Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
246 Cards in this Set
- Front
- Back
- 3rd side (hint)
Access |
The ability and means to communicate with on otherwise interact with a system, to use system resource to handle information, to gain knowledge of the information the system contains, or to control system components and functions. |
|
|
Access and Identity Management |
Syn: identity and access management |
|
|
Access control |
The process of granting or denying specific requests for or attempts to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities. |
|
|
Access control mechanism |
Security measures designed to detect and deny unauthorized access and permit authorized access to an information system or a physical facility. |
|
|
Active attack |
An actual assault perpetrated by an intentional threat source that attempts to alter a system, it's resources, it's data, or it's operations. Related Term:. Passive attack. |
|
|
Active content |
Software that is able to automatically carry out or trigger actions without the explicit intervention of a user. |
|
|
Adversary |
An individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. Related Term:. Related Term:. threat agent, attacker. |
|
|
Air gap |
To physically separate or isolate a system from other systems or networks. Extended Definition:. The physical separation or isolation of a system from other systems or networks. |
|
|
Alert |
A notification that a specific attack has been detected or directed at an organization's information systems. |
|
|
Allowlist |
A list of entities that are considered trustworthy and are granted access or privileges. Related Terms:. Blocklist. |
|
|
All source intelligence |
In the NICE Framework, cyber security work where a person:. Analyzes threat information from multiple sources, disciplines, and agencies across the intelligence information in context; draws insights about the possible implications. |
|
|
Analyze |
A NICE Framework category consisting of specialty areas responsible for highly specialized review and evaluation of incoming cyber security information to determine it's usefulness for intelligence. |
|
|
Antispyware software |
A program that specializes in detecting and blocking or removing forms of spyware. |
|
|
Antivirus software |
A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code. |
|
|
Asset |
A person, structure, facility, information, and records, information technology systems and resources material, process, relationships, or reputation that has value. Extended Definition:. Anything useful that contributes to the success of something, such as an organizational mission; assets are things of value or properties to which value can be assigned. |
|
|
Asymmetric cryptography |
Syn: public key cryptography |
|
|
Attack |
An attempt to gain unauthorized access to systems services, resources, or information, or an attempt to compromise system integrity. Extended Definition:. The intentional act of attempting to bypass one or more security services or controls of an information system. |
|
|
Attack method |
The manner or technique and means an adversary may use in an assault on information or an information system. |
|
|
Attack mode |
Syn:. Attack method |
|
|
Attack path |
The steps that an adversary takes or may take to plan, prepare for, and execute an attack. |
|
|
Attack pattern |
Similar cyber events or behaviors that may indicate an attack has occurred or is occuring, resulting in security violation or a potential security violation. Extended Definition:. For software, descriptions of common methods for exploiting software systems. Related Term:. Attack Signature |
|
|
Attack signature |
A characteristic or distinctive pattern that can be searched for or that can be used in matching to previously identified attacks. Extended Definition:. An automated set of rules for identifying a potential threat (such as an exploit or the presence of an attacker tool) and possible response to the threat. |
|
|
Attack surface |
The set of ways in which an adversary can enter a system and potentially cause damage. Extended Definition:. An information system's characteristics that permit an adversary to probe, attack, or maintain presence in the information system. |
|
|
Attacker |
An individual, group, organization, or government that executes an attack. Extended Definition. A party acting with malicious intent to compromise an information system. Related Term:. Adversary, threat agent |
|
|
Authenticate: |
Related Term: authentication |
|
|
Access control: |
Related Term:. Access control mechanism |
|
|
Active attack |
Related Term: Passive attack |
|
|
Adversary |
Related Terms:. Threat agent, attacker |
|
|
Allowlist |
Related Term:. Blocklist |
|
|
Antispyware software |
Related Terms:. Spyware |
|
|
Attack |
Related Terms:. Active attack, passive attack |
|
|
Attack Pattern |
Related Term:. Attack signature |
|
|
Attacker |
Related Terms:. Adversary, threat agent |
