Cyber Glossary - H

Hacker - An unauthorized user who attempts to or gains access to an information system. (From: CNSSI 4009) (NICCS)

---

Hadoop - open-source software framework for distributed storage and processing of very large data sets on computer clusters built from commodity hardware

---

Handshaking Procedures – Dialogue between two information systems for synchronizing, identifying, and authenticating themselves to one another. (CNSSI-4009) (NISTIR)

---

Hard Copy Key – Physical keying material, such as printed key lists, punched or printed key tapes, or programmable, read-only memories (PROM). (CNSSI-4009) (NISTIR)

---

Hardening – Configuring a host’s operating systems and applications to reduce the host’s security weaknesses. (SP 800-123) (NISTIR)

---

Hardware – The physical components of an information system. See also Software and Firmware. (CNSSI-4009) (NISTIR)

---

Hardwired Key – Permanently installed key. (CNSSI-4009) (NISTIR)

---

Hash-Based Message Authentication Code (HMAC) – Hash-based Message Authentication Code – (HMAC) A message authentication code that uses a cryptographic key in conjunction with a hash function. (FIPS 201; CNSSI-4009) (NISTIR)

---

Hash Function – A function that maps a bit string of arbitrary length to a fixed length bit string. Approved hash functions satisfy the following properties:

1) One-Way. It is computationally infeasible to find any input that maps to any prespecified output.

2) Collision Resistant. It is computationally infeasible to find any two distinct inputs that map to the same output. (SP 800-63; FIPS 201) (NISTIR)

---

Hashing - A process of applying a mathematical algorithm against a set of data to produce a numeric value (a 'hash value') that represents the data. (Adapted from: CNSSI 4009, FIPS 201-2) (NICCS)

Extended Definition: Mapping a bit string of arbitrary length to a fixed length bit string to produce the hash value.

Related Term(s): hash value

---

Hash Total – Value computed on data to detect error or manipulation. See Checksum. (CNSSI-4009) (NISTIR)

---

Hash Value - A numeric value resulting from applying a mathematical algorithm against a set of data such as a file. (Adapted from: CNSSI 4009) (NICCS)

The result of applying a cryptographic hash function to data (e.g., a message). (SP 800-106) (NISTIR)

Synonym(s): cryptographic hash value

Related Term(s): hashing

---

Hash Value/Result – See Message Digest. (FIPS 186; CNSSI-4009) (NISTIR)

---

Hashword – Memory address containing hash total. (CNSSI-4009) (NISTIR)

---

Hazard - Definition: A natural or man-made source or cause of harm or difficulty.

Related Term(s): threat (From: DHS Risk Lexicon) (NICCS)

---

Health Information Exchange – (HIE) A health information organization that brings together healthcare stakeholders within a defined geographic area and governs health information exchange among them for the purpose of improving health and care in that community. (NISTIR-7497) (NISTIR)

---

High Assurance Guard (HAG) – An enclave boundary protection device that controls access between a local area network that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance. (SP 800-32) (NISTIR)

A guard that has two basic functional capabilities: a Message Guard and a Directory Guard. The Message Guard provides filter service for message traffic traversing the Guard between adjacent security domains. The Directory Guard provides filter for directory access and updates traversing the Guard between adjacent security domains. (CNSSI-4009) (NISTIR)

---

High Availability – A failover feature to ensure availability during device or component interruptions. (SP 800-113) (NISTIR)

---

High Impact – The loss of confidentiality, integrity, or availability that could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, individuals, other organizations, or the national security interests of the United States; (i.e.,

1) causes a severe degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced;

2) results in major damage to organizational assets;

3) results in major financial loss; or

4) results in severe or catastrophic harm to individuals involving loss of life or serious life-threatening injuries). (FIPS 199; CNSSI-4009) (NISTIR)

---

High-Impact System – An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a FIPS 199 potential impact value of high. (SP 800-37; SP 800-53; SP 800-60; FIPS 200) (NISTIR)

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of high. (CNSSI-4009) (NISTIR)

---

Honeypots/Honeynets – A system (e.g., a Web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders and has no authorized users other than its administrators. (CNSSI-4009) (NISTIR)

---

Horizon scanning – a systematic examination of information to identify potential threats, risks, emerging issues and opportunities allowing for better preparedness and the incorporation of mitigation and exploitation into the policy-making process. (UK 2016)

---

Hot Site – A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption. (SP 800-34) (NISTIR)

Backup site that includes phone systems with the phone lines already connected. Networks will also be in place, with any necessary routers and switches plugged in and turned on. Desks will have desktop PCs installed and waiting, and server areas will be replete with the necessary hardware to support business-critical functions. Within a few hours, a hot site can become a fully functioning element of an organization. (CNSSI-4009) (NISTIR)

---

Hot Wash – A debrief conducted immediately after an exercise or test with the staff and participants. (SP 800-84) (NISTIR)

---

Human Factors – In information operations, the psychological, cultural, behavioral, and other human attributes that influence decision making, the flow of information, and the interpretation of information by individuals or groups at any level in a state or organization. (Approved for inclusion in the next edition of JP 1-02) (Jt Pub 3-13)

---

Hunt and Incident Response Team - A set of teams within the Cybersecurity and Infrastructure Security Agency that provides onsite incident response, free of charge, to organizations that require immediate investigation and resolution of cyberattacks. SOURCE: Cyberspace Solarium Commission Final Report, 2020

---

Hunt Forward - U.S. efforts with allies and partners to conduct threat hunting and pursue adversaries on allied and partner networks. SOURCE: Cyberspace Solarium Commission Final Report, 2020

---

Hybrid Security Control – A security control that is implemented in an information system in part as a common control and in part as a system-specific control. See also Common Control and System-Specific Security Control. (SP 800-37; SP 800-53; SP 800-53A; CNSSI-4009) (NISTIR)