAN or wide area network (WAN) network segments from a single segment to reduce collision domains Scope Note: A bridge acts as a store-and-forward device in moving frames toward their destination. This is achieved by analyzing the MAC header of a data packet, which represents the hardware address of an NIC.
Bring your own device (BYOD)	An enterprise policy used to permit partial or full integration of user-owned mobile devices for business purposes
Broadcast	A method to distribute information to multiple recipients simultaneously
Brute force	A class of algorithms that repeatedly try all possible combinations until a solution is found
Brute force attack	Repeatedly trying all possible combinations of passwords or encryption keys until the correct one is found

Term	Definition
Buffer overflow	Occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold Scope Note: Since buffers are created to contain a finite amount of data, the extra information—which has to go somewhere—can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new instructions to the attacked computer that could, for example, damage the user’s files, change data, or disclose confidential information. Buffer overflow attacks are said to have arisen because the C programming language supplied the framework, and poor programming practices supplied the vulnerability.
Business continuity plan (BCP)	A plan used by an enterprise to respond to disruption of critical business processes. Depends on the contingency plan for restoration of critical systems
Business impact analysis/assessment (BIA)	Evaluating the criticality and sensitivity of information assets An exercise that determines the impact of losing the support of any resource to an enterprise, establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and the supporting system Scope Note: This process also includes addressing: -Income loss -Unexpected expense -Legal issues (regulatory compliance or contractual) -Interdependent processes -Loss of public reputation or public confidence
Certificate (Certification) authority (CA)	A trusted third party that serves authentication infrastructures or enterprises and registers entities and issues them certificates

Term	Definition
Certificate revocation list (CRL)	An instrument for checking the continued validity of the certificates for which the certification authority (CA) has responsibility Scope Note: The CRL details digital certificates that are no longer valid. The time gap between two updates is very critical and is also a risk in digital certificates verification.
Chain of custody	A legal principle regarding the validity and integrity of evidence. It requires accountability for anything that will be used as evidence in a legal proceeding to ensure that it can be accounted for from the time it was collected until the time it is presented in a court of law. Scope Note: Includes documentation as to who had access to the evidence and when, as well as the ability to identify evidence as being the exact item that was recovered or tested. Lack of control over evidence can lead to it being discredited. Chain of custody depends on the ability to verify that evidence could not have been tampered with. This is accomplished by sealing off the evidence, so it cannot be changed, and providing a documentary record of custody to prove that the evidence was at all times under strict control and not subject to tampering.
Checksum	A mathematical value that is assigned to a file and used to “test” the file at a later date to verify that the data contained in the file has not been maliciously changed Scope Note: A cryptographic checksum is created by performing a complicated series of mathematical operations (known as a cryptographic algorithm) that translates the data in the file into a fixed string of digits called a hash value, which is then used as the checksum. Without knowing which cryptographic algorithm was used to create the hash value, it is highly unlikely that an unauthorized person would be able to change data without inadvertently changing the corresponding checksum. Cryptographic checksums are used in data transmission and data storage. Cryptographic checksums are also known as message authentication codes, integrity check-values, modification detection codes or message integrity codes.
Chief Information Security Officer (CISO)	The person in charge of information security within the enterprise
Chief Security Officer (CSO)	The person usually responsible for all security matters both physical and digital in an enterprise
Cipher	An algorithm to perform encryption
Ciphertext	Information generated by an encryption algorithm to protect the plaintext and that is unintelligible to the unauthorized reader.

Term	Definition
Cleartext	Data that is not encrypted. Also known as plaintext.
Cloud computing	Convenient, on-demand network access to a shared pool of resources that can be rapidly provisioned and released with minimal management effort or service provider interaction
Collision	The situation that occurs when two or more demands are made simultaneously on equipment that can handle only one at any given instant (Federal Standard 1037C)
Common Attack Pattern Enumeration and Classification (CAPEC)	A catalogue of attack patterns as “an abstraction mechanism for helping describe how an attack against vulnerable systems or networks is executed” published by the MITRE Corporation
Compartmentalization	A process for protecting very-high value assets or in environments where trust is an issue. Access to an asset requires two or more processes, controls or individuals.
Compliance	Adherence to, and the ability to demonstrate adherence to, mandated requirements defined by laws and regulations, as well as voluntary requirements resulting from contractual obligations and internal policies
Compliance documents	Policies, standard and procedures that document the actions that are required or prohibited. Violations may be subject to disciplinary actions.
Computer emergency response team (CERT)	A group of people integrated at the enterprise with clear lines of reporting and responsibilities for standby support in case of an information systems emergency This group will act as an efficient corrective control, and should also act as a single point of contact for all incidents and issues related to information systems.
Computer forensics	The application of the scientific method to digital media to establish factual information for judicial review Scope Note: This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities. As a discipline, it combines elements of law and computer science to collect and analyze data from information systems (e.g., personal computers, networks, wireless communication and digital storage devices) in a way that is admissible as evidence in a court of law.
Confidentiality	Preserving authorized restrictions on access and disclosure, including means for protecting privacy and proprietary information
Configuration management	The control of changes to a set of configuration items over a system life cycle

Term	Definition
Consumerization	A new model in which emerging technologies are first embraced by the consumer market and later spread to the business
Containment	Actions taken to limit exposure after an incident has been identified and confirmed
Content filtering	Controlling access to a network by analyzing the contents of the incoming and outgoing packets and either letting them pass or denying them based on a list of rules Scope Note: Differs from packet filtering in that it is the data in the packet that are analyzed instead of the attributes of the packet itself (e.g., source/target IP address, transmission control protocol [TCP] flags)
Control	The means of managing risk, including policies, procedures, guidelines, practices or organizational structures, which can be of an administrative, technical, management, or legal nature. Scope Note: Also used as a synonym for safeguard or countermeasure. See also Internal control.
Countermeasure	Any process that directly reduces a threat or vulnerability
Critical infrastructure	Systems whose incapacity or destruction would have a debilitating effect on the economic security of an enterprise, community or nation.
Criticality	The importance of a particular asset or function to the enterprise, and the impact if that asset or function is not available
Criticality analysis	An analysis to evaluate resources or business functions to identify their importance to the enterprise, and the impact if a function cannot be completed or a resource is not available
Cross-site scripting (XSS)	A type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites Scope Note: Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. (OWASP)
Cryptography	The art of designing, analyzing and attacking cryptographic schemes
Cryptosystem	A pair of algorithms that take a key and convert plaintext to ciphertext and back
Cybercop	An investigator of activities related to computer crime
Cyberespionage	Activities conducted in the name of security, business, politics or technology to find information that ought to remain secret. It is not inherently military.

Term	Definition
Cybersecurity	The protection of information assets by addressing threats to information processed, stored, and transported by internetworked information systems
Cybersecurity architecture	Describes the structure, components and topology (connections and layout) of security controls within an enterprise’s IT infrastructure Scope Note: The security architecture shows how defense-in-depth is implemented and how layers of control are linked and is essential to designing and implementing security controls in any complex environment.
Cyberwarfare	Activities supported by military organizations with the purpose to threat the survival and well-being of society/foreign entity
Data classification	The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification. Levels of sensitivity of data are assigned according to predefined categories as data are created, amended, enhanced, stored or transmitted. The classification level is an indication of the value or importance of the data to the enterprise.
Data custodian	The individual(s) and department(s) responsible for the storage and safeguarding of computerized data
Data Encryption Standard (DES)	An algorithm for encoding binary data Scope Note: It is a secret key cryptosystem published by the National Bureau of Standards (NBS), the predecessor of the US National Institute of Standards and Technology (NIST). DES and its variants has been replaced by the Advanced Encryption Standard (AES)
Data leakage	Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes
Data owner	The individual(s), normally a manager or director, who has responsibility for the integrity, accurate reporting and use of computerized data
Data retention	Refers to the policies that govern data and records management for meeting internal, legal and regulatory data archival requirements
Database	A stored collection of related data needed by enterprises and individuals to meet their information processing and retrieval requirements
Decentralization	The process of distributing computer processing to different locations within an enterprise

Term	Definition
Decryption	A technique used to recover the original plaintext from the ciphertext so that it is intelligible to the reader The decryption is a reverse process of the encryption.
Decryption key	A digital piece of information used to recover plaintext from the corresponding ciphertext by decryption
Defense in depth	The practice of layering defenses to provide added protection Defense in depth increases security by raising the effort needed in an attack. This strategy places multiple barriers between an attacker and an enterprise’s computing and information resources.
Demilitarized zone (DMZ)	A screened (firewalled) network segment that acts as a buffer zone between a trusted and untrusted network Scope Note: A DMZ is typically used to house systems such as web servers that must be accessible from both internal networks and the Internet.
Denial-of-service attack (DoS)	An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rate
Digital certificate	A piece of information, a digitized form of signature, that provides sender authenticity, message integrity and non-repudiation. A digital signature is generated using the sender’s private key or applying a one-way hash function.
Digital forensics	The process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in any legal proceedings
Digital signature	A piece of information, a digitized form of signature, that provides sender authenticity, message integrity and non-repudiation A digital signature is generated using the sender’s private key or applying a one-way hash function.
Disaster	1. A sudden, unplanned calamitous event causing great damage or loss. Any event that creates an inability on an enterprise’s part to provide critical business functions for some predetermined period of time. Similar terms are business interruption, outage and catastrophe. 2. The period when enterprise management decides to divert from normal production responses and exercises its disaster recovery plan (DRP). It typically signifies the beginning of a move from a primary location to an alternate location.

Term	Definition
Disaster recovery plan (DRP)	A set of human, physical, technical and procedural resources to recover, within a defined time and cost, an activity interrupted by an emergency or disaster
Discretionary access control (DAC)	A means of restricting access to objects based on the identity of subjects and/or groups to which they belong Scope Note: The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject.
Domain name system (DNS)	A hierarchical database that is distributed across the Internet that allows names to be resolved into IP addresses (and vice versa) to locate services such as web and e-mail servers
Domain name system (DNS) exfiltration	Tunneling over DNS to gain network access. Lower-level attack vector for simple to complex data transmission, slow but difficult to detect.
Due care	The level of care expected from a reasonable person of similar competency under similar conditions
Due diligence	The performance of those actions that are generally regarded as prudent, responsible and necessary to conduct a thorough and objective investigation, review and/or analysis
Dynamic ports	Dynamic and/or private ports–49152 through 65535: Not listed by IANA because of their dynamic nature.
Eavesdropping	Listening a private communication without permission
E-commerce	The processes by which enterprises conduct business electronically with their customers, suppliers and other external business partners, using the Internet as an enabling technology Scope Note: E-commerce encompasses both business-to-business (B2B) and business-to-consumer (B2C) e-commerce models, but does not include existing non-Internet e-commerce methods based on private networks such as electronic data interchange (EDI) and Society for Worldwide Interbank Financial Telecommunication (SWIFT).
Egress	Network communications going out
Elliptical curve cryptography (ECC)	An algorithm that combines plane geometry with algebra to achieve stronger authentication with smaller keys compared to traditional methods, such as RSA, which primarily use algebraic factoring. Scope Note: Smaller keys are more suitable to mobile devices.