|
|
Authentication |
The process of verifying the identity (user, process, or device). Extended Definition:. Also the process of verifying the source and integrity of data. |
|
|
Authenticity |
A property Achieved through cryptographic method of being genuine and being able to be verified and tested, resulting in confidence in the validity of a transmission, information or a message, or sender of information or a message. Related Term:. Integrity, non-repudiation |
|
|
Authorization |
A process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resources. Extended Definition:. The process of act of granting access privileges or the access privileges as granted. Extended Definition:. The process or act of granting access privileges or the access privileges as granted. |
|
|
Availability |
The process of being accessible and usable upon demand. Extended Definition:. In cyber security, applies to assets such as information or information systems. Related Terms:. Confidentiality, integrity |
|
|
Availability |
Related Terms:. Confidentially, integrity |
|
|
Advanced persistent threat |
An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve it's objectives by using multiple attack vectors (e.g., cyber, physical, and deception). |
|
|
Behavior monitoring |
Syn: behavioral monitoring |
|
|
Blocklist |
A list of entities that are blocked for denied privilege or access. Related Terms:. Allowlist |
|
|
Blocklist |
Related Terms:. Allowlist |
|
|
Blue Team |
A group that defends an enterprise's information systems when attackers (i.e.,the Red Team) attack, typically as part of a operational exercise conducted according to rules established and monitoring by a neutral group (i.e., the White Team). Extended Definition:. Also, a group that conducts operational vulnerability evaluations and recommends mitigation techniques to customers who need an independent technical review of their cybersecurity posture. |
|
|
Blue Team |
Related Term |
Allowlist |
|
Bot |
A computer connected to the internet that has been surreptitiously / secretly comprised with malicious logic to reform activities under the command and control of a remote administrator. Extended Definition:. A member of a large collection of compromised computers known as a botnet. Related Term:. Botnet Syn:. Zombie |
|
|
Bot |
Related Term:. Botnet |
|
|
Bot herder |
Syn:. Bot master |
|
|
Bot master |
The controller of a botnet that, from a remote location, providers direction to he compromised computers in the botnet. Syn:. Bot herder. |
|
|
Bot |
Syn:. Zombie |
|
|
Bot master |
Syn: bot herder |
|
|
Bug |
An unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. |
|
|
Build security in |
A set of principles, practices, and tools to design, develop, and evolve information systems and software that enhanced resistance to vulnerabilities, flaws, and attacks. |
|
|
Capability |
The means to accomplish a mission, function, or objective. Related Terms:. Intent |
|
|
Capability |
Related Term:. Intent |
|
|
Cipler |
Syn:. Cryptography algorithm |
|
|
Ciphertext |
Data or information in it's encrypted form. |
|
|
Ciphertext |
Data or information in it's encrypted form. Related Term:. Plaintext |
|
|
Cloud computing |
A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. |
|
|
Collect & operate |
A NICE Framework category consisting of specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence. |
|
|
Collection operations |
In the NICE Framework, cybersecurity work where a person:. Executes collection using appropriate strategies and within the priorities established through the collection management process. |
|
|
Collection operations |
In NICE Framework, cybersecurity work where a person: Executes collection using appropriate strategies and within the priorities established through the collection management process. |
|
|
Computer forensics |
Syn:. Digital forensics |
|
|
Computer network defense |
The actions taken defend against unauthorized activity within computer networks. Syn:. Digital forensics |
|
|
Computer network defense |
The actions taken to defend against unauthorized activity within computer networks. |
|
|
Computer network defense analysis |
In the NICE Framework, cybersecurity work where a person: uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information systems, and networks from threats. |
|
|
Computer network defense analysis |
In the NICE Framework, cybersecurity work where a person:. Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats. |
|
|
Computer network defense infrastructure support |
In the NICE Framework, cybersecurity work where a person: Tests, implements, destroys, maintains, reviews, and administers the infrastructure hardware that are required to effectively manage the computer network defense service provider network and resources; monitors network to activiely remediate unauthorized activities. |
|
|
Computer security incident |
Related Term:. Event |
|
|
