NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

More documents

Recommendations

Info

NIST IR 7298 Revision 1, Glossary of Key Information Security Terms A backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event that the user has to move from their main computing location to an alternate site. SOURCE: SP 800-34 Cold Start – Procedure for initially keying crypto-equipment. SOURCE: CNSSI-4009 Collision – Two or more distinct inputs produce the same output. SOURCE: SP 800-57 Command Authority – Individual responsible for the appointment of user representatives for a department, agency, or organization and their key ordering privileges. SOURCE: CNSSI-4009 Commercial COMSEC Evaluation Program (CCEP) – Relationship between NSA and industry in which NSA provides the COMSEC expertise (i.e., standards, algorithms, evaluations, and guidance) and industry provides design, development, and production capabilities to produce a type 1 or type 2 product. Products developed under the CCEP may include modules, subsystems, equipment, systems, and ancillary devices. SOURCE: CNSSI-4009 Commodity Service – An information system service (e.g., telecommunications service) provided by a commercial service provider typically to a large and diverse set of consumers. The organization acquiring and/or receiving the commodity service possesses limited visibility into the management structure and operations of the provider, and while the organization may be able to negotiate service-level agreements, the organization is typically not in a position to require that the provider implement specific security controls. SOURCE: SP 800-53 Common Access Card (CAC) – Standard identification/smart card issued by the Department of Defense that has an embedded integrated chip storing public key infrastructure (PKI) certificates. SOURCE: CNSSI-4009 Pg 36
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Common Carrier – In a telecommunications context, a telecommunications company that holds itself out to the public for hire to provide communications transmission services. Note: In the United States, such companies are usually subject to regulation by federal and state regulatory commissions. SOURCE: SP 800-53 Common Control – A security control that is inherited by one or more organizational information systems. See Security Control Inheritance. SOURCE: SP 800-53; SP 800-53A; SP 800-37; CNSSI-4009 Common Control Provider – An organizational official responsible for the development, implementation, assessment, and monitoring of common controls (i.e., security controls inherited by information systems). SOURCE: SP 800-37; SP 800-53A Common Criteria – Governing document that provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems. SOURCE: CNSSI-4009 Common Fill Device – One of a family of devices developed to read-in, transfer, or store key. SOURCE: CNSSI-4009 Common Vulnerabilities and Exposures (CVE) – A dictionary of common names for publicly known information system vulnerabilities. SOURCE: SP 800-51; CNSSI-4009 Communications Cover – Concealing or altering of characteristic communications patterns to hide information that could be of value to an adversary. SOURCE: CNSSI-4009 Communications Deception – Deliberate transmission, retransmission, or alteration of communications to mislead an adversary's interpretation of the communications. SOURCE: CNSSI-4009 Communications Profile – Analytic model of communications associated with an organization or activity. The model is prepared from a systematic examination of communications content and patterns, the functions they reflect, and the communications security measures applied. SOURCE: CNSSI-4009 Pg 37
Page 2 and 3: NIST IR 7298 Revision 1 Glossary of
Page 4 and 5: NIST IR 7298 Revision 1, Glossary o
Page 86 and 87:
NIST IR 7298 Revision 1, Glossary o
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
NIST IR 7298, Glossary of Key Infor
show all

NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?