Glossary

Account Hijacking        

Account hijacking is when a criminal uses stolen information to access your accounts. (Source: Norton Glossary)

Access

“Ability to make use of any information system (IS) resource.” (Source: NIST SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure)

Access Control

“The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).” (Source: NIST SP 800-12 Rev. 1 An Introduction to Information Security)

Accountability

“The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports non-repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.” (Source: NIST SP 800-12 Rev. 1 An  introduction to Information Security)

Actor

See threat actor. (Source: Norton Glossary)

Administrative Control/Safeguard

“Administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures to protect electronic protected health information and to manage the conduct of the covered entity’s workforce in relation to the protection of that information.” (Source: Source: NIST SP 800-66 Rev. 1 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule)

Anti-Virus Software

Software application designed to find, remove, quarantine or repair infected files and protect your computer from malicious software. (Source: Norton Glossary)

Applications

Computer software designed to help the computer user perform a specific task. (Source: Norton Glossary)

Attachment

Any file that can be attached and sent with an email or instant message.  Malicious programs, viruses or spyware are commonly spread through attachments. (Source: Norton Glossary)

Attack

“An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity, availability, or confidentiality.” (Link) (Source: NIST SP 800- 82 Rev. 2 Guide to Industrial Control (ICS) Security)

Authentication

“Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.” (Link) (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Authorization

 “The right or a permission that is granted to a system entity to access a system resource.” (Link) (Source: NIST SP 800-82 Rev. 2 Guide to Industrial Control Systems (ICS) Security)

Availability

 “Ensuring timely and reliable access to and use of information.” (Link) (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Awareness

 “Awareness is not training. The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize IT security concerns and respond accordingly. In awareness activities, the learner is the recipient of information, whereas the learner in a training 9/20/2019 17 environment has a more active role. Awareness relies on reaching broad audiences with attractive packaging techniques. Training is more formal, having a goal of building knowledge and skills to facilitate the job performance.” (Link) (Source: NIST SP 800-50 Building an Information Technology Security Awareness and Training Program)

Awareness, Training, and Education Controls

 “Include (1) awareness programs which set the stage for training by changing organizational attitudes to realize the importance of security and the adverse consequences of its failure, (2) training which teaches people the skills that will enable them to perform their jobs more effectively, and (3) education which is targeted for IT security professionals and focuses on developing the ability and vision to perform complex, multi-disciplinary activities.” (Link) (Source: NIST SP 800-16 Information Technology Security Training Requirements: A Role- and Performance-Based Model)

Backdoor

In information security, a backdoor refers to an overlooked or hidden entry into a computer system.  A backdoor allows an unauthorized user to bypass security measures and gain access to a computer. (Source: Norton Glossary)

Bandwidth

Bandwidth measures how much data can be sent over a connection in a given amount of time. (Source: Norton Glossary)

Brute Force Attack

A method of hacking into a password protected computer or network using every combination of letters, numbers, symbols and spaces in order to find the correct password. (Source: Norton Glossary)

Cache

A cache stores recently used information in a place on the hard drive where it can be quickly accessed. (Source: Norton Glossary)

Certificate Authority

A third party that verifies the true identity of a server during encrypted communications. (Source: Norton Glossary)

Ciphertext

“Data in its encrypted form.” (Link) (Source: NIST SP 800-12 Rev. 1 An Introduction to Information Security)

Clear Text

“Information that is not encrypted.” (Link) (Source: NIST SP 800-82 Rev. 2 Guide to Industrial Control Systems (ICS) Security)

Cloud

The cloud is made up of the Internet and the servers connected to it. It allows you to store data or access applications online.  Storing your pictures or documents on the cloud makes it accessible from any computer connected to the Internet. (Source: Norton Glossary)

Computer Emergency Response Team (CERT)