Term	Definition
Encapsulation security payload (ESP)	Protocol, which is designed to provide a mix of security services in IPv4 and IPv6. ESP can be used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and (limited) traffic flow confidentiality. (RFC 4303) Scope Note: The ESP header is inserted after the IP header and before the next layer protocol header (transport mode) or before an encapsulated IP header (tunnel mode).
Encryption	The process of taking an unencrypted message (plaintext), applying a mathematical function to it (encryption algorithm with a key) and producing an encrypted message (ciphertext)
Encryption algorithm	A mathematically based function or calculation that encrypts/decrypts data
Encryption key	A piece of information, in a digitized form, used by an encryption algorithm to convert the plaintext to the ciphertext
Eradication	When containment measures have been deployed after an incident occurs, the root cause of the incident must be identified and removed from the network. Scope Note: Eradication methods include: restoring backups to achieve a clean state of the system, removing the root cause, improving defenses and performing vulnerability analysis to find further potential damage from the same root cause.
Ethernet	A popular network protocol and cabling scheme that uses a bus topology and carrier sense multiple access/collision detection (CSMA/CD) to prevent network failures or collisions when two devices try to access the network at the same time
Event	Something that happens at a specific place and/or time
Evidence	1. Information that proves or disproves a stated issue 2. Information that an auditor gathers in the course of performing an IS audit; relevant if it pertains to the audit objectives and has a logical relationship to the findings and conclusions it is used to support Scope Note: Audit perspective
Exploit	Full use of a vulnerability for the benefit of an attacker
File Transfer Protocol (FTP)	A protocol used to transfer files over a Transmission Control Protocol/Internet Protocol (TCP/IP) network (Internet, UNIX, etc.)
Firewall	A system or combination of systems that enforces a boundary between two or more networks, typically forming a barrier between a secure and an open environment such as the Internet

Term	Definition
Forensic examination	The process of collecting, assessing, classifying and documenting digital evidence to assist in the identification of an offender and the method of compromise
Freeware	Software available free of charge
Gateway	A device (router, firewall) on a network that serves as an entrance to another network
Governance	Ensures that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives Scope Note: Conditions can include the cost of capital, foreign exchange rates, etc. Options can include shifting manufacturing to other locations, sub-contracting portions of the enterprise to third-parties, selecting a product mix from many available choices, etc.
Governance, Risk Management and Compliance (GRC)	A business term used to group the three close-related disciplines responsible for the protection of assets, and operations
Guideline	A description of a particular way of accomplishing something that is less prescriptive than a procedure
Hacker	An individual who attempts to gain unauthorized access to a computer system
Hash function	An algorithm that maps or translates one set of bits into another (generally smaller) so that a message yields the same result every time the algorithm is executed using the same message as input Scope Note: It is computationally infeasible for a message to be derived or reconstituted from the result produced by the algorithm or to find two different messages that produce the same hash result using the same algorithm.
Hash total	The total of any numeric data field in a document or computer file This total is checked against a control total of the same field to facilitate accuracy of processing.
Hashing	Using a hash function (algorithm) to create hash valued or checksums that validate message integrity
Hijacking	An exploitation of a valid network session for unauthorized purposes
Honeypot	A specially configured server, also known as a decoy server, designed to attract and monitor intruders in a manner such that their actions do not affect production systems Scope Note: Also known as “decoy server”

Term	Definition
Horizontal defense-in depth	Controls are placed in various places in the path to access an asset (this is functionally equivalent to concentric ring model above).
Hub	A common connection point for devices in a network, hubs are used to connect segments of a local area network (LAN) Scope Note: A hub contains multiple ports. When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.
Human firewall	A person prepared to act as a network layer of defense through education and awareness
Hypertext Transfer Protocol Secure (HTTPS)	A protocol for accessing a secure web server, whereby all data transferred are encrypted.
Hypertext Transfer Protocol (HTTP)	A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit hypertext markup language (HTML), extensible markup language (XML) or other pages to client browsers
IEEE (Institute of Electrical and Electronics Engineers)	Pronounced I-triple-E; IEEE is an organization composed of engineers, scientists and students Scope Note: Best known for developing standards for the computer and electronics industry
IEEE 802.11	A family of specifications developed by the Institute of Electrical and Electronics Engineers (IEEE) for wireless local area network (WLAN) technology. 802.11 specifies an over-the-air interface between a wireless client and a base station or between two wireless clients.
Imaging	A process that allows one to obtain a bit-for-bit copy of data to avoid damage of original data or information when multiple analyses may be performed. Scope Note: The imaging process is made to obtain residual data, such as deleted files, fragments of deleted files and other information present, from the disk for analysis. This is possible because imaging duplicates the disk surface, sector by sector.
Impact	Magnitude of loss resulting from a threat exploiting a vulnerability
Impact analysis	A study to prioritize the criticality of information resources for the enterprise based on costs (or consequences) of adverse events In an impact analysis, threats to assets are identified and potential business losses determined for different time periods. This assessment is used to justify the extent of safeguards that are required and recovery time frames. This analysis is the basis for establishing the recovery strategy.

Term	Definition
Incident	Any event that is not part of the standard operation of a service and that causes, or may cause, an interruption to, or a reduction in, the quality of that service
Incident response	The response of an enterprise to a disaster or other significant event that may significantly affect the enterprise, its people, or its ability to function productively An incident response may include evacuation of a facility, initiating a disaster recovery plan (DRP), performing damage assessment, and any other measures necessary to bring an enterprise to a more stable status.
Incident response plan	The operational component of incident management Scope Note: The plan includes documented procedures and guidelines for defining the criticality of incidents, reporting and escalation process, and recovery procedures.
Information security	Ensures that within the enterprise, information is protected against disclosure to unauthorized users (confidentiality), improper modification (integrity), and non-access when required (availability)
Information security program	The overall combination of technical, operational and procedural measures and management structures implemented to provide for the confidentiality, integrity and availability of information based on business requirements and risk analysis
Information systems (IS)	The combination of strategic, managerial and operational activities involved in gathering, processing, storing, distributing and using information and its related technologies Scope Note: Information systems are distinct from information technology (IT) in that an information system has an IT component that interacts with the process components.
Infrastructure as a Service (IaaS)	Offers the capability to provision processing, storage, networks and other fundamental computing resources, enabling the customer to deploy and run arbitrary software, which can include operating systems (OSs) and applications
Ingestion	A process to convert information extracted to a format that can be understood by investigators. Scope Note: See also Normalization.
Ingress	Network communications coming in
Inherent risk	The risk level or exposure without taking into account the actions that management has taken or might take (e.g., implementing controls)
Injection	A general term for attack types which consist of injecting code that is then interpreted/executed by the application. (OWASP)

Term	Definition
Intangible asset	An asset that is not physical in nature Scope Note: Examples include: intellectual property (patents, trademarks, copyrights, processes), goodwill, and brand recognition
Integrity	The guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity
Intellectual property	Intangible assets that belong to an enterprise for its exclusive use Scope Note: Examples include: patents, copyrights, trademarks, ideas, and trade secrets.
International Standards Organization (ISO)	The world’s largest developer of voluntary International Standards
Internet Assigned Numbers Authority (IANA)	Responsible for the global coordination of the DNS root, IP addressing, and other Internet protocol resources
Internet Control Message Protocol (ICMP)	A set of protocols that allow systems to communicate information about the state of services on other systems Scope Note: For example, ICMP is used in determining whether systems are up, maximum packet sizes on links, whether a destination host/network/port is available. Hackers typically use (abuse) ICMP to determine information about the remote site.
Internet protocol (IP)	Specifies the format of packets and the addressing scheme
Internet Protocol (IP) packet spoofing	An attack using packets with the spoofed source Internet packet (IP) addresses. Scope Note: This technique exploits applications that use authentication based on IP addresses. This technique also may enable an unauthorized user to gain root access on the target system.
Internet service provider (ISP)	A third party that provides individuals and enterprises with access to the Internet and a variety of other Internet-related services
Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)	IPX is layer 3 of the open systems interconnect (OSI) model network protocol; SPX is layer 4 transport protocol. The SPX layer sits on top of the IPX layer and provides connection-oriented services between two nodes on the network.
Interrogation	Used to obtain prior indicators or relationships, including telephone numbers, IP addresses and names of individuals, from extracted data

Term	Definition
Intruder	Individual or group gaining access to the network and it’s resources without permission
Intrusion detection	The process of monitoring the events occurring in a computer system or network to detect signs of unauthorized access or attack
Intrusion detection system (IDS)	Inspects network and host security activity to identify suspicious patterns that may indicate a network or system attack
Intrusion prevention	A preemptive approach to network security used to identify potential threats and respond to them to stop, or at least limit, damage or disruption
Intrusion prevention system (IPS)	A system designed to not only detect attacks, but also to prevent the intended victim hosts from being affected by the attacks
Investigation	The collection and analysis of evidence with the goal to identifying the perpetrator of an attack or unauthorized use or access
IP address	A unique binary number used to identify devices on a TCP/IP network
IP Authentication Header (AH)	Protocol used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just “integrity”) and to provide protection against replays. (RFC 4302). Scope Note: AH ensures data integrity with a checksum that a message authentication code, such as MD5, generates. To ensure data origin authentication, AH includes a secret shared key in the algorithm that it uses for authentication. To ensure replay protection, AH uses a sequence number field within the IP authentication header.
IP Security (IPSec)	A set of protocols developed by the Internet Engineering Task Force (IETF) to support the secure exchange of packets
IT governance	The responsibility of executives and the board of directors; consists of the leadership, organizational structures and processes that ensure that the enterprise’s IT sustains and extends the enterprise’s strategies and objectives
Kernel mode	Used for execution of privileged instructions for the internal operation of the system. In kernel mode, there are no protections from errors or malicious activity and all parts of the system and memory are accessible.
Key length	The size of the encryption key measured in bits
Key risk indicator (KRI)	A subset of risk indicators that are highly relevant and possess a high probability of predicting or indicating important risk Scope Note: See also Risk Indicator.
Keylogger	Software used to record all keystrokes on a computer

Term	Definition
Latency	The time it takes a system and network delay to respond Scope Note: More specifically, system latency is the time that a system takes to retrieve data. Network latency is the time it takes for a packet to travel from the source to the final destination.
Layer 2 switches	Data link level devices that can divide and interconnect network segments and help to reduce collision domains in Ethernet-based networks
Layer 3 and 4 switches	Switches with operating capabilities at layer 3 and layer 4 of the open systems interconnect (OSI) model. These switches look at the incoming packet’s networking protocol, e.g., IP, and then compare the destination IP address to the list of addresses in their tables, to actively calculate the best way to send a packet to its destination.
Layer 4-7 switches	Used for load balancing among groups of servers Scope Note: Also known as content-switches, content services switches, web-switches or application switches.
Legacy system	Outdated computer systems
Likelihood	The probability of something happening
Local area network (LAN)	Communication network that serves several users within a specified geographic area Scope Note: A personal computer LAN functions as a distributed processing system in which each computer in the network does its own processing and manages some of its data. Shared data are stored in a file server that acts as a remote disk drive for all users in the network.
Log	To record details of information or events in an organized record-keeping system, usually sequenced in the order in which they occurred
Logical access	Ability to interact with computer resources granted using identification, authentication and authorization.
Logical access controls	The policies, procedures, organizational structure and electronic access controls designed to restrict access to computer software and data files
MAC header	Represents the hardware address of an network interface controller (NIC) inside a data packet
Mail relay server	An electronic mail (e-mail) server that relays messages so that neither the sender nor the recipient is a local user
Mainframe	A large high-speed computer, especially one supporting numerous workstations or peripherals

Term	Definition
Malware	Short for malicious software Designed to infiltrate, damage or obtain information from a computer system without the owner’s consent Scope Note: Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware and adware. Spyware is generally used for marketing purposes and, as such, is not malicious, although it is generally unwanted. Spyware can, however, be used to gather information for identity theft or other clearly illicit purposes.
Mandatory access control (MAC)	A means of restricting access to data based on varying degrees of security requirements for information contained in the objects and the corresponding security clearance of users or programs acting on their behalf
Man-in-the-middle attack	An attack strategy in which the attacker intercepts the communication stream between two parts of the victim system and then replaces the traffic between the two components with the intruder’s own, eventually assuming control of the communication
Masking	A computerized technique of blocking out the display of sensitive information, such as passwords, on a computer terminal or report
Media access control (MAC) address	A unique identifier assigned to network interfaces for communications on the physical network segment
Message authentication code	An American National Standards Institute (ANSI) standard checksum that is computed using Data Encryption Standard (DES)
Message digest	A smaller extrapolated version of the original message created using a message digest algorithm
Message digest algorithm	Message digest algorithms are SHA1, MD2, MD4 and MD5. These algorithms are one-way functions unlike private and public key encryption algorithms. Scope Note: All digest algorithms take a message of arbitrary length and produce a 128-bit message digest.
Metropolitan area network (MAN)	A data network intended to serve an area the size of a large city
Miniature fragment attack	Using this method, an attacker fragments the IP packet into smaller ones and pushes it through the firewall, in the hope that only the first of the sequence of fragmented packets would be examined and the others would pass without review.