Confidentiality |
A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information. Extended Definition:. Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Related Terms:. Availability, integrity |
|
|
Confidentiality |
Related Terms:. Availability, integrity |
|
|
Consequences |
The effect of an event, incident, or occurrence. Extended Definition:. In cybersecurity, the effect of a loss of confidentiality, integrity or availability of information or an information system on a organization' operations, it's assets, on individuals, other organizations, or on national interests. |
|
|
Continuity of operations plan |
A document that sets for the procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption. Related Terms:. Business Continuity Plan, Disaster Recovery Plan, Contingency Plan |
|
|
Continuity of operations plan |
Related Terms:. Business Continuity Plan, Disaster Recovery operations during any disruption or potential disruption. |
|
|
Critical infrastructure |
The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters. Related Terms:. Key Resource |
|
|
Related Terms |
Key resource |
|
|
Critical infrastructure and key resources |
Syn: critical infrastructure |
|
|
Cryptanalysis |
The operations performed in defeating or circumventing cryptographic protection of information by applying mathematical techniques and without an initial knowledge of the key employee in providing the protection. Extended Definition:. The study of mathematical techniques for attempting to defeat or circumvent cryptographic technique and/or information systems security. |
|
|
Cryptographic algorithm |
A well- defined computation procedure that takes variable inputs, including a cryptographic key, and produces an output. |
|
|
Cryptographic algorithm |
Related Terms:. Key, encryption, decryption, symmetric Key, Asymmetric key |
|
|
Confidentiality |
Related Terms:. Availability, integrity |
|
|
Consequences |
The effect of an event, incident, or occurrence. |
|
|
Cryptography |
The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication. Extended Definition:. The art or science concerning the principles, means, and methods for converting plaintext into ciphertext and for restoring encrypted ciphertext to plaintext. |
|
|
Cryptography |
Related Terms: plaintext, ciphertext, encryption, decryption |
|
|
Cryptology |
The mathematical sciences that deals with cryptanalysis and cryptgraphy. |
|
|
Cryptology related Terms: |
Cryptanalysis, crptography |
|
|
Customer service and technical support |
In the NICE Framework, cyber security work where a person; addresses problems, installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquires (e.g., tiered-level customer support). |
|
|
Cyber ecosystem |
The interconnected information infrastructure of interactions among persons, processes, data, and information and communication technologies, long with the environment and condition that influence those interactions. |
|
|
Cyber exercise |
A planned event during which an organization simulates a cyber disruption t develop or test capabilities such as preventing, detecting, , mitigating, responding, to or recovering from the disruption. |
|
|
Cyber incident |
Syn: incident |
|
|
Cyber incident |
Related Term:. Event |
|
|
Cyber incident response plane |
Syn:. Incident response plan |
|
|
Cyber infrastructure |
An electronic information and communication systems and services and the information contained there in. Extended Definition:. He information and communications system and services composed f all hardware and software that process, store, and communicate information, or any combination of these elements. Processing includes the creation, access, modifications, and destruction of information. Storage includes paper, magnetic, electronic, and all other media types. Communications include sharing and distribution of information. |
|
|
Cyber operations |
In the NICE Framework, cybersecurity work a person:. Performs activities to gather evidence on criminal or foreign intelligence entities in order t mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support other intelligence activities. |
|
|
Cyber operations |
In the NICE Framework, cybersecurity work where a person:. Performs in-depth joint targeting and cyber planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations. |
|
|
Cybersecurity |
The activity or process, ability or capability, o state whereby information and communication, or state whereby information and communications systems and the information and communications systems and the information contained there in are protected from and/or defended against damage, unauthorized use or modification, or exploitation. Extended Definition:. Strategy, policy, and standards regarding the security of and operations in cyberspace, an encompass [ing] the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, residency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure. |
