Cyber Glossary - A
Access - The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions. (From: CNSSI 4009) (NICCS)
Access and Identity Management - Synonym(s): identity and access management (NICCS)
Access authority – An entity responsible for monitoring and granting access privileges for other authorized entities. (From: CNSSI-4009) (NICCS)
Access Control - The process of granting or denying specific requests for or attempts to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities. (Related Term(s): access control mechanism), (Adapted from: CNSSI 4009) (NICCS)
Access Control List (ACL) – 1. A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object. 2. A mechanism that implements access control for a system resource by enumerating the system entities that are permitted to access the resource and stating, either implicitly or explicitly, the access modes granted to each entity. (From: CNSSI-4009) (NICCS)
Access Control Mechanism - Security measures designed to detect and deny unauthorized access and permit authorized access to an information system or a physical facility. (Adapted from: CNSSI 4009) (NICCS)
Access Level – A category within a given security classification limiting entry or system connectivity to only authorized persons. (CNSSI-4009) (NICCS)
Access List – Roster of individuals authorized admittance to a controlled area. (From: CNSSI-4009) (NICCS)
Access Point – A device that logically connects wireless client devices operating in infrastructure to one another and provides access to a distribution system, if connected, which is typically an organization’s enterprise wired network. (From: SP 800-48; SP 800-121) (NICSS 7298 Revision 2)
Access Profile – Association of a user with a list of protected objects the user may access. (From: CNSSI-4009) (NICCS 7298 Revision 2)
Access Type – Privilege to perform action on an object. Read, write, execute, append, modify, delete, and create are examples of access types. See Write. (From: CNSSI-4009) (NISTIR)
Accounting Legend Code (ALC) – Numeric code used to indicate the minimum accounting controls required for items of accountable communications security (COMSEC) material within the COMSEC Material Control System. SOURCE: CNSSI-4009 (NICCS)
Accounting Number – Number assigned to an item of COMSEC material to facilitate its control. (From: CNSSI-4009) (NICCS)
Accreditation Package – Product comprised of a System Security Plan (SSP) and a report documenting the basis for the accreditation decision. (CNSSI-4009) (NISTIR)
Accrediting Authority – Synonymous with Designated Accrediting Authority (DAA). See also Authorizing Official. (CNSSI-4009) (NISTIR)
Action Fraud – the UK’s national fraud and internet crime reporting centre, providing a central point of contact for the public and businesses. (UK 2016)
Activation Data – Private data, other than keys, that are required to access cryptographic modules. (SP 800-32) (NICCS)
Active Attack - An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources, its data, or its operations. (Related Term(s): passive attack) (Adapted from: IETF RFC 4949, NIST SP 800-63 Rev 1) (NICCS)
An attack that alters a system or data. An attack on the authentication protocol where the Attacker transmits data to the Claimant, Credential Service Provider, Verifier, or Relying Party. Examples of active attacks include man-in-the-middle, impersonation, and session hijacking. (CNSSI-4009) (NICCS)
Active Content – Electronic documents that can carry out or trigger actions automatically on a computer platform without the intervention of a user. Software in various forms that is able to automatically carry out or trigger actions on a computer platform without the intervention of a user. (SP 800-28) (NICCS)
Active Cyber Defence (ACD) – the principle of implementing security measures to strengthen the security of a network or system to make it more robust against attack. (UK 2016)
Active Security Testing – Security testing that involves direct interaction with a target, such as sending packets to a target. (SP 800-115) (NICCS)
Activities – An assessment object that includes specific protection-related pursuits or actions supporting an information system that involve people (e.g., conducting system backup operations, monitoring network traffic). (SP 800-53A) (NICCS)
Ad Hoc Network – A wireless network that dynamically connects wireless client devices to each other without the use of an infrastructure device, such as an access point or a base station. (SP 800-121) (NICCS)