Term	Definition
Mirrored site	An alternate site that contains the same information as the original Scope Note: Mirrored sites are set up for backup and disaster recovery and to balance the traffic load for numerous download requests. Such download mirrors are often placed in different locations throughout the Internet.
Mobile device	A small, handheld computing devices, typically having a display screen with touch input and/or a miniature keyboard and weighing less than two pounds
Mobile site	The use of a mobile/temporary facility to serve as a business resumption location The facility can usually be delivered to any site and can house information technology and staff.
Monitoring policy	Rules outlining or delineating the way in which information about the use of computers, networks, applications and information is captured and interpreted
Multifactor authentication	A combination of more than one authentication method, such as token and password (or personal identification number [PIN] or token and biometric device).
National Institute for Standards and Technology (NIST)	Develops tests, test methods, reference data, proof-of concept implementations, and technical analyses to advance the development and productive use of information technology Scope Note: NIST is a US government entity that creates mandatory standards that are followed by federal agencies and those doing business with them.
Network address translation (NAT)	A methodology of modifying network address information in IP datagram packet headers while they are in transit across a traffic routing device for the purpose of remapping one IP address space into another
Network basic input/output system (NetBIOS)	A program that allows applications on different computers to communicate within a local area network (LAN).
Network interface card (NIC)	A communication card that when inserted into a computer, allows it to communicate with other computers on a network Scope Note: Most NICs are designed for a particular type of network or protocol.
Network news transfer protocol (NNTP)	Used for the distribution, inquiry, retrieval, and posting of Netnews articles using a reliable stream-based mechanism. For news-reading clients, NNTP enables retrieval of news articles that are stored in a central database, giving subscribers the ability to select only those articles they wish to read. (RFC 3977)

Term	Definition
Network segmentation	A common technique to implement network security is to segment an organization’s network into separate zones that can be separately controlled, monitored and protected.
Network traffic analysis	Identifies patterns in network communications Scope Note: Traffic analysis does not need to have the actual content of the communication but analyzes where traffic is taking place, when and for how long communications occur and the size of information transferred.
Nonintrusive monitoring	The use of transported probes or traces to assemble information, track traffic and identify vulnerabilities
Nonrepudiation	The assurance that a party cannot later deny originating data; provision of proof of the integrity and origin of the data and that can be verified by a third party Scope Note: A digital signature can provide non-repudiation.
Normalization	The elimination of redundant data
Obfuscation	The deliberate act of creating source or machine code that is difficult for humans to understand
Open Systems Interconnect (OSI) model	A model for the design of a network. The open systems interconnect (OSI) model defines groups of functionality required to network computers into layers. Each layer implements a standard protocol to implement its functionality. There are seven layers in the OSI model.
Open Web Application Security Project (OWASP)	An open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted
Operating system (OS)	A master control program that runs the computer and acts as a scheduler and traffic controller Scope Note: The operating system is the first program copied into the computer’s memory after the computer is turned on; it must reside in memory at all times. It is the software that interfaces between the computer hardware (disk, keyboard, mouse, network, modem, printer) and the application software (word processor, spreadsheet, e-mail), which also controls access to the devices and is partially responsible for security components and sets the standards for the application programs that run in it.

Term	Definition
Outcome measure	Represents the consequences of actions previously taken; often referred to as a lag indicator Scope Note: Outcome measure frequently focuses on results at the end of a time period and characterize historic performance. They are also referred to as a key goal indicator (KGI) and used to indicate whether goals have been met. These can be measured only after the fact and, therefore, are called “lag indicators.”
Outsourcing	A formal agreement with a third party to perform IS or other business functions for an enterprise
Packet	Data unit that is routed from source to destination in a packet-switched network Scope Note: A packet contains both routing information and data. Transmission Control Protocol/Internet Protocol (TCP/IP) is such a packet-switched network.
Packet filtering	Controlling access to a network by analyzing the attributes of the incoming and outgoing packets and either letting them pass, or denying them, based on a list of rules
Packet switching	The process of transmitting messages in convenient pieces that can be reassembled at the destination
Passive response	A response option in intrusion detection in which the system simply reports and records the problem detected, relying on the user to take subsequent action
Password	A protected, generally computer-encrypted string of characters that authenticate a computer user to the computer system
Password cracker	A tool that tests the strength of user passwords by searching for passwords that are easy to guess It repeatedly tries words from specially crafted dictionaries and often also generates thousands (and in some cases, even millions) of permutations of characters, numbers and symbols.
Patch	Fixes to software programming errors and vulnerabilities

Term	Definition
Patch management	An area of systems management that involves acquiring, testing and installing multiple patches (code changes) to an administered computer system in order to maintain up-to-date software and often to address security risk Scope Note: Patch management tasks include the following: maintaining current knowledge of available patches; deciding what patches are appropriate for particular systems; ensuring that patches are installed properly; testing systems after installation; and documenting all associated procedures, such as specific configurations required. A number of products are available to automate patch management tasks. Patches are sometimes ineffective and can sometimes cause more problems than they fix. Patch management experts suggest that system administrators take simple steps to avoid problems, such as performing backups and testing patches on non-critical systems prior to installations. Patch management can be viewed as part of change management.
Payload	The section of fundamental data in a transmission. In malicious software this refers to the section containing the harmful data/code.
Penetration testing	A live test of the effectiveness of security defenses through mimicking the actions of real-life attackers
Personal identification number (PIN)	A type of password (i.e., a secret number assigned to an individual) that, in conjunction with some means of identifying the individual, serves to verify the authenticity of the individual Scope Note: PINs have been adopted by financial institutions as the primary means of verifying customers in an electronic funds transfer (EFT) system.
Phishing	This is a type of electronic mail (e-mail) attack that attempts to convince a user that the originator is genuine, but with the intention of obtaining information for use in social engineering Scope Note: Phishing attacks may take the form of masquerading as a lottery organization advising the recipient or the user’s bank of a large win; in either case, the intent is to obtain account and personal identification number (PIN) details. Alternative attacks may seek to obtain apparently innocuous business information, which may be used in another form of active attack.
Plain old telephone service (POTS)	A wired telecommunications system.
Platform as a Service (PaaS)	Offers the capability to deploy onto the cloud infrastructure customer-created or -acquired applications that are created using programming languages and tools supported by the provider

Term	Definition
Policy	1. Generally, a document that records a high-level principle or course of action that has been decided on The intended purpose is to influence and guide both present and future decision making to be in line with the philosophy, objectives and strategic plans established by the enterprise’s management teams. Scope Note: In addition to policy content, policies need to describe the consequences of failing to comply with the policy, the means for handling exceptions, and the manner in which compliance with the policy will be checked and measured. 2. Overall intention and direction as formally expressed by management Scope Note: COBIT 5 perspective
Port (Port number)	A process or application-specific software element serving as a communication endpoint for the Transport Layer IP protocols (UDP and TCP)
Port scanning	The act of probing a system to identify open ports
Prime number	A natural number greater than 1 that can only be divided by 1 and itself.
Principle of least privilege/access	Controls used to allow the least privilege access needed to complete a task
Privacy	Freedom from unauthorized intrusion or disclosure of information about an individual
Probe	Inspect a network or system to find weak spots
Procedure	A document containing a detailed description of the steps necessary to perform specific operations in conformance with applicable standards. Procedures are defined as part of processes.
Protocol	The rules by which a network operates and controls the flow and priority of transmissions
Proxy server	A server that acts on behalf of a user Scope Note: Typical proxies accept a connection from a user, make a decision as to whether the user or client IP address is permitted to use the proxy, perhaps perform additional authentication, and complete a connection to a remote destination on behalf of the user.

Term	Definition
Public key encryption	A cryptographic system that uses two keys: one is a public key, which is known to everyone, and the second is a private or secret key, which is only known to the recipient of the message See also Asymmetric Key.
Public key infrastructure (PKI)	A series of processes and technologies for the association of cryptographic keys with the entity to whom those keys were issued
Public switched telephone network (PSTN)	A communications system that sets up a dedicated channel (or circuit) between two points for the duration of the transmission.
Reciprocal agreement	Emergency processing agreement between two or more enterprises with similar equipment or applications Scope Note: Typically, participants of a reciprocal agreement promise to provide processing time to each other when an emergency arises.
Recovery	The phase in the incident response plan that ensures that affected systems or services are restored to a condition specified in the service delivery objectives (SDOs) or business continuity plan (BCP)
Recovery action	Execution of a response or task according to a written procedure
Recovery point objective (RPO)	Determined based on the acceptable data loss in case of a disruption of operations It indicates the earliest point in time that is acceptable to recover the data. The RPO effectively quantifies the permissible amount of data loss in case of interruption.
Recovery time objective (RTO)	The amount of time allowed for the recovery of a business function or resource after a disaster occurs
Redundant site	A recovery strategy involving the duplication of key IT components, including data or other key business processes, whereby fast recovery can take place
Registered ports	Registered ports–1024 through 49151: Listed by the IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users
Registration authority (RA)	The individual institution that validates an entity’s proof of identity and ownership of a key pair
Regulation	Rules or laws defined and enforced by an authority to regulate conduct
Regulatory requirements	Rules or laws that regulate conduct and that the enterprise must obey to become compliant

Term	Definition
Remediation	After vulnerabilities are identified and assessed, appropriate remediation can take place to mitigate or eliminate the vulnerability
Remote access service (RAS)	Refers to any combination of hardware and software to enable the remote access to tools or information that typically reside on a network of IT devices Scope Note: Originally coined by Microsoft when referring to their built-in NT remote access tools, RAS was a service provided by Windows NT which allowed most of the services that would be available on a network to be accessed over a modem link. Over the years, many vendors have provided both hardware and software solutions to gain remote access to various types of networked information. In fact, most modern routers include a basic RAS capability that can be enabled for any dial-up interface.
Removable media	Any type of storage device that can be removed from the system while is running
Repeaters	A physical layer device that regenerates and propagates electrical signals between two network segments Scope Note: Repeaters receive signals from one network segment and amplify (regenerate) the signal to compensate for signals (analog or digital) distorted by transmission loss due to reduction of signal strength during transmission (i.e., attenuation)
Replay	The ability to copy a message or stream of messages between two parties and replay (retransmit) them to one or more of the parties
Residual risk	The remaining risk after management has implemented a risk response
Resilience	The ability of a system or network to resist failure or to recover quickly from any disruption, usually with minimal recognizable effect
Return on investment (ROI)	A measure of operating performance and efficiency, computed in its simplest form by dividing net income by the total investment over the period being considered
Return-oriented attacks	An exploit technique in which the attacker uses control of the call stack to indirectly execute cherry-picked machine instructions immediately prior to the return instruction in subroutines within the existing program code
Risk	The combination of the probability of an event and its consequence. (ISO/IEC 73)
Risk acceptance	If the risk is within the enterprise’s risk tolerance or if the cost of otherwise mitigating the risk is higher than the potential loss, the enterprise can assume the risk and absorb any losses