See CSIRT Computer Security Incident Response Team (CSIRT) “A capability set up for the purpose of assisting in responding to computer security-related incidents; also called a Computer Incident Response Team (CIRT) or a CIRC (Computer Incident Response Center, Computer Incident Response Capability). (Link) (Source: NIST SP 800-61 Rev. 2 Computer Security Incident Handling Guide)

Computer Hijacking

Computer hijacking is when an attacker takes control of a computer system and exploits it. (Source: Norton Glossary)

Cookie

A file installed on your computer’s hard drive by a web site to track user activity and store information on your computer once a webpage is visited. (Source: Norton Glossary)

Confidentiality “Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.” (Link) (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Control

See safeguard

Controlled Unclassified Information “Information that law, regulation, or government-wide policy requires to have safeguarding or disseminating controls, excluding information that is classified under Executive Order 13526, Classified National Security Information, December 29, 2009, or any predecessor or successor order, or the Atomic Energy Act of 1954, as amended” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016)

Cryptography

“Art or science concerning the principles, means, and methods for rendering plain information unintelligible and for restoring encrypted information to intelligible form.” (Link) (Source: CNSSI 4009-2015 (NSA/CSS Manual Number 3-16 (COMSEC)))

Cyber Attack

An attack against a computer or network. (Source: Norton Glossary)

Cyber Security

The ability to protect or defend the use of cyberspace from cyber-attacks.

Cyber Threat Indicator (CTI)

“A technical artifact or observable that suggests an attack is imminent or is currently underway, or that a compromise may have already occurred.” Additionally, CTIs include indicators of compromise and the tactics, techniques, and procedures used by threat actors.” (Link) (Source: NIST SP 800-150 Guide to Cyber Threat Information Sharing)

Data

“Pieces of information from which “understandable information” is derived.” (Link) (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Data/Identity Theft

A crime in which someone steals key pieces of personal information such as Social Security or credit card numbers to steal your identity. (Source: Norton Glossary)

Decryption

“The process of changing ciphertext into plaintext using a cryptographic algorithm and key.” (Source: NIST SP 800-57 Part 1 Rev. 4 Recommendation for Key Management)

Defense-in-Breadth “A planned, systematic set of multidisciplinary activities that seek to identify, manage, and reduce risk of exploitable vulnerabilities at every stage of the system, network, or subcomponent life cycle (system, network, or product design and development; manufacturing; packaging; assembly; system integration; distribution; operations; maintenance; and retirement).” (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Defense-in-Depth

 “Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.” (Source: NIST SP 800- 53 Rev. 4 Security and Privacy Controls for Federal Systems and Organizations)

Degaussing (or “Demagnetizing”)

“To reduce the magnetic flux to virtual zero by applying a reverse magnetizing field. Degaussing any current generation hard disk (including but not limited to IDE, EIDE, ATA, SCSI and Jaz) will render the drive permanently unusable since these drives store track location information on the hard drive. Also called “demagnetizing.” (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Device-based encryption

Encrypting data that is stored on a storage device such as a hard drive or flash drive. (Source: Norton Glossary)

Dictionary Attack

A method of hacking into a password protected computer or network by systematically entering in words from the dictionary as the password. (Source: Norton Glossary)

Disclosure (or information)

“Data disclose without authorization.” (Link) (Source: NIST SP 800-13 Telecommunication Security Guidelines for Telecommunications Management Network)

Dumpster Diving

Dumpster diving is when potential criminals dig through your trash looking for sensitive or personal information. (Source: Norton Glossary)

Eavesdropping (attack)

From a network security perspective, this this term refers to “[a]n attack in which an attacker listens passively to the authentication protocol to capture information that can be used in a subsequent active attack to masquerade as the claimant.” Conversely, from a user’s perspective, this is an attach in which an attacker listens passively to a conversation to acquire unauthorized access and/or use of confidential or sensitive information. (Link) (Source: NIST SP 800-63-3 Digital Identity Guidelines)

