NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
NISTIR 7298 Revision 1, Glossary of Key Information Security Terms
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
NIST IR <strong>7298</strong> <strong>Revision</strong> 1, <strong>Glossary</strong> <strong>of</strong> <strong>Key</strong> <strong>Information</strong> <strong>Security</strong> <strong>Terms</strong><br />
Release Prefix – Prefix appended to the short title <strong>of</strong> U.S.-produced keying material to<br />
indicate its foreign releasability. "A" designates material that is<br />
releasable to specific allied nations, and "U.S." designates material<br />
intended exclusively for U. S. use.<br />
SOURCE: CNSSI-4009<br />
Relying Party – An entity that relies upon the subscriber’s credentials, typically to<br />
process a transaction or grant access to information or a system.<br />
SOURCE: SP 800-63; CNSSI-4009<br />
Remanence – Residual information remaining on storage media after clearing. See<br />
magnetic remanence and clearing.<br />
SOURCE: CNSSI-4009<br />
Remediation – The act <strong>of</strong> correcting a vulnerability or eliminating a threat. Three<br />
possible types <strong>of</strong> remediation are installing a patch, adjusting<br />
configuration settings, or uninstalling a s<strong>of</strong>tware application.<br />
SOURCE: SP 800-40<br />
The act <strong>of</strong> mitigating a vulnerability or a threat.<br />
SOURCE: CNSSI-4009<br />
Remediation Plan – A plan to perform the remediation <strong>of</strong> one or more threats or<br />
vulnerabilities facing an organization’s systems. The plan typically<br />
includes options to remove threats and vulnerabilities and priorities<br />
for performing the remediation.<br />
SOURCE: SP 800-40<br />
Remote Access – Access to an organizational information system by a user (or an<br />
information system acting on behalf <strong>of</strong> a user) communicating<br />
through an external network (e.g., the Internet).<br />
SOURCE: SP 800-53<br />
Access by users (or information systems) communicating external<br />
to an information system security perimeter.<br />
SOURCE: SP 800-18<br />
The ability for an organization’s users to access its nonpublic<br />
computing resources from external locations other than the<br />
organization’s facilities.<br />
SOURCE: SP 800-46<br />
Pg 154