Term	Definition
Risk assessment	A process used to identify and evaluate risk and its potential effects Scope Note: Risk assessments are used to identify those items or areas that present the highest risk, vulnerability or exposure to the enterprise for inclusion in the IS annual audit plan. Risk assessments are also used to manage the project delivery and project benefit risk.
Risk avoidance	The process for systematically avoiding risk, constituting one approach to managing risk
Risk management	1. The coordinated activities to direct and control an enterprise with regard to risk Scope Note: In the International Standard, the term “control” is used as a synonym for “measure.” (ISO/IEC Guide 73:2002) 2. One of the governance objectives. Entails recognizing risk; assessing the impact and likelihood of that risk; and developing strategies, such as avoiding the risk, reducing the negative effect of the risk and/or transferring the risk, to manage it within the context of the enterprise’s risk appetite. Scope Note: COBIT 5 perspective
Risk mitigation	The management of risk through the use of countermeasures and controls
Risk reduction	The implementation of controls or countermeasures to reduce the likelihood or impact of a risk to a level within the organization’s risk tolerance.
Risk tolerance	The acceptable level of variation that management is willing to allow for any particular risk as the enterprise pursues its objectives
Risk transfer	The process of assigning risk to another enterprise, usually through the purchase of an insurance policy or by outsourcing the service
Risk treatment	The process of selection and implementation of measures to modify risk (ISO/IEC Guide 73:2002)
Root cause analysis	A process of diagnosis to establish the origins of events, which can be used for learning from consequences, typically from errors and problems
Rootkit	A software suite designed to aid an intruder in gaining unauthorized administrative access to a computer system

Term	Definition
Router	A networking device that can send (route) data packets from one local area network (LAN) or wide area network (WAN) to another, based on addressing at the network layer (Layer 3) in the open systems interconnection (OSI) model Scope Note: Networks connected by routers can use different or similar networking protocols. Routers usually are capable of filtering packets based on parameters, such as source addresses, destination addresses, protocol and network applications (ports).
RSA	A public key cryptosystem developed by R. Rivest, A. Shamir and L. Adleman used for both encryption and digital signatures Scope Note: The RSA has two different keys, the public encryption key and the secret decryption key. The strength of the RSA depends on the difficulty of the prime number factorization. For applications with high level security, the number of the decryption key bits should be greater than 512 bits.
Safeguard	A practice, procedure or mechanism that reduces risk
Secure Electronic Transaction (SET)	A standard that will ensure that credit card and associated payment order information travels safely and securely between the various involved parties on the Internet.
Secure Multipurpose Internet Mail Extensions (S/MIME)	Provides cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and privacy and data security (using encryption) to provide a consistent way to send and receive MIME data. (RFC 2311)
Secure Shell (SSH)	Network protocol that uses cryptography to secure communication, remote command line login and remote command execution between two networked computers
Secure Sockets Layer (SSL)	A protocol that is used to transmit private documents through the Internet Scope Note: The SSL protocol uses a private key to encrypt the data that are to be transferred through the SSL connection.
Security as a Service (SecaaS)	The next generation of managed security services dedicated to the delivery, over the Internet, of specialized information-security services.
Security metrics	A standard of measurement used in management of security-related activities
Security perimeter	The boundary that defines the area of security concern and security policy coverage

Term	Definition
Segregation/separation of duties (SoD)	A basic internal control that prevents or detects errors and irregularities by assigning to separate individuals the responsibility for initiating and recording transactions and for the custody of assets Scope Note: Segregation/separation of duties is commonly used in large IT organizations so that no single person is in a position to introduce fraudulent or malicious code without detection.
Sensitivity	A measure of the impact that improper disclosure of information may have on an enterprise
Service delivery objective (SDO)	Directly related to the business needs, SDO is the level of services to be reached during the alternate process mode until the normal situation is restored
Service level agreement (SLA)	An agreement, preferably documented, between a service provider and the customer(s)/user(s) that defines minimum performance targets for a service and how they will be measured
Simple Mail Transfer Protocol (SMTP)	The standard electronic mail (e-mail) protocol on the Internet
Single factor authentication (SFA)	Authentication process that requires only the user ID and password to grant access
Smart card	A small electronic device that contains electronic memory, and possibly an embedded integrated circuit Scope Note: Smart cards can be used for a number of purposes including the storage of digital certificates or digital cash, or they can be used as a token to authenticate users.
Sniffing	The process by which data traversing a network are captured or monitored
Social engineering	An attack based on deceiving users or administrators at the target site into revealing confidential or sensitive information
Software as a service (SaaS)	Offers the capability to use the provider’s applications running on cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web based e-mail).
Source routing specification	A transmission technique where the sender of a packet can specify the route that packet should follow through the network
Spam	Computer-generated messages sent as unsolicited advertising
Spear phishing	An attack where social engineering techniques are used to masquerade as a trusted party to obtain important information such as passwords from the victim
Spoofing	Faking the sending address of a transmission in order to gain illegal entry into a secure system

Term	Definition
Spyware	Software whose purpose is to monitor a computer user’s actions (e.g., web sites visited) and report these actions to a third party, without the informed consent of that machine’s owner or legitimate user Scope Note: A particularly malicious form of spyware is software that monitors keystrokes to obtain passwords or otherwise gathers sensitive information such as credit card numbers, which it then transmits to a malicious third party. The term has also come to refer more broadly to software that subverts the computer’s operation for the benefit of a third party.
SQL injection	Results from failure of the application to appropriately validate input. When specially crafted user-controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways not envisaged during application design. (MITRE)
Stateful inspection	A firewall architecture that tracks each connection traversing all interfaces of the firewall and makes sure they are valid.
Statutory requirements	Laws created by government institutions
Supervisory control and data acquisition (SCADA)	Systems used to control and monitor industrial and manufacturing processes, and utility facilities
Switches	Typically associated as a data link layer device, switches enable local area network (LAN) segments to be created and interconnected, which has the added benefit of reducing collision domains in Ethernet-based networks.
Symmetric key encryption	System in which a different key (or set of keys) is used by each pair of trading partners to ensure that no one else can read their messages The same key is used for encryption and decryption. See also Private Key Cryptosystem.
System development life cycle (SDLC)	The phases deployed in the development or acquisition of a software system Scope Note: SDLC is an approach used to plan, design, develop, test and implement an application system or a major modification to an application system. Typical phases of SDLC include the feasibility study, requirements study, requirements definition, detailed design, programming, testing, installation and post implementation review, but not the service delivery or benefits realization activities.
System hardening	A process to eliminate as many security risks as possible by removing all nonessential software programs, protocols, services and utilities from the system

Term	Definition
Tangible asset	Any assets that has physical form
Target	Person or asset selected as the aim of an attack
Telnet	Network protocol used to enable remote access to a server computer Scope Note: Commands typed are run on the remote server.
Threat	Anything (e.g., object, substance, human) that is capable of acting against an asset in a manner that can result in harm Scope Note: A potential cause of an unwanted incident (ISO/IEC 13335)
Threat agent	Methods and things used to exploit a vulnerability Scope Note: Examples include determination, capability, motive and resources.
Threat analysis	An evaluation of the type, scope and nature of events or actions that can result in adverse consequences; identification of the threats that exist against enterprise assets Scope Note: The threat analysis usually defines the level of threat and the likelihood of it materializing.
Threat event	Any event during which a threat element/actor acts against an asset in a manner that has the potential to directly result in harm
Threat vector	The path or route used by the adversary to gain access to the target
Timelines	Chronological graphs where events related to an incident can be mapped to look for relationships in complex cases Scope Note: Timelines can provide simplified visualization for presentation to management and other non technical audiences.
Token	A device that is used to authenticate a user, typically in addition to a username and password Scope Note: A token is usually a device the size of a credit card that displays a pseudo random number that changes every few minutes.
Topology	The physical layout of how computers are linked together Scope Note: Examples of topology include ring, star and bus.

Term	Definition
Total cost of ownership (TCO)	Includes the original cost of the computer plus the cost of: software, hardware and software upgrades, maintenance, technical support, training, and certain activities performed by users
Transmission Control Protocol (TCP)	A connection-based Internet protocol that supports reliable data transfer connections Scope Note: Packet data are verified using checksums and retransmitted if they are missing or corrupted. The application plays no part in validating the transfer.
Transmission Control Protocol/Internet Protocol (TCP/IP)	Provides the basis for the Internet; a set of communication protocols that encompass media access, packet transport, session communication, file transfer, electronic mail (e-mail), terminal emulation, remote file access and network management
Transport Layer Security (TLS)	A protocol that provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. (RFC 2246) Scope Note: Transport Layer Security (TLS) is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. The TLS Record Protocol provides connection security with some encryption method such as the Data Encryption Standard (DES). The TLS Record Protocol can also be used without encryption. The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged.
Triple DES (3DES)	A block cipher created from the Data Encryption Standard (DES) cipher by using it three times
Trojan horse	Purposefully hidden malicious or damaging code within an authorized computer program Scope Note: Unlike viruses, they do not replicate themselves, but they can be just as destructive to a single computer.
Tunnel	The paths that the encapsulated packets follow in an Internet virtual private network (VPN)
Tunnel mode	Used to protect traffic between different networks when traffic must travel through intermediate or untrusted networks. Tunnel mode encapsulates the entire IP packet with and AH or ESP header and an additional IP header.
Two-factor authentication	The use of two independent mechanisms for authentication, (e.g., requiring a smart card and a password) typically the combination of something you know, are or have
Uncertainty	The difficulty of predicting an outcome due to limited knowledge of all components
Uniform resource locator (URL)	The string of characters that form a web address

Term	Definition
User Datagram Protocol (UDP)	A connectionless Internet protocol that is designed for network efficiency and speed at the expense of reliability Scope Note: A data request by the client is served by sending packets without testing to verify whether they actually arrive at the destination, not whether they were corrupted in transit. It is up to the application to determine these factors and request retransmissions.
User interface impersonation	Can be a pop-up ad that impersonates a system dialog, an ad that impersonates a system warning, or an ad that impersonates an application user interface in a mobile device.
User mode	Used for the execution of normal system activities
User provisioning	A process to create, modify, disable and delete user accounts and their profiles across IT infrastructure and business applications
Value	The relative worth or importance of an investment for an enterprise, as perceived by its key stakeholders, expressed as total life cycle benefits net of related costs, adjusted for risk and (in the case of financial value) the time value of money
Vertical defense-in depth	Controls are placed at different system layers – hardware, operating system, application, database or user levels
Virtual local area network (VLAN)	Logical segmentation of a LAN into different broadcast domains Scope Note: A VLAN is set up by configuring ports on a switch, so devices attached to these ports may communicate as if they were attached to the same physical network segment, although the devices are located on different LAN segments. A VLAN is based on logical rather than physical connections.
Virtual private network (VPN)	A secure private network that uses the public telecommunications infrastructure to transmit data Scope Note: In contrast to a much more expensive system of owned or leased lines that can only be used by one company, VPNs are used by enterprises for both extranets and wide areas of intranets. Using encryption and authentication, a VPN encrypts all data that pass between two Internet points, maintaining privacy and security.
Virtual private network (VPN) concentrator	A system used to establish VPN tunnels and handle large numbers of simultaneous connections. This system provides authentication, authorization and accounting services.
Virtualization	The process of adding a “guest application” and data onto a “virtual server,” recognizing that the guest application will ultimately part company from this physical server