Education

“IT security education focuses on developing the ability and vision to perform complex, multi-disciplinary activities and the skills needed to further the IT security profession. Education activities include research and development to keep pace with changing technologies and threats.” (Source: NIST SP 800-50 Building an Information Technology Security Awareness and Training Program). Moreover, education “[i]ntegrates all of the security skills and competencies of the various functional specialties into a common body of knowledge, adds a multidisciplinary study of concepts, issues, and principles (technological and social), and strives to produce IT security specialists and professionals capable of vision and pro-active 9/20/2019 19 response.” (Link) (Source: NIST SP 800-16 Information Technology Security Training Requirements: A Role- and Performance-Based Model)

Encryption

The science of storing information in a way that only allows it to be revealed to those you want to access it. (Source: Norton Glossary)

Firewall

A firewall is a hardware device or software running on a computer that filters network communications.   It does so by making decisions based on rules that either allow or stop the flow of network activity. (Source: Norton Glossary)

Hacker

A hacker is someone who intentionally breaches or “hacks” into a computer system to steal confidential information or to cause damage to a computer or whole network. (Source: Norton Glossary)

Hard Disk (or Hard-Disk Drive)

“A rigid magnetic disk fixed permanently within a drive unit and used for storing data. It could also be a removable cartridge containing one or more magnetic disks.” (Link) (Source: NIST SP 800- 88 Rev. 1 Guidelines for Media Sanitization)

Hashing

“The process of using a mathematical algorithm against data to produce a numeric value that is a representative of the data .” (Link) (Source: NIST SP 800- 88 Rev. 1 Guidelines for Media Sanitization)

Host-Based Encryption

Host-based encryption is when data is encrypted as it is being created. (Source: Norton Glossary)

Host-Based Firewall

Software programs running on a computer that filters network communications. (Source: Norton Glossary)

HTTP (Hypertext Transfer Protocol)

This is the standard language that computers use to communicate with each other on the Internet.  Web addresses tend to start with http://www. (Source: Norton Glossary)

HTTPS

HTTPS indicates you are using a secure website.  The “S” stands for secure and indicates the site you are viewing uses encryption to secure your data.  (Source: Norton Glossary)

Indicator

“A technical artifact or observable that suggests an attack is imminent or is currently underway, or that a compromise may have already occurred” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Identification

“The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system.”(Source: NIST SP 800-47 Security Guide for Interconnecting Information Technology Systems)

Incident

“An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.” (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Information

“Any communication or representation of knowledge such as facts, data, or opinions in any medium or form, including textual, numerical, graphic, cartographic, narrative, or audiovisual.” (Source: NIST SP 800-171 Rev. 1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations)

Information Resource

“Information and related resources, such as personnel, equipment, funds, and information technology.” (Link) (Source: NIST SP 800-171 Rev. 1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations)

Information Security

“The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability” (Source: NIST SP 800-171 Rev. 1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations) 9/20/2019 20

Information System

“A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.” (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Integrity

“Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity.” (Link) (Source: NIST SP 800-171 Rev 1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations)

Instant Messaging (IM)

A form of online communication.  IM allows users to relay messages to each other in real time for a “conversation” between two or more people. (Source: Norton Glossary)

In-band encryption

Encryption as data is being transported across a local area network. (Source: Norton Glossary)

Internet

A network of networks that is available worldwide. (Source: Norton Glossary)

Keyloggers

Programs that record a user’s keystrokes on the computer.  Keyloggers can compromise your sensitive data by capturing it and sending it to a criminal. (Source: Norton Glossary)

Local Area Network

A computer network that only allows authorized computers or users to access local software, files and printers. (Source: Norton Glossary)

Malware

Any  software created to damage or illegally access a computer or network.  Computer viruses, worms, and Trojans are examples of malware. (Source: Norton Glossary)