|
|
Cyber threat intelligence |
The collecting, processing, organizing and analyzing data into actionable information that relates to capabilities, opportunities, actions, and intent of adversaries in the cyber domain to meet a specific requirement determined by and informing decision-makers. |
|
|
Data administration |
In the NICE Framework, cybersecurity work where a person:. Develops and administers databases and/or data management systems that allow for the storage, query, and utilization of data. |
|
|
Data aggregation |
The process of gathering and combining data from different sources, so that the combined data reveals new information. Extended Definition:. The new information is more sensitive than the individual data elements themselves and the person whom aggragates the data was not granted access to the totality of the information. |
|
|
Data aggregation |
Related Term:. Data mining |
|
|
Data breach |
The unauthorized movement or disclosure of sensitive information to a party, usually outside the origination, that is not authorized to have r see the information. |
|
|
Data breach |
Related Terms:. Data loss, data theft,nexfiltration |
|
|
Data integrity |
The property that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner. |
|
|
Data leak |
Syn:. Data breach |
|
|
Data loss |
The result of unintentional or accidentally deleting data,forgetting where it is stored, or exposure to an unauthorized party. |
|
|
Data loss prevention |
A set of procedures and mechanisms to stop sensitive data from leaving a security boundary. |
|
|
Data loss prevention |
Related Terms:. Data loss, data theft, data leak |
|
|
Data mining |
The process or techniques used to analyze large sets of existing information to discover previously u revealed patterns or correlations. |
|
|
Data mining |
Related Terms:. Data aggregation |
|
|
Data spill |
Syn:. Data breach |
|
|
Data theft |
The deliberate or intentional act of stealing of information. |
|
|
Data breach |
Related Terms:. Data aggregation, data leakage, data loss |
|
|
Decipher |
To convert enciphered text to plain text by means of a cryptographic system. |
|
|
Decipher |
Syn:. Decode, decrypt |
|
|
Decode |
To convert encoded text to plain text by means of s code. |
|
|
Decode |
Syn:. Decipher, decrypt |
|
|
Decrypt |
The process of transforming ciphertext into its original plaintext. Extended Definition:. The process of converting encrypted data back into its original form, so it can be understood. |
|
|
Decryption |
Syn:. Decode, decrypt, decipher |
|
|
Data mining |
Data aggregation |
|
|
Data spill |
Syn:. Data breach |
|
|
Data theft |
The deliberate or intentional act of stealing of information. |
|
|
Data theif |
Related Terms:. Data aggregation, data leakage, data loss |
|
|
Decipher |
To convert enciphered text to plain text by means of a cryptographic system. |
|
|
Decipher |
Syn:. Decode, decrypt |
|
|
Decode |
To convert encoded text to plaintext by means of a code. |
|
|
Decode |
Syn:. Decipher, decrypt |
|
|
Decrypt |
A generic term encompassing decode and decipher. |
|
|
Decrypt |
Syn:. Decipher, decode |
|
|
Decryption |
The process of transforming ciphertext into its original plaintext. Extended definition:. The process of converting encrypted data back into its original form, so it can be understood. |
|
|
Decryption |
Syn:. Decode, decrypt, decipher |
|
|
Decryption |
The process of transforming ciphertext into its original plaintext. Extended Definition:. The process of converting encrypted data back into its original form, so it can be understood. |
|
|
Decryption |
Syn:. Decipher, decode |
|
|
Denial of service |
An attack that prevents or impairs the authorized use of information system resources or services. |
|
|
Designed - in security |
Syn:. Build Security in |
|
|
Digital forensics |
The process and specialized techniques for gathering, retaining, and analyzing system-relsted data ( digital evidence) for investigating purposes. |
|
|
Digital forensics |
The process and specialized techniques for gathering, retaining, and analyzing system-relsted data ( digital evidence) for investigating purposes. Extended Definition:. In the NICE Framework, cybersecurity work where a person: Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability, mitigation, and/or criminal, fraud, counterintelligence or law enforcement investigations. |
|
|
Digital forensics |
Syn:. Computer forensics, forensics |
|
|
Digital rights management |
A form of access control technology to protect ad manage use of digital content or devices in accordance with the content or device provider's intentions. |
|
|
Digital signature |
A value computer with a cryptographic process uin a private key and then appended to a data object, thereby digitally signing the data. |
|
|
Digital signature |
Related Terms:. Electronic signature |
|
|
Disruption |
A denial of service technique that uses numerous systems to perform the attack simultaneously. |