Add-on Security – Incorporation of new hardware, software, or firmware safeguards in an operational information system. (CNSSI-4009) (NICCS)
Adequate Security – Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information. (SP 800-53; FIPS 200) (NICCS)
Note: This includes assuring that information systems operate effectively and provide appropriate confidentiality, integrity, and availability, through the use of cost-effective management, personnel, operational, and technical controls. (CNSSI-4009; SP 800-37) (NICCS)
Administrative Account – A user account with full privileges on a computer. (SP 800-69) (NICCS)
Administrative Safeguards – Administrative actions, policies, and procedures to manage the selection, development, implementation, and maintenance of security measures to protect electronic health information and to manage the conduct of the covered entity's workforce in relation to protecting that information. (SP 800-66) (NICCS)
Advanced Encryption Standard – (AES) The Advanced Encryption Standard specifies a U.S. government approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. This standard specifies the Rijndael algorithm, a symmetric block cipher that can process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits. (FIPS; CNSSI-4009) (NICCS)
Advanced Key Processor (AKP) – A cryptographic device that performs all cryptographic functions for a management client node and contains the interfaces to 1) exchange information with a client platform, 2) interact with fill devices, and 3) connect a client platform securely to the primary services node. (PRSN). SOURCE: CNSSI-4009) (NICCS)
Advanced Persistent Threat – An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception). (From: NIST SP 800-53 Rev 4) (NCCS)
Adversary – An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. Related Term(s): threat agent, attacker. (From: DHS Risk Lexicon) (NICCS)
Agency Certification Authority – (CA) A CA that acts on behalf of an agency and is under the operational control of an agency. (SP 800-32) (NICCS)
Agent – A program acting on behalf of a person or organization. (SP 800-95) (NICCS)
Air gap – To physically separate or isolate a system from other systems or networks (verb). Extended Definition: The physical separation or isolation of a system from other systems or networks (noun). (NICCS)
Air Tasking Order. A method used to task and disseminate to components, subordinate units, and command and control agencies projected sorties, capabilities and/or forces to targets and specific missions. Normally provides specific instructions to include call signs, targets, controlling agencies, etc., as well as general instructions. Also called ATO. (JP 1-02) (Jt Pub 3-13)
Alert – A notification that a specific attack has been detected or directed at an organization’s information systems. (Adapted from: CNSSI 4009) (NICCS)
Allocation – The process an organization employs to determine whether security controls are defined as system-specific, hybrid, or common. The process an organization employs to assign security controls to specific information system components responsible for providing a particular security capability (e.g., router, server, remote sensor). (SP 800-37) (NICCS)
Alternate Work Site – Governmentwide, national program allowing federal employees to work at home or at geographically convenient satellite offices for part of the work week (e.g., telecommuting). (CNSSI-4009) (NICCS)
Alternate COMSEC Custodian – Individual designated by proper authority to perform the duties of the COMSEC custodian during the temporary absence of the COMSEC custodian. (CNSSI-4009) (NICCS)
Alternate Work Site – Governmentwide, national program allowing federal employees to work at home or at geographically convenient satellite offices for part of the work week (e.g., telecommuting). (CNSSI-4009) (NICCS)
All Source Intelligence – In the NICE Workforce Framework, cybersecurity work where a person: Analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Synthesizes and places intelligence information in context; draws insights about the possible implications. (From: NICE Workforce Framework) (NICCS)
Analyze – A NICE Workforce Framework category consisting of specialty areas responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence. (From: NICE Workforce Framework) (NICCS)
Analysis – The examination of acquired data for its significance and probative value to the case. (SP 800-72) (NICCS)