Term	Definition
Virus	A program with the ability to reproduce by modifying other programs to include a copy of itself Scope Note: A virus may contain destructive code that can move into multiple programs, data files or devices on a system and spread through multiple systems in a network.
Virus signature file	The file of virus patterns that are compared with existing files to determine whether they are infected with a virus or worm
Voice-over Internet Protocol (VoIP)	Also called IP Telephony, Internet Telephony and Broadband Phone, a technology that makes it possible to have a voice conversation over the Internet or over any dedicated Internet Protocol (IP) network instead of over dedicated voice transmission lines
Volatile data	Data that changes frequently and can be lost when the system’s power is shut down
Vulnerability	A weakness in the design, implementation, operation or internal control of a process that could expose the system to adverse threats from threat events
Vulnerability analysis	A process of identifying and classifying vulnerabilities
Vulnerability scanning	An automated process to proactively identify security weaknesses in a network or individual system
Warm site	Similar to a hot site but not fully equipped with all of the necessary hardware needed for recovery
Web hosting	The business of providing the equipment and services required to host and maintain files for one or more web sites and provide fast Internet connections to those sites Scope Note: Most hosting is “shared,” which means that web sites of multiple companies are on the same server to share/reduce costs.
Web server	Using the client-server model and the World Wide Web’s HyperText Transfer Protocol (HTTP), Web Server is a software program that serves web pages to users.
Well-know ports	Well-known ports–0 through 1023: Controlled and assigned by the Internet Assigned Numbers Authority (IANA), and on most systems can be used only by system (or root) processes or by programs executed by privileged users. The assigned ports use the first portion of the possible port numbers. Initially, these assigned ports were in the range 0-255. Currently, the range for assigned ports managed by the IANA has been expanded to the range 0-1023.
Wide area network (WAN)	A computer network connecting different remote locations that may range from short distances, such as a floor or building, to extremely long transmissions that encompass a large region or several countries

Term	Definition
Wi-Fi protected access (WAP)	A class of systems used to secure wireless (Wi-Fi) computer networks. Scope Note: WPA was created in response to several serious weaknesses that researchers found in the previous system, Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. WPA2 implements the full standard, but will not work with some older network cards. Both provide good security with two significant issues. First, either WPA or WPA2 must be enabled and chosen in preference to WEP; WEP is usually presented as the first security choice in most installation instructions. Second, in the “personal” mode, the most likely choice for homes and small offices, a pass phrase is required that, for full security, must be longer than the typical six to eight character passwords users are taught to employ.
Wi-Fi protected access II (WPA2)	Wireless security protocol that supports 802.11i encryption standards to provide greater security. This protocol uses Advanced Encryption Standards (AES) and Temporal Key Integrity Protocol (TKIP) for stronger encryption.
Wired Equivalent Privacy (WEP)	A scheme that is part of the IEEE 802.11 wireless networking standard to secure IEEE 802.11 wireless networks (also known as Wi-Fi networks) Scope Note: Because a wireless network broadcasts messages using radio, it is particularly susceptible to eavesdropping. WEP was intended to provide comparable confidentiality to a traditional wired network (in particular, it does not protect users of the network from each other), hence the name. Several serious weaknesses were identified by cryptanalysts, and WEP was superseded by Wi-Fi Protected Access (WPA) in 2003, and then by the full IEEE 802.11i standard (also known as WPA2) in 2004. Despite the weaknesses, WEP provides a level of security that can deter casual snooping.
Wireless local area network (WLAN)	Two or more systems networked using a wireless distribution method
Worm	A programmed network attack in which a self-replicating program does not attach itself to programs, but rather spreads independently of users’ action
Write blocker	A devices that allows the acquisition of information on a drive without creating the possibility of accidentally damaging the drive
Write protect	The use of hardware or software to prevent data to be overwritten or deleted
Zero-day-exploit	A vulnerability that is exploited before the software creator/vendor is even aware of it’s existence

SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

National Institute of Standards and Technology
The following conventions have been used in the preparation of the list of acronyms and abbreviations in this report.
– Abbreviations and acronyms generally appear in all capital letters, although there are occasional exceptions—for example, meter (m) and decibels referenced to one milliwatt (dBm).
– Technical terms are not capitalized unless they are proper nouns. Names of people, places, and groups, and the titles of protocols, standards, and algorithms are considered proper nouns. For example, certification and accreditation (C&A) is not capitalized, but Advanced Encryption Standard
(AES) is capitalized.
– Collective nouns are not capitalized (e.g., wide area network [WAN]).
– When two or more definitions of the same acronym or abbreviation are given, the acronym or abbreviation is italicized and repeated for each definition.

Definitions are listed alphabetically

Numeric

1xRTT
3DES
3G
3GPP
3GPP2

one times radio transmission technology
Triple Data Encryption Standard
3rd Generation
3rd Generation Partnership Project
3rd Generation Partnership Project 2

A	address resource record type
AA	ABAC attribute authority
AAA	authentication, authorization, and accounting
AAAK	authentication, authorization, and accounting key
AAD	additional authenticated data
AAR	after action report
AAS	adaptive antenna system
ABAC	attribute-based access control
ACE	access control entry
ACL	access control list
ACM	Association for Computing Machinery
ACO	authenticated cipher offset
AD	Active Directory
AD	authenticated data
ADS	alternate data stream
AES AES-CBC AES-CTR AFH A-GPS AH	Advanced Encryption Standard Advanced Encryption Standard-Cipher Block Chaining Advanced Encryption Standard-Counter Mode adaptive frequency hopping assisted global positioning system Authentication Header
AIDC	automatic identification and data capture
AIM	Association for Automatic Identification and Mobility
AIT	automatic identification technology
AJAX	Asynchronous JavaScript and XML
AK	authorization key
AKID	authorization key identifier
AKM	authentication and key management
ALG	application layer gateway
ANSI	American National Standards Institute
AP	access point
API	application programming interface

2
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

APWG	Anti-Phishing Working Group
ARIN	American Registry for Internet Numbers
ARP	Address Resolution Protocol
ARPA	Advanced Research Projects Agency
AS	authentication server
AS	authentication service
AS	autonomous system
ASC ASC X9 ASCII	Anti-Spyware Coalition Accredited Standards Committee X9 American Standard Code for Information Interchange
ASLR	address space layout randomization
ASN ASN.1 ASP	autonomous system number Abstract Syntax Notation 1 active server pages
ATA	Advanced Technology Attachment
ATIM	Announcement Traffic Indication Message
ATM	asynchronous transfer mode
ATM	automated teller machine
AV	antivirus
AVIEN	Anti-Virus Information Exchange Network
AVP	attribute-value pair

B2B BCP	business-to-business best current practice
BCP	business continuity plan
BGP BGP-4 BIA	Border Gateway Protocol Border Gateway Protocol 4 Bump-in-the-API
BIA	business impact analysis
BioAPI	Biometric Application Programming Interface
BIOS	basic input/output system
BITS	Bump-in-the-Stack
BPML	Business Process Modeling Language
BPSS	Business Process Specification Schema
BRP	business recovery (resumption) plan
BS	base station
BSC	base station controller
BSI	British Standards Institution
BSIA	British Security Industry Association
BSP	best security practice
BSS	basic service set
BSSID	basic service set identifier
BTNS	better-than-nothing-security
BTS	base transceiver station
BU	binding update
BUA	binding update acknowledgement

3
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS
C

C&A CA	certification and accreditation certificate authority
CA	certification agent
CA	certification authority
CAC	common access card
CAIDA	Cooperative Association for Internet Data Analysis
CAPTCHA	Completely Automated Public Turing Test to Tell Computers and Humans Apart
CARO	Computer Antivirus Research Organization
CAVP	Cryptographic Algorithm Validation Program
CBC	Cipher Block Chaining
CBC-MAC	Cipher Block Chaining Message Authentication Code
CBEFF	Common Biometric Exchange File Format
CC	Common Criteria
CCE™ CCEVS	Common Configuration Enumeration Common Criteria Evaluation and Validation Scheme
CCIPS	Computer Crime and Intellectual Property Section
CCK	complementary code keying
CCM	Counter Mode with CBC-MAC
CCMP	Counter Mode with CBC-MAC Protocol
CCRA	Common Criteria Recognition Arrangement
CCSS ccTLD CD	Common Configuration Scoring System country code top-level domain checking disabled
CD	compact disc
CDFS	compact disc file system
CDMA CD-R CD-ROM CD-RW CEO	code division multiple access compact disc-recordable compact disc-read only memory compact disc-rewritable chief executive officer
CERIAS	Center for Education and Research in Information Assurance and Security
CERT CERT®/CC CF	computer emergency response team CERT® Coordination Center CompactFlash®
CFAA	Computer Fraud and Abuse Act
CFB	Cipher Feedback
CFI	computer and financial investigations
CFR	Code of Federal Regulations
CFTT	computer forensics tool testing
CGA	cryptographically generated addresses
CGI	Common Gateway Interface
CHAP	Challenge-Handshake Authentication Protocol
CHUID	cardholder unique identifier
CIDR	Classless Inter-Domain Routing
CIFS	Common Internet File System
CIO	chief information officer
CIP	critical infrastructure protection
CIPC	Critical Infrastructure Protection Committee

4
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

CIPSEA	Confidential Information Protection and Statistical Efficiency Act
CIRC	computer incident response capability
CIRC	computer incident response center
CIRDB	CERIAS Incident Response Database
CIRT	computer incident response team
CIS	Center for Internet Security
CISO	chief information security officer
CLF	common log format
CLI	command line interface
CLR cm CMA	common language runtime centimeter Certificate Management Authority
CMAC	Cipher-based Method Authentication Code
CME	Common Malware Enumeration
CMOS	complementary metal oxide semiconductor
CMS	Centers for Medicare and Medicaid Services
CMS	Cryptographic Message Syntax
CMSS	Common Misuse Scoring System
CMVP	Cryptographic Module Validation Program
CN	common name
CN	correspondent node
CNSS	Committee on National Security Systems
CNSSI	Committee on National Security Systems Instruction
CoA codec COI	care-of address coder/decoder conflict of interest
COM	Component Object Model
COOP	continuity of operations
COPPA CORBA® COTS	Children’s Online Privacy Protection Act Common Object Request Broker Architecture commercial off-the-shelf
CP	certificate policy
CP CPE™ CPI	contingency plan Common Platform Enumeration compression parameter index
CPNI	Centre for the Protection of National Infrastructure
CPS	certification practice statement
CPU	central processing unit
CRAM	challenge-response authentication mechanism
CRC	cyclic redundancy check
CRL	certificate revocation list
CS	client/server
CSIA	Cyber Security Industries Alliance
CSIRC	computer security incident response capability
CSIRT	computer security incident response team
CSO	chief security officer
CSO	computer security object
CSP	Credentials Service Provider
CSR	certificate signing request
CSRC	Computer Security Resource Center
CSRDA	Cyber Security Research and Development Act of 2002

