NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

More documents

Recommendations

Info

NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Dedicated Mode – Information systems security mode of operation wherein each user, with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts, has all of the following: 1. valid security clearance for all information within the system, 2. formal access approval and signed nondisclosure agreements for all the information stored and/or processed (including all compartments, subcompartments, and/or special access programs), and 3. valid needto-know for all information contained within the information system. When in the dedicated security mode, a system is specifically and exclusively dedicated to and controlled for the processing of one particular type or classification of information, either for full-time operation or for a specified period of time. SOURCE: CNSSI-4009 Default Classification – Classification reflecting the highest classification being processed in an information system. Default classification is included in the caution statement affixed to an object. SOURCE: CNSSI-4009 Defense-in-Breadth – A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or sub-component life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement). SOURCE: CNSSI-4009 Defense-in-Depth – Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and dimensions of the organization. SOURCE: CNSSI-4009; SP 800-53 Degauss – Procedure that reduces the magnetic flux to virtual zero by applying a reverse magnetizing field. Also called demagnetizing. SOURCE: CNSSI-4009 Delegated Development Program – INFOSEC program in which the Director, NSA, delegates, on a caseby-case basis, the development and/or production of an entire telecommunications product, including the INFOSEC portion, to a lead department or agency. SOURCE: CNSSI-4009 Deleted File – A file that has been logically, but not necessarily physically, erased from the operating system, perhaps to eliminate potentially incriminating evidence. Deleting files does not always necessarily eliminate the possibility of recovering all or part of the original data. SOURCE: SP 800-72 Pg 60
NIST IR 7298 Revision 1, Glossary of Key Information Security Terms Demilitarized Zone (DMZ) – Denial of Service (DoS) – An interface on a routing firewall that is similar to the interfaces found on the firewall’s protected side. Traffic moving between the DMZ and other interfaces on the protected side of the firewall still goes through the firewall and can have firewall protection policies applied. SOURCE: SP 800-41 A host or network segment inserted as a “neutral zone” between an organization’s private network and the Internet. SOURCE: SP 800-45 Perimeter network segment that is logically between internal and external networks. Its purpose is to enforce the internal network’s Information Assurance policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding the internal networks from outside attacks. SOURCE: CNSSI-4009 An attack that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources. SOURCE: SP 800-61 The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.) SOURCE: CNSSI-4009 Depth – An attribute associated with an assessment method that addresses the rigor and level of detail associated with the application of the method. The values for the depth attribute, hierarchically from less depth to more depth, are basic, focused, and comprehensive. SOURCE: SP 800-53A Descriptive Top-Level Specification (DTLS) – Designated Approval Authority – (DAA) Designated Approving (Accrediting) Authority – A natural language descriptive of a system’s security requirements, an informal design notation, or a combination of the two. SOURCE: CNSSI-4009 Official with the authority to formally assume responsibility for operating a system at an acceptable level of risk. This term is synonymous with authorizing official, designated accrediting authority, and delegated accrediting authority. SOURCE: CNSSI-4009 See Authorizing Official Pg 61
Page 2 and 3:
NIST IR 7298 Revision 1 Glossary of
Page 4 and 5:
NIST IR 7298 Revision 1, Glossary o
Page 6 and 7:
Page 8 and 9:
Page 10 and 11: NIST IR 7298 Revision 1, Glossary o
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
NIST IR 7298, Glossary of Key Infor
show all

NISTIR 7298 Revision 1, Glossary of Key Information Security Terms

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?