Antispyware software – A program that specializes in detecting and blocking or removing forms of spyware. Related Term(s): spyware. (Adapted from: NCSD Glossary) (NICCS)
Antivirus Software – A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents. (SP 800-83) (NICCS)
Anomaly-Based Detection – The process of comparing definitions of what activity is considered normal against observed events to identify significant deviations. (SP 800-94) (NICCS)
Anonymisation – the use of cryptographic anonymity tools to hide or mask one’s identity on the Internet. (UK 2016)
Anti-jam – Countermeasures ensuring that transmitted information can be received despite deliberate jamming attempts. (CNSSI-4009) (NISTIR)
Anti-spoof – Countermeasures taken to prevent the unauthorized use of legitimate Identification & Authentication (I&A) data, however it was obtained, to mimic a subject different from the attacker. (CNSSI-4009) (NISTIR)
Antispyware Software – A program that specializes in detecting both malware and antimalware forms of spyware. (SP 800-69) (NISTIR)
Antivirus Software – A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents. (SP 800-83) (NISTIR)
Applicant – The subscriber is sometimes called an “applicant” after applying to a certification authority for a certificate, but before the certificate issuance procedure is completed. (SP 800-32) (NISTIR)
Application – A software program hosted by an information system. SOURCE: SP 800-37 Software program that performs a specific function directly for a user and can be executed without access to system control, monitoring, or administrative privileges. (CNSSI-4009) (NISTIR)
Approval to Operate (ATO) – The official management decision issued by a DAA or PAA to authorize operation of an information system and to explicitly accept the residual risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals. (CNSSI-4009) (NISTIR)
Approved – Federal Information Processing Standard (FIPS)-approved or National Institute of Standards and Technology (NIST)- recommended. An algorithm or technique that is either 1) specified in a FIPS or NIST Recommendation, or 2) adopted in a FIPS or NIST Recommendation. (FIPS 201) (NISTIR)
Approved – FIPS-approved and/or NIST-recommended. SOURCE: FIPS 140-2 FIPS-approved and/or NIST-recommended. An algorithm or technique that is either 1) specified in a FIPS or NIST Recommendation, 2) adopted in a FIPS or NIST Recommendation, or 3) specified in a list of NIST-approved security functions. SOURCE: FIPS 186
Approved Mode of Operation – A mode of the cryptographic module that employs only Approved security functions (not to be confused with a specific mode of an Approved security function, e.g., Data Encryption Standard CipherBlock Chaining (DES CBC) mode). SOURCE: FIPS 140-2
Approved Security Function – A security function (e.g., cryptographic algorithm, cryptographic key management technique, or authentication technique) that is either a) specified in an Approved Standard; b) adopted in an Approved Standard and specified either in an appendix of the Approved Standard or in a document referenced by the Approved Standard; or c) specified in the list of Approved security functions. (FIPS 140-2) (NISTIR)
Artificial Intelligence (AI) - The theory, development, and simulation of computer systems able to perform tasks normally requiring human intelligence. SOURCE: Cyberspace Solarium Commission Final Report, 2020
Assessment – See Security Control Assessment.
Assessment Findings – Assessment results produced by the application of an assessment procedure to a security control or control enhancement to achieve an assessment objective; the execution of a determination statement within an assessment procedure by an assessor that results in either a satisfied or other than satisfied condition. (SP 800-53A) (NISTIR)
Assessment Method – One of three types of actions (i.e., examine, interview, test) taken by assessors in obtaining evidence during an assessment. (SP 800-53A) (NISTIR)
Assessment Object – The item (i.e., specifications, mechanisms, activities, individuals) upon which an assessment method is applied during an assessment. (SP 800-53A) (NISTIR)
Assessment Objective – A set of determination statements that expresses the desired outcome for the assessment of a security control or control enhancement. (SP 800-53A) (NISTIR)
Assessment Procedure – A set of assessment objectives and an associated set of assessment methods and assessment objects. (SP 800-53A) (NISTIR)
Assessor – See Security Control Assessor.