5
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

CSS	cascading style sheet
CSV	comma-separated values
CTO	chief technology officer
CTR	counter mode encryption
CVE	Common Vulnerabilities and Exposures
CVSS	Common Vulnerability Scoring System
CWE	Common Weakness Enumeration

DA	destination address
DAA	designated accrediting authority
DAA	designated approving authority
DAC	discretionary access control
DAD	duplicate address detection
DAML	DARPA Agent Markup Language
D-AMPS	Digital Advanced Mobile Phone Service
DAO	Data Access Object
DARPA dBm DBMS	Defense Advanced Research Projects Agency decibels referenced to one milliwatt database management system
DC	domain controller
DCE	Distributed Computing Environment
DCOM	Distributed Component Object Model
DCS	distributed control system
DDMS	Department of Defense Metadata Specification
DDoS	distributed denial of service
DEA	Data Encryption Algorithm
DEP	Data Execution Prevention
DES	Data Encryption Standard
DFS	Distributed File System
DFS	dynamic frequency selection
DH	Diffie-Hellman
DHAAD	Dynamic Home Agent Address Discovery
DHCP	Dynamic Host Configuration Protocol
DHCPv6	Dynamic Host Configuration Protocol for Internet Protocol v6
DHS	U.S. Department of Homeland Security
DIMS	Digital Identity Management Service
DISA	U.S. Defense Information Systems Agency
DLL	dynamic link library
DMA	direct memory access
DMZ	demilitarized zone
DN	distinguished name
DN	domain name
DNP	Distributed Network Protocol
DNS	domain name system
DNSBL	Domain Name System Blacklist
DNSSEC	Domain Name System Security Extensions
DOC	U.S. Department of Commerce
DoD	U.S. Department of Defense

6
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

DOE	U.S. Department of Energy
DOI	domain of interpretation
DOJ	U.S. Department of Justice
DOM	Document Object Model
DoS	denial of service
DPA	differential power analysis
DRA	data recovery agent
DRM	digital rights management
DRP	disaster recovery plan
DS	Delegation Signer
DS	distribution system
DS Field	differentiated services field
DSA	Digital Signature Algorithm
DSL	digital subscriber line
DSML	Directory Services Markup Language
DSN	delivery status notification
DSOD	dynamic separation of duty
DSS	Digital Signature Standard
DSTM	Dual Stack Transition Mechanism
DTC	Distributed Transaction Coordinator
DTD	Document Type Definition
DTR	derived test requirement
DUID	DHCP unique identifier
DVD DVD-R DVD-ROM DVD-RW	digital video disc digital video disc – recordable digital video disc – read only memory digital video disc – rewritable

EAL	evaluation assurance level
EAP EAP-FAST EAPOL	Extensible Authentication Protocol Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling Extensible Authentication Protocol Over LAN
EAPOL-KCK	Extensible Authentication Protocol Over LAN Key Confirmation Key
EAPOL-KEK EAP-TLS EAP-TTLS EBGP ebXML EC2N ECB	Extensible Authentication Protocol Over LAN Key Encryption Key Extensible Authentication Protocol-Transport Layer Security Extensible Authentication Protocol-Tunneled Transport Layer Security Exterior Border Gateway Protocol Electronic Business using eXtensible Markup Language Elliptic Curve over G[2N] Electronic Codebook (mode)
ECC	Elliptic Curve Cryptography
ECDH	Elliptic Curve Diffie-Hellman
ECDSA	Elliptic Curve Digital Signature Algorithm
ECM	Enterprise Configuration Manager
ECP	Encryption Control Protocol
ECPA	Electronic Communications Privacy Act
EDGE	Enhanced Data rates for GSM Evolution
EDI	electronic data interchange

7
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

EDR	enhanced data rate
EEPROM	electronically erasable programmable read-only memory
EFI	Extensible Firmware Interface
EFS	Encrypting File System
EGP	Exterior Gateway Protocol
EH	extension header
EICAR	European Institute for Computer Antivirus Research
EIGRP	Enhanced Interior Gateway Routing Protocol
EIK email EMS	EAP Integrity Key electronic mail energy management system
EMS	Enhanced Messaging Service
EMSK	Extended Master Session Key
EPAL	Enterprise Privacy Authorization Language
EPC	electronic product code
EPCIS	Electronic Product Code Information Services
EPHI	electronic protected health information
EPS	events per second
ERP	enterprise resource planning
ESMS	enterprise security management system
ESMTP	Extended Simple Mail Transfer Protocol
ESN	electronic serial number
ESP	Encapsulating Security Payload
ESS	Extended Service Set
ETSI	European Telecommunications Standards Institute
EU EUI-64 EV-DO ext2fs	European Union Extended Unique Identifier 64 bit Evolution-Data Optimized Second Extended Filesystem
ext3fs	Third Extended Filesystem

FAQ	frequently asked questions
FAR	Federal Acquisition Regulation
FASC-N	Federal Agency Smart Credential Number
FASP	Federal Agency Security Practices
FAT	file allocation table
FBCA	Federal Bridge Certification Authority
FBI	Federal Bureau of Investigation
FBI CJIS	Federal Bureau of Investigation Criminal Justice Information Services Division
FCC	Federal Communications Commission
FCC ID	Federal Communications Commission Identification number
FCL	final checklist list
FCPF	Federal PKI Common Policy Framework
FCRA	Fair Credit Reporting Act
FCS	frame check sequence
FDA	Food and Drug Administration
FDCC	Federal Desktop Core Configuration
FDCE	Federated Development and Certification Environment

8
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

FDE	full disk encryption
FDIC	Federal Deposit Insurance Corporation
FEA	Federal Enterprise Architecture
FEK	file encryption key
FFMIA	Federal Financial Management Improvement Act
FHSS	frequency hopping spread spectrum
FIB	forwarding information base
FICC	Federal Identity Credentialing Committee
FIPS FIRST™ FISCAM	Federal Information Processing Standards Forum of Incident Response and Security Teams Federal Information System Controls Audit Manual
FISMA	Federal Information Security Management Act of 2002
FISSEA	Federal Information Systems Security Educators’ Association
FLETC	Federal Law Enforcement Training Center
FMR	false match rate
FMS	Fluhrer-Mantin-Shamir
FNMR	false non match rate
FOIA	Freedom of Information Act
FPC	Federal Preparedness Circular
FPKI	Federal Public Key Infrastructure
FPKIA	Federal Public Key Infrastructure Architecture
FPKIPA	Federal Public Key Infrastructure Policy Authority
FQDN	fully qualified domain name
FRR	false rejection rate
FSO	field security office
FTC	Federal Trade Commission
FTCA	Federal Trade Commission Act
FTP	File Transfer Protocol
FUS	Fast User Switching
FY	fiscal year

GAO	U.S. Government Accountability Office
GB	gigabyte
GFAC	generalized framework for access control
GFIRST	Government Forum of Incident Response and Security Teams
GHz	gigahertz
GIG	Global Information Grid
GINA	graphical identification and authentication
GKEK	Group Key Encryption Key
GLB or GLBA	Gramm-Leach-Bliley Act
GMK	Group Master Key
GnuPG	GNU Privacy Guard
GOTS	government off-the-shelf
GPL	general public license
GPMC	Group Policy Management Console
GPO	Group Policy Object
GPRS	general packet radio service
GPS	global positioning system

9
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

GR	graceful restart
GRE	Generic Routing Encapsulation
GRS	General Records Schedule
GS1	Global Standards One
GSA	U.S. General Services Administration
GSM	Global System for Mobile Communications
GTC	Generic Token Card
GTEK	group traffic encryption key
GTK gTLD GTSM	group temporal key generic top-level domain Generalized TTL Security Mechanism
GUI	graphical user interface

HA	high availability
HA	home agent
HAG	high assurance guard
HCI	host controller interface
HERF	hazards of electromagnetic radiation to fuel
HERO	hazards of electromagnetic radiation to ordnance
HERP	hazards of electromagnetic radiation to personnel
HF	high frequency
HFS	Hierarchical File System
HHS	U.S. Department of Health and Human Services
HINFO	host information
HIP	Host Identity Protocol
HIPAA	Health Insurance Portability and Accountability Act
HIPERLAN	high-performance radio local area network
HKLM	HKEY_Local_Machine
HL7	Health Level Seven
HMAC	keyed-hash message authentication code
HMI	human-machine interface
HPA	host protected area
HPFS	High-Performance File System
HR	human resources
HSARPA	Homeland Security Advanced Research Projects Agency
HSPD	Homeland Security Presidential Directive
HTCIA	High Technology Crime Investigation Association
HTCP	Hyper Text Caching Protocol
HTML	Hypertext Markup Language
HTTP	Hypertext Transfer Protocol
HTTPS	Secure Hypertext Transfer Protocol
Hz	hertz

10
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS
I

I&A I/O I3P IA	identification and authentication input/output Institute for Information Infrastructure Protection information assurance
IAB IACIS® IAIP	Internet Architecture Board International Association of Computer Investigative Specialists Information Analysis and Infrastructure Protection
IANA	Internet Assigned Numbers Authority
IAO	information assurance officer
IATF	Information Assurance Technical Framework
IBC	iterated block cipher
IBE iBGP	identity-based encryption Internal Border Gateway Protocol
IBMJSSE	IBM Java Secure Socket Extension
IBSS	independent basic service set
IC3	Internet Crime Complaint Center
ICAMP	Incident Cost Analysis and Modeling Project
ICANN	Internet Corporation for Assigned Names and Numbers
ICCID	Integrated Circuit Card Identification
ICCP	Inter-control Center Communications Protocol
ICF	Internet Connection Firewall
ICMP	Internet Control Message Protocol
ICP	Internet Cache Protocol
ICS	industrial control system
ICS	Internet Connection Sharing
ICSA	International Computer Security Association
ICV	integrity check value
ID IDART™ IDE	identification Information Design Assurance Red Team integrated development environment
IDE	Integrated Drive Electronics
IDEA	International Data Encryption Algorithm
iDEN	Integrated Digital Enhanced Network
ID-FF	Identity Federation Framework
IDMEF	Intrusion Detection Message Exchange Format
IDMS	identity management system
IDPS	intrusion detection and prevention system
IDS ID-SIS	intrusion detection system Identity Service Interface Specifications
ID-WSF	Identity Web Services Framework
ID-WSF DST	Identity Web Services Framework Data Services Template
IE	Internet Explorer
IEC	International Electrotechnical Commission
IED IEEE-SA	intelligent electronic device IEEE Standards Association
IESG	Internet Security Steering Group
IETF	Internet Engineering Task Force
IETF BCP	Internet Engineering Task Force Best Current Practice
IETF RFC	Internet Engineering Task Force Request for Comments