|
|
Disruption |
Related Terms:. Denial of service, botnet |
|
|
Dynamic attack surface |
The automated, on-the-fly changes of an information system's characteristics to thwart actions of an adversary. |
|
|
Education and training |
In the NICE Framework, cybersecurity work where a person:. Conducts training of personnel within pertinent subject domain; development, plan, coordinate, deliver, and/or evaluate training courses, methods, and techniques as appropriate. |
|
|
Electronic signature |
Any mark in electronic form associated with an electronic document, applied with the intent to sign the document. |
|
|
Electronic signature |
Related Terms:. Digital siganture |
|
|
Encipher |
To convert plaintext to ciphertext by means of a cryptographic system. |
|
|
Encypher |
Syn:. Encode, encrypt |
|
|
Encode |
To convert plaintext to ciphertext by means of a code. |
|
|
Encode |
Syn:. Encipher, encrypt |
|
|
Encrypt |
The generic term encompassing encipher and encode. |
|
|
Encrypt |
Syn:. Encipher, encode |
|
|
Encryption |
The process of transforming plaintext into ciphertext. |
|
|
Encryption |
Converting data into a form that cannot be easily understood by authorized people. |
|
|
Encryption |
Syn:. Encode, encrypt, encipher |
|
|
Enterprise management |
A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making risks that may hinder an organization's ability to achieve it's objectives. Extended Definition:. Involves identifying mission dependencies on enterprise capabilities, identifying and prioritizing risks due to defined threats, implementing countermeasures to provide both a static risk posture and an effective dynamic response to active threats, and assessing enterprise performance against threats and adjusts countermeasures as necessary. |
|
|
Enterprise risk management |
A comprehensive approach to risk management that engages people, processes, and system across an organization to improve the quality of decision making for managing risks that may hinder an organization's ability to achieve it's objectives. Extended Definition:. Involves identifying mission dependencies on enterprise capabilities, identifying and prioritizing risks due to defined threats, implementing countermeasures to provide both a static risk posture and an effective dynamic response to active threats; and assessing enterprise performance against threats and adjusts countermeasures as necessary. |
|
|
Enterprise risk management |
Related Term:. Risk management, integrated risk management, risk |
|
|
Event |
An observation occurrence in an information system or network. Extended Definition:. Sometimes provides an indication that n incident is occuring or at least raise the suspicion that an incident maybe occuring. |
|
|
Exfiltration |
The unauthorized transfer of information from an information system. |
|
|
Exfiltration |
Related Term:. The unauthorized transfer of information from an information system. |
|
|
Enterprise risk management |
Related Terms:. Risk management, integrated risk management, risk |
|
|
Event |
An observation occurrence in an information system or network. Extended Network:. Sometimes provides an indication that an incident is occuring or at least raise the suspicion that an incident may be occuring. |
|
|
Event |
Related Terms:. Incident |
|
|
Exfiltration |
The unauthorized transfer of information from an information system. |
|
|
Exfiltration |
Related Term:. Data breach |
|
|
Exploit |
A technique to breach the security of a network or information system in violation of security policy. |
|
|
Exposure |
The condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network. |
|
|
Exploitation analysis |
In the NICE Framework.l, cybersecurity work where a person:. Analyzes collected information to identify vulnerabilities and potential for exploitation. |
|
|
Failure |
The inability of a system or component to perform it's required functions within specified performance requirements. |
|
|
Firewall |
A capability to limit network traffic between networks and/or information systems. Extended Definition:. A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized. |
|
|
Forensics |
Syn:. Digital forensics |
|
|
Hacker |
An unauthorized user who attempts to or gains access to an information system. |
|
|
Hash value |
A numeric value resulting from applying a mathematical algorithm against a set of data such as a file. |
|
|
Hash |
Related Term:. Hashing |
|
|
Hash |
Syn:. Cryptographic hash value |
|
|
Hashing |
A process of applying a mathematical algorithm against a set of data to produce a numeric value (a 'hash value( that represents the data. |
|
|
Extended Definition |
Mapping a bit string of arbitrary length to a fixed length bit string to produce the hash value. |
|
|
Hazard |
A natural or man- made source of cause of harm or difficulty. |
|
|
ict |
A man-made threat achieved through exploitation of the information and communications technology (ICT) system's supply chain, including acquisitions processes. |