Asset – A major application, general support system, high impact program, physical plant, mission critical system, personnel, equipment, or a logically related group of systems. (CNSSI-4009) (NISTIR)
A person, structure, facility, information, and records, information technology systems and resources, material, process, relationships, or reputation that has value. (Adapted from: DHS Risk Lexicon) (NICCS)
Extended Definition: Anything useful that contributes to the success of something, such as an organizational mission; assets are things of value or properties to which value can be assigned. (Adapted from: DHS Risk Lexicon) (NICCS)
Asset Identification – Security Content Automation Protocol (SCAP) constructs to uniquely identify assets (components) based on known identifiers and/or known information about the assets. (SP 800-128) (NISTIR)
Asset Reporting Format (ARF) – SCAP data model for expressing the transport format of information about assets (components) and the relationships between assets and reports. (SP 800-128) (NISTIR)
Assurance – Grounds for confidence that the other four security goals (integrity, availability, confidentiality, and accountability) have been adequately met by a specific implementation. “Adequately met” includes (1) functionality that performs correctly, (2) sufficient protection against unintentional errors (by users or software), and (3) sufficient resistance to intentional penetration or by-pass. (SP 800-27) (NISTIR)
The grounds for confidence that the set of intended security controls in an information system are effective in their application. (SP 800-37; SP 800-53A) (NISTIR)
Measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy. (CNSSI-4009; SP 800-39) (NISTIR)
In the context of OMB M-04-04 and this document, assurance is defined as 1) the degree of confidence in the vetting process used to establish the identity of an individual to whom the credential was issued, and 2) the degree of confidence that the individual who uses the credential is the individual to whom the credential was issued. (SP 800-63) (NISTIR)
Assurance Case – A structured set of arguments and a body of evidence showing that an information system satisfies specific claims with respect to a given quality attribute. (SP 800-53A; SP 800-39) (NISTIR)
Assured Information Sharing – The ability to confidently share information with those who need it, when and where they need it, as determined by operational need and an acceptable level of security risk. (CNSSI-4009) (NISTIR)
Assured Software – Computer application that has been designed, developed, analyzed, and tested using processes, tools, and techniques that establish a level of confidence in it. (CNSSI-4009) (NISTIR)
Asymmetric Cryptography – See Public Key Cryptography. (CNSSI-4009) (NISTIR)
Asymmetric Keys – Two related keys, a public key and a private key that are used to perform complementary operations, such as encryption and decryption or signature generation and signature verification. (FIPS 201) (NISTIR)
Attack – An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. (SP 800-32) (NISTIR)
Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. (CNSSI-4009) (NISTIR)
Extended Definition: The intentional act of attempting to bypass one or more security services or controls of an information system. (From: NCSD Glossary. NTSSI 4009 (2000), CNSSI 4009) (NICCS)
Related Term(s): active attack, passive attack. (From: NCSD Glossary. NTSSI 4009 (2000), CNSSI 4009) (NICCS)
Attack method – The manner or technique and means an adversary may use in an assault on information or an information system. (Adapted from: DHS Risk Lexicon, NCSD Glossary) (NICCS)
Attack mode – Synonym(s): attack method. (NICCS)
Attack path – The steps that an adversary takes or may take to plan, prepare for, and execute an attack. (Adapted from: DHS Risk Lexicon, NCSD Glossary) (NICCS)
Attack pattern – Similar cyber events or behaviors that may indicate an attack has occurred or is occurring, resulting in a security violation or a potential security violation.
Extended Definition: For software, descriptions of common methods for exploiting software systems.
Related Term(s): attack signature
(Adapted from: Oak Ridge National Laboratory Visualization Techniques for Computer Network Defense, MITRE's CAPEC website) (NICCS)
Attack Sensing and Warning (AS&W) – Detection, correlation, identification, and characterization of intentional unauthorized activity with notification to decision makers so that an appropriate response can be developed. (CNSSI-4009) (NISTIR)
Attack Signature – A specific sequence of events indicative of an unauthorized access attempt. (SP 800-12) (NISTIR)
A characteristic byte pattern used in malicious code or an indicator, or set of indicators, that allows the identification of malicious network activities. (CNSSI-4009) (NISTIR)
Extended Definition: An automated set of rules for identifying a potential threat (such as an exploit or the presence of an attacker tool) and possible responses to that threat. (Adapted from: NCSD Glossary, CNSSI 4009, ISSG V1.2 Database) (NICCS)
Attack surface – The set of ways in which an adversary can enter a system and potentially cause damage.
Extended Definition: An information system's characteristics that permit an adversary to probe, attack, or maintain presence in the information system. (Adapted from: Manadhata, P.K., & Wing, J.M. in Attack Surface Measurement; DHS personnel) (NICCS)
Attack Vector - Mechanism or method used by an attacker to gain access to a target’s computer system and/or deliver an effect. SOURCE: Cyberspace Solarium Commission Final Report, 2020
Attacker – An individual, group, organization, or government that executes an attack.
Extended Definition: A party acting with malicious intent to compromise an information system.