11
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

IGMP	Internet Group Management Protocol
IGP	interior gateway protocol
IID	interface identifier
IIF	information in identifiable form
IIHI	individually identifiable health information
IIS	Internet Information Services
IKE	Internet Key Exchange
IM	instant messaging
IMAP	Internet Message Access Protocol
IMEI	International Mobile Equipment Identity
IMSI	International Mobile Subscriber Identity
INCITS	InterNational Committee for Information Technology Standards
IP	Internet Protocol
IPA	initial privacy assessment
IPComp	Internet Protocol Payload Compression Protocol
IPng	Internet Protocol Next Generation
IPS	intrusion prevention system
IPsec	Internet Protocol Security
IPv4	Internet Protocol version 4
IPv6	Internet Protocol version 6
IPX	Internet Packet Exchange
IR	infrared
IR	interagency report
IRC IrDA® IRQ	Internet Relay Chat Infrared Data Association® interrupt request line
IRS	Internal Revenue Service
IRTF	Internet Research Task Force
IS	information system
ISA	interconnection security agreement
ISA	International Society of Automation
ISAC	information sharing and analysis center
ISAKMP	Internet Security Association and Key Management Protocol
ISAP	Information Security Automation Program
ISAPI	Internet Server Application Programming Interface
ISATAP	Intra-Site Automatic Tunnel Addressing Protocol
ISF	Information Security Forum
ISID IS-IS ISM	Industrial Security Incident Database Intermediate System-to-Intermediate System industrial, scientific, and medical
ISM	information security marking
ISMS	information security management system
ISO	International Organization for Standardization
ISP	Internet service provider
ISSEA	International Systems Security Engineering Association
ISSO	information systems security officer
ISSPM	information systems security program manager
IT	information technology
ITAA	Information Technology Association of America
ITF	Interrogator Talks First
ITL	Information Technology Laboratory

12
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

ITU ITU-T	International Telecommunications Union International Telecommunications Union-Telecommunication Standardization Sector implementation under test
IUT
IV	initialization vector

Java EE	Java Platform, Enterprise Edition
JAXR	Java API for XML Registries
JFFS2	Journaling Flash File System, version 2
JIT	just-in-time
JPEG	Joint Photographic Experts Group
JRE	Java Runtime Environment
JSM	Java Security Manager
JSP	Java Server Pages
JSSE	Java Secure Socket Extension
JTAG	Joint Test Action Group
JTC1	Joint Technical Committee 1 (International Organization for Standardization [ISO]/International Electrotechnical Commission [IEC]) Java Virtual Machine
JVM

KB	kilobyte
Kbps	kilobit per second
KDC	key distribution center
KEK	key encryption key
KG	key generator
KGD kHz KINK	key generation and distribution kilohertz Kerberized Internet Negotiation of Keys
KSG	key stream generator
KSK	key signing key

L2CAP L2F L2TP L2VPN L3VPN LACNIC	Logical Link Control and Adaptation Protocol Layer 2 Forwarding Layer 2 Tunneling Protocol Layer 2 Virtual Private Network Layer 3 Virtual Private Network Latin American and Caribbean IP Addresses Registry
LAN	local area network
LCD	liquid crystal display
LDA	local delivery agent
LDAP	Lightweight Directory Access Protocol
LED	light emitting diode

13
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

LF	low frequency
LFSR	linear feedback shift register
LIR	local Internet registry
LM	LAN Manager
LMP	Link Manager Protocol
LOC	location (DNS record)
LOS	line-of-sight
LRA	Local Registration Authority
LUA	limited user account

m MAC	meter mandatory access control
MAC	media access control (layer)
MAC	Medium Access Control
MAC	message authentication code
MAF	multi-mode authentication framework
MAN	metropolitan area network
MAPS	Mail Abuse Prevention System
MB	megabyte
Mbps	megabits per second
MBR	master boot record
MBSA	Microsoft Baseline Security Analyzer
MD	message digest
ME	mobile equipment
MED	multi-exit discriminator
MEP	message exchange pattern
MES	manufacturing execution system
MHz	megahertz
MIB	management information base
MIC	mandatory integrity control
MIC	message integrity check
MIC	message integrity code
MIKEY	Multimedia Internet KEYing
MIME	Multipurpose Internet Mail Extensions
MIMO	multiple-input, multiple-output
MIN	mobile identification number
Mini SD	mini secure digital
MIP	Mobile Internet Protocol
MitM	man-in-the-middle (attack)
MLD	Multicast Listener Discovery
MMC	Microsoft Management Console
MMC	MultiMediaCard
MMCmobile	MultiMediaCard Mobile
MMS	Multimedia Messaging Service
MN	mobile node
MO	magneto-optical
MOA	memorandum of agreement
MOBIKE	IKEv2 Mobility and Multihoming Protocol

14
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

MODP	modular exponential
MOSS	MIME Object Security Services
MOU	memorandum of understanding
MOVS	Modes of Operation Validation System
MPA	Mobile Prefix Advertisement
MPLS	multiprotocol label switching
MPS	Mobile Prefix Solicitation
MQV	Menezes-Qu-Vanstone
MRI	magnetic resonance imaging
MS	Microsoft
MS	mobile subscriber
MSC MS-CHAP	mobile switching center Microsoft Challenge Handshake Authentication Protocol
MS-DOS	Microsoft Disk Operating System
MSDP	Multicast Source Discovery Protocol
MSEC	multicast security
MSEL	Master Scenario Events List
MSIL	Microsoft Intermediate Language
MSISDN	Mobile Subscriber Integrated Services Digital Network
MSK	master session key
MSKB	Microsoft Knowledge Base
MSSP	managed security services provider
MSWG	Metadata Standards Working Group
MTA	mail transfer agent
MTM	Mobile Trusted Module
MTU	master telemetry unit
MTU	master terminal unit
MTU	maximum transmission unit
MUA mW MX	mail user agent milliwatt mail exchanger

NA	Neighbor Advertisement
NAC	network access control
NACI	National Agency Check and Inquiries
NAP	Network Access Protection
NARA	National Archives and Records Administration
NAS	network access server
NAT NAT-PT NAT-T NBA	network address translation network address translation—protocol translation network address translation traversal network behavior analysis
NBAD	network behavior anomaly detection
NCES	NetCentric Enterprise Services
NCP	National Checklist Program
NCSD	National Cyber Security Division
NCSI	NIST National Center for Standards and Certification Information
ND	Neighbor Discovery

15
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

NDAC	nondiscretionary access control
NetBEUI	NetBIOS Extended User Interface
NetBIOS	Network Basic Input/Output System
NetBT	NetBIOS over TCP/IP
NFAT	network forensic analysis tool
NFC	near field communication
NFS	network file system
NFS	Network File Sharing
NH	next header
NIAC	National Infrastructure Advisory Council
NIAP	National Information Assurance Partnership
NIC	network interface card
NICC	National Infrastructure Coordinating Center
NIJ	National Institute of Justice
NIPC	National Infrastructure Protection Center
NIS	Network Information System
NISAC	National Infrastructure Simulation and Analysis Center
NISCC	National Infrastructure Security Co-ordination Centre
NIST	National Institute of Standards and Technology
NISTIR	National Institute of Standards and Technology Interagency Report
NLOS	non-line-of-sight
NPIVP	NIST Personal Identity Verification Program
NPPI	nonpublic personal information
NS	name server
NS	Neighbor Solicitation
NSA	National Security Agency
NSAPI	Netscape Server Application Programming Interface
NSEC	Next Secure
NSI	national security information
NSRL	National Software Reference Library
NSS	Network Security Services
NSTB	National SCADA Test Bed
NSTISSC	National Security Telecommunications and Information Systems Security Committee National Security Telecommunications and Information Systems Security Instruction
NSTISSI
NTFS	New Technology File System
NTLM	NT LAN Manager
NTP	Network Time Protocol
NTTAA	National Technology Transfer and Advancement Act of 1995
NUD	Neighbor Unreachability Detection
NVD	National Vulnerability Database
NVLAP	National Voluntary Laboratory Accreditation Program
NW3C NX	National White Collar Crime Center no execute

16
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS
O

OASIS™ OCC	Organization for the Advancement of Structured Information Standards Office of the Comptroller of the Currency
OCIO	Office of the Chief Information Officer
OCSP	Online Certificate Status Protocol
ODBC	Open Database Connectivity
OECD	Organisation for Economic Co-operation and Development
OEM	original equipment manufacturer
OFB	output feedback (mode)
OFDM OGSA™	orthogonal frequency-division multiplexing Open Grid Services Architecture
OHA	Open Handset Alliance
OIG	Office of Inspector General
OLE	object linking and embedding
OMB	Office of Management and Budget
ONS	Object Naming Service
OOB	out-of-band
OPC	OLE for Process Control
OpenPGP	An Open Specification for Pretty Good Privacy
OPM	U.S. Office of Personnel Management
ORB	open relay blacklist
OS	operating system
OSHA	Occupational Safety and Health Administration
OSI	Open Systems Interconnection
OSPF	Open Shortest Path First
OSS	open source software
OSSTMM	Open Source Security Testing Methodology Manual
OSVDB	Open Source Vulnerability Database
OTP	one-time password
OU	organizational unit
OVAL	Open Vulnerability and Assessment Language
OWASP OWL-S	Open Web Application Security Project Web Ontology Language for Services

P2P PAC	peer-to-peer Privilege Attribute Certificate
PAC	Protected Access Credential
PAD	peer authorization database
PAM	pluggable authentication module
PAN	personal area network
PAOS	Reverse HTTP Binding for SOAP
PAP	Password Authentication Protocol
PAP	policy access point
PAS	publicly available specification
PBA	pre-boot authentication
PBAC	policy-based access control
PBCC	Packet Binary Convolutional Code

17
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

PBE	pre-boot environment
PBX	private branch exchange
PC	personal computer
PCI	Payment Card Industry
PCI	personal identity verification card issuer
PCI DSS	Payment Card Industry Data Security Standard
PCMCIA	Personal Computer Memory Card International Association
PCN	process control network
PCP	IP Payload Compression Protocol
PCS	process control system
PCSF	Process Control System Forum
PCSRF	Process Control Security Requirements Forum
PDA	personal digital assistant
PDD	Presidential Decision Directive
PDF	Portable Document Format
PDP	policy decision point
PDS	protective distribution systems
PEAP	Protected Extensible Authentication Protocol
PED	portable electronic devices
PEM	Privacy Enhanced Mail
PEP	policy enforcement point
PFS	perfect forward secrecy
PGP	Pretty Good Privacy
PHI	protected health information
PHP	PHP: Hypertext Preprocessor
PHY	Physical (layer)
PIA PICS™ PII	privacy impact assessment Platform for Internet Content Selection personally identifiable information
PIM PIM-SM PIN	personal information management Protocol Independent Multicast—Sparse Mode personal identification number
PIP	policy information point
PIR	Public Interest Registry
PIV	personal identity verification
PKCS	Public Key Cryptography Standard
PKI	public key infrastructure
PKM	privacy key management
PKMv1	Privacy Key Management Protocol version 1
PKMv2	Privacy Key Management Protocol version 2
PL	public law
PLC	programmable logic controller
PMA	Policy Management Authority
PMK	pairwise master key
PMKSA	Pairwise Master Key Security Association
PMP	point-to-multipoint
PMTU	path maximum transmission unit
PN	packet number
PNG POA&M POC	Portable Network Graphics plan of action and milestones point of contact

18
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

POC	proof of concept
PoE	Power over Ethernet
POP	Post Office Protocol
POP3	Post Office Protocol version 3
PP	protection profile
PPP	Point-to-Point Protocol
PPTP	Point-to-Point Tunneling Protocol
PPVPN	provisioner-provided virtual private network
PRA Pre-PAK PRF	Paperwork Reduction Act pre-primary authorization key pseudorandom function
PRNG	pseudorandom number generator
PSK	pre-shared key
PSTN	public switched telephone network
PTA	privacy threshold assessment (or analysis)
PTK	pairwise transient key
PTV	perceived target value
PUB	publication
PUK	PIN unblocking key
PVG	patch and vulnerability group