|
|
ict |
Related Terms:. supply chain, threat |
|
|
identity and access management |
The methods and processes used to manage subjects and their authentication and authorization to access specific objects. |
|
|
impact |
Syn:. Consequence |
|
|
Incident |
An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (pose a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences. |
|
|
Incident |
Related Terms:. Event |
|
|
Incident management |
The management and coordination of activities associated with an actual or potential occurrence of an event that may result in adverse consequences to information or information systems. |
|
|
Incident response |
The activities that address the short-term, direct effects of an incident and may also support short-term recovery. Extended Definition:. In the Workforce Framework, cybersecurity work where a person:. Responds to crises or urgent situations within the pertinent domain to mitigate, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities. |
|
|
Incident response |
Related Terms:. Recovery |
|
|
Incident response |
Syn: response |
|
|
Incident response plan |
A set of predetermined and documented procedures to detect and respond to a cyber indident. |
|
|
Indicator |
An occurrence or sign that an incident may have occurred or may be in progress. |
|
|
Indicator |
Precursor |
|
|
Industrial control system |
An information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets. |
|
|
Industrial control system |
Related Terms:. Supervisory control and data acquisition, operations technology |
|
|
Informations and communications technology |
Any information technology, equipment, or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information. |
|
|
Information and communication technology |
Related Terms:. Information technology |
|
|
Information assurance |
The measures that protect mad defend information and information systems by ensuring their availability. |
|
|
Information Assurance |
Related Terms:. Information security |
|
|
Information assurance compliance |
In the NICE Framework, cybersecurity work where person :. Oversees, evaluates, and supports the documentation, validation and accreditation process necessary to assure that news IT systems meet the organizations information assurance and security requirements; ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. |
|
|
Information security policy |
An aggregate of directives, regulations, rules, and practices that prescribe how an organization manages, protected, and distributes information. |
|
|
Information security |
Related Terms:. Security policy |
|
|
Information sharing |
An exchange of data, information, and / or knowledge to manage risks or respond to incidents. |
|
|
Information system resilience |
The ability of an information system to: 1) continue to operate under adverse conditions and stress even if in a degraded or debilitated state, while maintaining essential operational capabilities, and (2) recovery effectively ina timely manner. |
|
|
Information system resilience |
Related Terms:. Resilience |
|
|
Information system security operaions |
In the NICE Framework, cybersecurity work where a person:. Overseas the information assurance program of an information system in or outside the network environment; may include procurement duties (e.g, Information Systems Security Office) |
|
|
Information technology |
Any equipment of or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information. |
|
|
Information techology |
Related Terms:. Information and communication technology. |
|
|
Inside threat |
A person or group of persons within an organization who pose a potential risk through violating security policies. Extended Definition:. One or more individuals with the access and/or inside knowledge of a company , organization, products, or facilities with the intent to cause harm. |
|
|
Inside threat |
Related Terms:. Outside(r) threat |
|
|
Integrated risk management |
The structured approach that enables an enterprise or organization to share risk information and risk analysis and to synchronize independent yet complementary risk management strategies to unify efforts across efforts across the enterprise. |
|
|
Integrated risk management |
Related Terms:. Risk management, enterprise risk management |
|
|
Integrity |
The property whereby information, an information system, or a component of a system has not been modified or destroyed in an unauthorized manner. Extended Definition:. A state in which information has remained unaltered from the point it was produced by a source, during transmission, storage, and eventual receipt by the destination. |
|
|
Integrity |
Related Term:. Availability, confidentiality, data, integrity, system integrity |
|
|
Intent |
A state of mind or desire to achieve an objective. |
|
|
Intent |
Related Term:. Capability |
|
|
Interoperability |