Memory “Computer memory (e.g., Random Access Memory” Media

“Physical devices or writing surfaces including, but not limited to, magnetic tapes, optical disks, magnetic disks, Large-Scale Integration (LSI) memory chips, and printouts (but not including display media) onto which information is recorded, stored, or printed within an information system.” (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Media Sanitization

“A general term referring to the actions taken to render data written on media unrecoverable by both ordinary and extraordinary means.” (Link) (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Medium

“Material on which data are or may be recorded, such as paper, punched cards, magnetic tape, magnetic disks, solid state devices, or optical discs.” (Link) (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Multi-Factor Authentication

“Authentication using two or more different factors to achieve authentication. Factors include: (i) something you know (e.g., password/PIN); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric)” (Link) (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Network

A group of computers connected to one another to allow sharing of resources and information. (Source: Norton Glossary)

Nonrepudiation

“Assurance that the sender is provided with proof of delivery and that the recipient is provided with proof of the sender’s identity so that neither can later deny having processed the data. [NS4009] Technical non-repudiation refers to the assurance a Relying Party 9/20/2019 21 has that if a public key is used to validate a digital signature, that signature had to have been made by the corresponding private signature key. Legal non-repudiation refers to how well possession or control of the private signature key can be established.” (Source: NIST SP 800-32 Introduction to Public Key Technology and the Federal PKI Infrastructure)

Observable

“An event (benign or malicious) on a network or system” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Operating System

A software program that manages hardware and software resources and provides the environment for other software applications to run. (Source: Norton Glossary)

Personal/Sensitive Information

Any information that can personally identify you, such as your name, address, phone numbers, Social Security number, bank account number, credit card account numbers, etc. (Source: Norton Glossary)

Phishing

Emails, instant messages, phone calls or website designed to steal your personal information. (Source: Norton Glossary)

Physical Control/Safeguard “Physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment from natural and environmental hazards, and unauthorized intrusion.” (Source: NIST SP 800-66 Rev. 1 An Introductory Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule)

Plaintext

 “Intelligible data that has meaning and can be understood without the application of decryption.” (Link) (Source: NIST SP 800-57 Part 1 Rev. 4 Recommendation for Key Management)

Pop-up Blocker

Software that allows you to limit or block most pop-ups.  Pop-up blockers are typically a feature included in your browser, but can also be purchased separately. (Source: Norton Glossary)

Pop-up Messages or Ads

Advertisements that “pop up” in a separate window. (Source: Norton Glossary)

Ransomware

A type of malware that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.

Risk

“A measure of the extent to which an entity is threatened by a potential circumstance or event, and typically a function of: (i) the adverse impacts that would arise if the circumstance or event occurs; and (ii) the likelihood of occurrence. Information systemrelated security risks are those risks that arise from the loss of confidentiality, integrity, or availability of information or information systems and reflect the potential adverse impacts to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.” (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Safeguard

“Protective measures prescribed to meet the security requirements (i.e., confidentiality, integrity, and availability) specified for an information system. Safeguards may include security features, management constraints, personnel security, and security of physical structures, areas, and devices. Synonymous with security controls and countermeasures.” (Link) (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Security Certificates

Tools used to solve the problem of “imposter” websites.  A security certificate provides proof you are on a legitimate website. (Source: Norton Glossary)

Security Operations Center (SOC)

“In general, the term “SOC” refers to a unified collection of people, processes, and technology that provide an organization with threat 9/20/2019 22 detection, response, prevention capabilities (Chuvakin, Barros, & Belak, 2018). These capabilities broaden an organization’s situational awareness, which can be leveraged to make informed decisions with regards to information security risk management.”