QoP	quality of protection
QoS	quality of service

R&D R/W RA	research and development read/write receiver address
RA	Registration Authority
RA	remote assistance
RA	Router Advertisement
RAdAC	risk adaptive access control
RADIUS	Remote Authentication Dial In User Service
RAID	redundant array of independent disks
RAM	random access memory
RAT	remote administration tool
RBAC	role-based access control
RC2	Rivest Cipher 2
RC4	Rivest Cipher 4
RCE	route cache entry
RCFL	Regional Computer Forensics Laboratory
RCP	Remote Copy Protocol
RDBMS	relational database management system
RDP	Remote Desktop Protocol
REL	rights expression language
REP	Robots Exclusion Protocol

19
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

REST	Representational State Transfer
RF	radio frequency
RFC	request for comments
RFD	route flap damping
RFID	radio frequency identification
RFP	request for proposal
RIB	routing information base
RIP	Routing Information Protocol
RIPE NCC	Réseaux IP Européens Network Coordination Centre
RIPng	Routing Information Protocol next generation
RIR	regional internet registries
RIS	Remote Installation Services
RMA	reliability, maintainability, and availability
RMON	Remote Monitoring
RNG	random number generator
ROE	rules of engagement
ROM	read-only memory
RP	responsible person (record)
RPC	remote procedure call
RPF	Reverse Path Forwarding
RPO	recovery point objective
RR	resource record
RRSIG	resource record signature
RS	relay station
RS	Router Solicitation
RSA	Rivest-Shamir-Adelman
RSBAC	rule set-based access control
RSN	Robust Security Network
RSNA	Robust Security Network Association
RSNIE	Robust Security Network Information Element
RSO	reduced sign-on
RSS	Really Simple Syndication
RSSI	received signal strength indication
RSVP	Resource ReSerVation Protocol
RTF	Rich Text Format
RTLS	real-time location system
RTO	recovery time objective
RTP	Real-Time Transport Protocol
RTU	remote terminal unit or remote telemetry unit
RuBAC R-UIM	rule-based access control Removable User Identity Module

S/MIME SA	Secure/Multipurpose Internet Mail Extensions security association
SA	source address
SACL	system access control list
SAD	security association database
SAFER	Secure And Fast Encryption Routine

20
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

SAID	security association identifier
SAISO	senior agency information security officer
SAM	Security Account Manager
SAM	software asset management
SAMATE SAML™ SAN S-BGP SC	Software Assurance Metrics and Tool Evaluation Security Assertion Markup Language™ storage area network Secure Border Gateway Protocol subcommittee
SCADA	supervisory control and data acquisition
SCAP	Security Content Automation Protocol
SCP	Secure Copy Protocol
SCSI	Small Computer System Interface
SCTP	Stream Control Transmission Protocol
SD	Secure Digital
SDIO	Secure Digital Input Output
SDK	software development kit
SDLC	System Development Life Cycle
SDO	standards development organization
SDP	Session Description Protocol
SDP	Service Discovery Protocol
SEI	Software Engineering Institute
SEM	security event management
SEND	Secure Neighbor Discovery
SEP	secure entry point
SFTP	Secure File Transfer Protocol
SHA SHA-1 shim6 SHS	Secure Hash Algorithm Secure Hash Algorithm 1 Site Multihoming by IPv6 Intermediation Secure Hash Standard
SIA	Security Industry Association
SID	security identifier
SIEM	security information and event management
SIG	special interest group
SIIT	Stateless IP/ICMP Translation Algorithm
SIM	security information management
SIM	subscriber identity module
SIP	Session Initiation Protocol
SIS	safety instrumented system
SKEME	Secure Key Exchange Mechanism
SLA	service level agreement
SMB	Server Message Block
SME S/MIME SMS	subject matter expert Secure/Multipurpose Internet Mail Extensions Short Message Service
SMS	Systems Management Server
SMT	scar, mark and tattoo
SMTP	Simple Mail Transfer Protocol
SNL	Sandia National Laboratories
SNMP	Simple Network Management Protocol
SNTP	Simple Network Time Protocol

21
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

SOA	service-oriented architecture
SOA soBGP SoD	start of authority (resource record) Secure Origin Border Gateway Protocol separation of duties
SOHO	small office/home office
SOP	standard operating procedure
SOR	system of records
SORN	system of records notice
SOX	Sarbanes-Oxley Act of 2002
SP	service pack
SP	special publication
SPD	security policy database
SPI	security parameters index
SPL SPML™ SPP-ICS SQL	Structured Product Labeling Service Provisioning Markup Language™ System Protection Profile for Industrial Control Systems Structured Query Language
SR	service release
SRES	signed response
SRTP	Secure Real-Time Transport Protocol
SS	subscriber station
SSDP SSE-CMM SSH	Simple Service Discovery Protocol Systems Security Engineering-Capability Maturity Model Secure Shell
SSI	Server Side Includes
SSID	service set identifier
SSL	Secure Sockets Layer
SSLF	Specialized Security-Limited Functionality
SSN	social security number
SSO	single sign-on
SSoD	static separation of duty
SSP	secure simple pairing
SSPI	Security Support Provider Interface
ST	security target
STA	station
STIG	security technical implementation guide
STS	security token service
SUID	Set-User-ID
SWSA	Semantic Web Services Initiative Architecture
SZ	security zone

TA	test assertion
TA	transmitter address
TACACS	Terminal Access Controller Access Control System
TAG	technical advisory group
TB	terabyte
TC	technical committee

22
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

TC68	ISO/IEC Technical Committee 68
TCP TCP/IP TDEA	Transmission Control Protocol Transmission Control Protocol/Internet Protocol Triple Data Encryption Algorithm
TDM	time division multiplexing
TDMA	time division multiple access
TEK	traffic encryption key
TERENA	Trans-European Research and Education Networking Association
TFT	thin film transistor
TFTP	Trivial File Transfer Protocol
TGS TIA® TID	ticket-granting service Telecommunications Industry Association tag identifier
TK	temporal key
TKIP	Temporal Key Integrity Protocol
TLD	top-level domain
TLS	Transport Layer Security
TMOVS	Modes of Operation Validation System for the Triple DES Algorithm
TOE	target of evaluation
TOS	trusted operating system
ToS	Type of Service
TPC	transmission power control
TPM	trusted platform module
TR	technical report
TRT	transport relay translator
TS	technical specification
TSA	time stamping authority
TSC	TKIP sequence counter
TSIG	Secret Key Transaction Authentication for DNS
TSIG	Transaction Signature
TSN	transitional security network
TSP TT&E TTF	Time-Stamp Protocol test, training, and exercise tag talks first
TTL	time to live
TTLS	Tunneled Transport Layer Security
TTP	trusted third party
TXT	text (record)

U.S.	United States
U.S.C.	United States Code
UAC	User Account Control
UART	universal asynchronous receiver/transmitter
UBR	Universal Description, Discovery and Integration (UDDI) Business Registry
UCC	Uniform Code Council, Inc.
UCE UDDI™ UDF	unsolicited commercial email Uniform Description, Discovery, and Integration™ Universal Disk Format

23
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

UDP	User Datagram Protocol
UFS	UNIX File System
UHF	ultra high frequency
UI	user interface
UK	United Kingdom
UL	Underwriters’ Laboratories®
ULA	unique local address
ULP UML® UMPC	upper layer protocol Unified Modeling Language™ ultra-mobile personal computer
UMTS	Universal Mobile Telecommunications System
UNII	Unlicensed National Information Infrastructure
UPC	Universal Product Code
UPnP	Universal Plug and Play
UPS	uninterruptable power supply
URI	Uniform Resource Identifier
URL	Uniform Resource Locator
USB	Universal Serial Bus
US-CERT	United States Computer Emergency Readiness Team
USIM	UMTS Subscriber Identity Module or Universal Subscriber Identity Module
UTM	unified threat management
UUID	Universally Unique Identifier
UWB	ultrawideband

VB VB.NET VBA	Visual Basic Visual Basic .NET Visual Basic for Applications
VBScript	Visual Basic Script
VFD	variable frequency drive
VHD	virtual hard drive
VHF	very high frequency
VLAN	virtual local area network
VM	virtual machine
VMS	vulnerability management system
VoIP	Voice over Internet Protocol
VOIPSA	Voice over IP Security Alliance
VPN	virtual private network
VPNC	Virtual Private Network Consortium
VRRP	Virtual Router Redundancy Protocol

W3C® WAN	World Wide Web Consortium wide area network
WAP	wireless access point
WAP	Wireless Application Protocol
WaSP	Web Standards Project

24
SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

WAVE	Wireless Access for Vehicular Environment
WAYF	Where Are You From
WCCP	Web Cache Coordination Protocol
W-CDMA WDS	Wideband Code Division Multiple Access wireless distribution system
WebDAV	Web Distributed Authoring and Versioning
WEP	Wired Equivalent Privacy
WfMC	Workflow Management Coalition
WfMS	workflow management system
WG	working group
WIDPS	wireless intrusion detection and prevention system
WiMAX	Worldwide Interoperability for Microwave Access
WLAN	wireless local area network
WMAN WMM® WORM	wireless metropolitan area network Wi-Fi Multimedia™ write once, read many
WPA WPA2® WPAN	Wi-Fi Protected Access Wi-Fi Protected Access® 2 wireless personal area network
WS	Web services
WSDL	Web Services Description Language
WSH WS-I WS-I WSS4J WS-Security	Windows Script Host Web services interoperability Web Services Interoperability Organization Web Services Security for Java Web Services Security
WSUS	Windows Server Update Services
WVE	Wireless Vulnerabilities and Exploits
WWAN	wireless wide area network
WWW	World Wide Web

XYZ

XACL XACML™ XCBC	XML Access Control Language eXtensible Access Control Markup Language™ XOR Cipher Block Chaining
XCCDF	eXtensible Configuration Checklist Description Format
XHTML	Extensible Hypertext Markup Language
XKMS	XML Key Management Specification
XML	Extensible Markup Language
XOR	exclusive OR
XrML	eXtensible Rights Markup Language
XSD	XML Schema Definition
XSL	Extensible Stylesheet Language
XSLT	Extensible Stylesheet Language Transformation
XSS	cross-site scripting
ZSK	zone signing key

SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

National Institute of Standards and Technology Publications, NIST Computer Security Division Resource Center Web site, http://csrc.nist.gov/
Internet Engineering Task Force (IETF), http://www.ietf.org/
Microsoft Hardware Developer Central, Glossary of Acronyms for PC and Server Technologies,
http://www.microsoft.com/whdc/resources/support/glossary.mspx
Organization for the Advancement of Structured Information Standards (OASIS),
http://www.oasis-open.org/home/index.php

IEEE Originally defined as “Institute of Electrical and Electronics Engineers, Inc.”Definition dropped by the organization
(http://www.ieee.org/web/aboutus/home/index.html).

SOAP Originally defined as “Simple Object Access Protocol.” Definition dropped as of
April 2007 (http://www.w3.org/TR/soap12-part1/#intro)

One thought on “Cybersecurity Fundamentals – System and Network Security Glossary”

Pingback: SOC và VSOC – Nguoidentubinhduong

Thank you so much Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Nguoidentubinhduong

Người Chia Sẻ Tri Thức Cuộc Sống

SYSTEM AND NETWORK SECURITY ACRONYMS AND ABBREVIATIONS

Share this:

Like this:

Related

One thought on “Cybersecurity Fundamentals – System and Network Security Glossary”

Thank you so much Cancel reply