Related Term(s): adversary, threat agent (Adapted from: Barnum & Sethi (2006), NIST SP 800-63 Rev 1) (NICCS)
Attribute Authority – An entity, recognized by the Federal Public Key Infrastructure (PKI) Policy Authority or comparable agency body as having the authority to verify the association of attributes to an identity. (SP 800-32) (NISTIR)
Attribute-Based Access Control – Access control based on attributes associated with and about subjects, objects, targets, initiators, resources, or the environment. An access control rule set defines the combination of attributes under which an access may take place. (SP 800-53; CNSSI-4009) (NISTIR)
Attribute-Based Authorization – A structured process that determines when a user is authorized to access information, systems, or services based on attributes of the user and of the information, system, or service. (CNSSI-4009) (NISTIR)
Attribution - Identification of technical evidence of a cyber event and/or the assignment of responsibility for a cyber event. The technical source may be different from the responsible actor. SOURCE: Cyberspace Solarium Commission Final Report, 2020
Audit – Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures, and to recommend necessary changes in controls, policies, or procedures. (SP 800-32) (NISTIR)
Independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures. (CNSSI-4009) (NISTIR)
Audit Data – Chronological record of system activities to enable the reconstruction and examination of the sequence of events and changes in an event. (SP 800-32) (NISTIR)
Audit Log – A chronological record of system activities. Includes records of system accesses and operations performed in a given period. (CNSSI-4009) (NISTIR)
Audit Reduction Tools – Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little security significance. These tools generally remove records generated by specified classes of events, such as records generated by nightly backups. (SP 800-12; CNSSI-4009 (NISTIR)
Audit Review – The assessment of an information system to evaluate the adequacy of implemented security controls, assure that they are functioning properly, identify vulnerabilities, and assist in implementation of new security controls where required. This assessment is conducted annually or whenever significant change has occurred and may lead to recertification of the information system. (CNSSI-4009) (NISTIR)
Audit Trail – A record showing who has accessed an Information Technology (IT) system and what operations the user has performed during a given period. (SP 800-47) (NISTIR)
A chronological record that reconstructs and examines the sequence of activities surrounding or leading to a specific operation, procedure, or event in a security relevant transaction from inception to final result. (CNSSI-4009) (NISTIR)
Authenticate – To confirm the identity of an entity when that identity is presented. (SP 800-32) (NISTIR)
Authentication – Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. (SP 800-53; SP 800-53A; SP 800-27; FIPS 200; SP 800-30) (NISTIR)
The process of establishing confidence of authenticity. (FIPS 201) (NISTIR)
Encompasses identity verification, message origin authentication, and message content authentication. (FIPS 190) (NISTIR)
A process that establishes the origin of information or determines an entity’s identity. (SP 800-21) (NISTIR)
The process of verifying the identity or other attributes claimed by or assumed of an entity (user, process, or device), or to verify the source and integrity of data. SOURCE: CNSSI-4009 (NISTIR)
The process of establishing confidence in the identity of users or information systems. (SP 800-63) (NISTIR)
Authentication Code – A cryptographic checksum based on an Approved security function (also known as a Message Authentication Code [MAC]). (FIPS 140-2) (NISTIR)
Authentication Mechanism – Hardware or software-based mechanisms that forces users, devices, or processes to prove their identity before accessing data on an information system. (CNSSI-4009) (NISTIR)
Authentication Mode – A block cipher mode of operation that can provide assurance of the authenticity and, therefore, the integrity of data. (SP 800-38B) (NISTIR)
Authentication Period – The maximum acceptable period between any initial authentication process and subsequent reauthentication processes during a single terminal session or during the period data is being accessed. (CNSSI-4009) (NISTIR)
Authentication Protocol – A defined sequence of messages between a Claimant and a Verifier that demonstrates that the Claimant has possession and control of a valid token to establish his/her identity, and optionally, demonstrates to the Claimant that he or she is communicating with the intended Verifier. (SP 800-63) (NISTIR)
A well-specified message exchange process between a claimant and a verifier that enables the verifier to confirm the claimant’s identity. (CNSSI-4009) (NISTIR)
Authentication Tag – A pair of bit strings associated to data to provide assurance of its authenticity. (SP 800-38B) (NISTIR)
Authentication Token – Authentication information conveyed during an authentication exchange. (FIPS 196) (NISTIR)
Authenticator – The means used to confirm the identity of a user, process, or device (e.g., user password or token). (SP 800-53; CNSSI-4009) (NISTIR)
Authenticity – The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. See Authentication. (SP 800-53; SP 800-53A; CNSSI-4009; SP 800-39) (NISTIR)
Authority – Person(s) or established bodies with rights and responsibilities to exert control in an administrative sphere. (CNSSI-4009) (NISTIR)
Authorization – A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. (NICCS)
Extended Definition: The process or act of granting access privileges or the access privileges as granted.