Shoulder Surfing

A method of social engineering where someone looks over your shoulder to secretly obtain your personal information. (Source: Norton Glossary)

Social Engineering

The clever manipulation of the natural human tendency to trust.  Social engineering involves someone using deception and manipulation in order to gather sensitive information. (Source: Norton Glossary)

Spam

Spam is unsolicited emails designed to sell something or get you to reveal personal information. (Source: Norton Glossary)

Spyware

Spyware is software that is unknowingly installed on your computer that is used to monitor your computer usage and/or steal personal information. (Source: Norton Glossary)

Slack Space

”The unused space in a file allocation block or memory page that may hold residual data.” (Link) (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Steganography

“The art, science, and practice of communicating in a way that hides the existents of the communication.” (Link) (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Storage

“Retrievable retention of data. Electronic, electrostatic, or electrical hardware or other elements (media) into which data may be entered, and from which data may be retrieved.” (Link) (Source: NIST SP 800-88 Rev. 1 Guidelines for Media Sanitization)

Tactics, Techniques, and Procedures (TTPs)

“The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lowerlevel, highly detailed description in the context of a technique.” (Source: NIST SP 800-150 Guide to Cyber Threat Information Sharing)

Technical Control/Safeguard

“The technology and the policy and procedures for its use that protect electronic protected health information and control access to it.” (Source: NIST SP 800-66 Rev. 1 An Introductory Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule)

Threat

“Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Threat Actor

“An individual or a group posing a threat” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Threat Actor Tactics, Techniques, and Procedures (TTPs)

“The behavior of an actor. A tactic is the highest-level description of this behavior, while techniques give a more detailed description of behavior in the context of a tactic, and procedures an even lowerlevel, highly detailed description in the context of a technique” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Threat Information

“Any information related to a threat that might help an organization protect itself against a threat or detect the activities of an actor. Major types of threat information include indicators, TTPs, security 9/20/2019 23 alerts, threat intelligence reports, and tool configurations” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Threat Intelligence

“Threat information that has been aggregated, transformed, analyzed, interpreted, or enriched to provide the necessary context for decision-making processes” (Johnson, Badger, Waltermire, Snyder, & Skorupka, 2016).

Training

The term ‘training’ refers to the process of “teaching people the knowledge and skills that will enable them to perform their jobs more effectively.” (Source: NIST SP 800-16 Information Technology Security Training Requirements: A Role- and Performance-Based Model). Moreover, training “strives to produce relevant and needed security skills and competencies by practitioners of functional specialties other than IT security (e.g., management, systems design and development, acquisition, auditing).” (Source: NIST SP 800-50 Building an Information Technology Security Awareness and Training Program).

Trojan Horse

A piece of software that is hidden inside another program to secretly perform activity without the computer user’s knowledge. (Source: Norton Glossary)

URL – Uniform Resource Locator

An address identifying the location of a file on the Internet, consisting of the protocol, the computer

User

“Individual, or (system) process acting on behalf of an individual, authorized to access an information system.” (Link) (Source: NIST SP 800-53 Rev. 4 Security and Privacy Controls for Federal Information Systems and Organizations)

Virtual Private Network (VPN)

A data network that enables two or mor e parties to communicate securely across a public network by creating a private connection, or “tunnel,” between them.

Virus

A program that attaches itself to an executable file or vulnerable application.  When the infected file or application is accessed, the virus infects the computer with malicious software that can simply be annoying or cause serious computer problems. (Source: Norton Glossary)

Vishing

A form of social engineering where a criminal tries to get you to reveal personal information over the telephone. (Source: Norton Glossary)

Vulnerability “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” (Source: NIST SP 800-53 Rev. 4 Security and Privacy

on which the file is located, and the file’s location on that computer. (Source: Norton Glossary)

Worm

A malicious software program that is capable of replicating itself and spreading to other computers through a network. (Source: Norton Glossary)

Zeroization

“A method of erasing electronically stored data, cryptographic keys, and critical stored parameters by altering or deleting the contents of the data storage to prevent recovery of the data.” (Source: NIST SP 800-57 Part 2 Recommendation for Key Management: Part 2 – Best Practices for Key Management Organizations)

Zombie

A computer overtaken by a hacker and used to perform malicious tasks. (Source: Norton Glossary)