The ability of two or more systems or components to exchange information and to use the information that has been exchanged. |
|
|
Intrusion |
An unauthorized act of bypassing the security mechanisms of a network or information system. |
|
|
Intrision |
Syn:. Penetration |
|
|
Intrusion detection |
The process and method of analyzing information from networks and information systems to determine if a security breach or security violation has occurred. |
|
|
Investigation |
A NICE Framework category consisting of specialty areas responsible for the investigation of cyber events and/or crimes of IT systems, networks, and digital evidence. |
|
|
Investigation |
A systematic and formal inquiry into a qualified threat or incident using digital forensics and perhaps other traditional criminal inquiry techniques to determine the events that transpired and to collect evidence. Extended Definition:. In the NICE Framework, cybersecurity work where a person:. Applies tactics, techniques, and interrogation techniques, surveillance, counter surveillance detection, and appropriately balance the benefits of prosecution versus intelligence gathering. |
|
|
IT asset |
Syn:. Asset |
|
|
Knowledge Management |
In the NICE Framework, cybersecurity work where a person:. Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content. |
|
|
Leg advice and advocacy |
In the NICE Framework, cybersecurity work where a person:. Provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain;. Advocates legal and policy changes and makes a case on behalf of client via a wide range of written and oral work products, including legal bries and proceedings. |
|
|
Machine learning and evolution |
A field concerned with designing and developing artificial intelligence algorithms for automated knowledge discovery and innovation by information systems. |
|
|
Macro virus |
A type of malicious code that attacked itself to document and uses the macro programming capabilities of the documents applications to execute, replicate, and spread or propagate itself. |
|
|
Macro virus |
Related Terms:. Virus |
|
|
Malicious applet |
A small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system. |
|
|
Malicious applet |
Related Term:. Malicious code |
|
|
Malicious code |
Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system. Extended Definition:. Includes software, firmware, and scripts. |
|
|
Malicious codes |
Related Terms:. Malicious logic |
|
|
Malicious logic |
Hardware, firmware, or software that intentionally included or inserted in a system or perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system. |
|
|
Malicious logic |
Related Term:. Malicious code |
|
|
Malware |
Software that compromises the operation of a system by performing an unauthorized function or process. |
|
|
Malware |
Syn:. Malicious code, malicious applet, malicious logic |
|
|
Mitigation |
The application of one or more measures to reduce the likelihood of an unwanted occurrence and/ or lessen it's consequences. Extended Definition:. Implementing appropriate risk-reduction controls based on risk management priorities and analysis of alternatives. |
|
|
Moving target defense |
The presentation of a dynamic attack surface, increasing an adversary's work factor necessary to probe, attack, or maintain presence in a cyber target. |
|
|
Network |
The ability of a network to (1) provide continuous operations (i.e., highly resistant on disruption and able to operate in a degraded mode if damaged; (2) recover effectively if failure does occur; and (3) scale to meet rapid or unpredictable demands |
|
|
Network services |
In the NICE Framework, cybersecurity work where a person:. Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges switches, multiplexers, routers, cables, proxy servers, and protective distributor systems). And software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems. |
|
|
Non-repudiation |
A property Achieved through cryptographic methods to protect against an individual or entity falsely denying having performed a particular action related to data. Extended Definition:. Provides the capacity to determine whether a given individual took a particular action such as creating information, sending a message, approving information, sending a message, approving information, and receiving a message. |
|
|
Non-repudiation |
Related Term:. Integrity, authenticity |
|
|
Object |
A passive information system- related entity continuing or receiving information. |
|
|
Object |
Related Term:. Subject, access, access control |
|
|
Operate & maintain |
A NICE Framework category consisting of specialty areas responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security. |
|
|
Access and identify management |
Access and identity Management:. Identity and access management |
|
|
Access control |
Related Terms: access control mechanism |
|
|
Botnet |
A collection of computers comprised by malicious code and controlled across a network. |
|