Authorization (to operate) – The official management decision given by a senior organizational official to authorize operation of an information system and to explicitly accept the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation based on the implementation of an agreed-upon set of security controls. (SP 800-53; SP 800-53A; CNSSI-4009; SP 800-37) (NISTIR)
Authorization Boundary – All components of an information system to be authorized for operation by an authorizing official and excludes separately authorized systems, to which the information system is connected. (CNSSI-4009; SP 800-53; SP 800-53A; SP 800-37) (NISTIR)
Authorize Processing – See Authorization (to operate).
Authorized Vendor – Manufacturer of information assurance equipment authorized to produce quantities in excess of contractual requirements for direct sale to eligible buyers. Eligible buyers are typically U.S. government organizations or U.S. government contractors. (CNSSI-4009) (NISTIR)
Authorized Vendor Program(AVP) – Program in which a vendor, producing an information systems security (INFOSEC) product under contract to NSA, is authorized to produce that product in numbers exceeding the contracted requirements for direct marketing and sale to eligible buyers. Eligible buyers are typically U.S. government organizations or U.S. government contractors. Products approved for marketing and sale through the AVP are placed on the Endorsed Cryptographic Products List (ECPL). (CNSSI-4009) (NISTIR)
Authorizing Official – Official with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals. Synonymous with Accreditation Authority. (FIPS 200) (NISTIR)
Authorizing Official Designated Representative – An organizational official acting on behalf of an authorizing official in carrying out and coordinating the required activities associated with security authorization. (CNSSI-4009; SP 800-37; SP 800-53A) (NISTIR)
Automated Key Transport – The transport of cryptographic keys, usually in encrypted form, using electronic means such as a computer network (e.g., key transport/agreement protocols). (FIPS 140-2) (NISTIR)
Automated Password Generator – An algorithm which creates random passwords that have no association with a particular user. (FIPS 181) (NISTIR)
Automated Security Monitoring – Use of automated procedures to ensure security controls are not circumvented or the use of these tools to track actions taken by subjects suspected of misusing the information system. (CNSSI-4009) (NISTIR)
Automated system verification – measures to ensure that software and hardware are working as expected, and without errors. (UK 2016)
Automatic Remote Rekeying – Procedure to rekey a distant crypto-equipment electronically without specific actions by the receiving terminal operator. See Manual Remote Rekeying. (CNSSI-4009) (NISTIR)
Autonomous System – One or more routers under a single administration operating the same routing policy. (SP 800-54) (NISTIR)
A collection of IP networks for which the routing is under the control of a speci c entity or domain. (UK 2016)
Availability – Ensuring timely and reliable access to and use of information. SOURCE: SP 800-53, (etc.)
The property of being accessible and useable upon demand by an authorized entity. SOURCE: CNSSI-4009
Extended Definition: In cybersecurity, applies to assets such as information or information systems. (Adapted from: CNSSI 4009), (NICCS)
Related Term(s): confidentiality, integrity
Awareness (Information Security) – Activities which seek to focus an individual’s attention on an (information security) issue or set of issues. (SP 800-50) (NISTIR)
Authenticate – Related Term(s): authentication. (NICCS)
authentication – The process of verifying the identity or other attributes of an entity (user, process, or device).
Extended Definition: Also the process of verifying the source and integrity of data. (Adapted from: CNSSI 4009, NIST SP 800-21, NISTIR 7298) (NICCS)