A
Access
Ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions.
SOURCE: CNSSI-4009
Access control
The process of granting or denying specific requests to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities (e.g., federal buildings, military establishments, border crossing entrances).
SOURCE: FIPS 201; CNSSI-4009
Access Control List (ACL)
1. A list of permissions associated with an object. The list specifies who or what is allowed to access the object and what operations are allowed to be performed on the object.
2. A mechanism that implements access control for a system resource by enumerating the system entities that are permitted to access the resource and stating, either implicitly or explicitly, the access modes granted to each entity.
SOURCE: CNSSI-4009
Access control mechanism
Security safeguards (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) are designed to detect and deny unauthorized access and permit authorized access to an information system.
SOURCE: CNSSI-4009
Access point
A device that logically connects wireless client devices operating in infrastructure to one another and provides access to a distribution system, if connected, which is typically an organization’s enterprise wired network.
SOURCE: SP 800-48; SP 800-121
Accountability
Principle that an individual is entrusted to safeguard and control equipment, keying material, and information and is answerable to proper authority for the loss or misuse of that equipment or information.
SOURCE: CNSSI-4009
Activation data
Private data, other than keys, that are required to access cryptographic modules.
SOURCE: SP 800-32
Active attack
An attack on the authentication protocol where the Attacker transmits data to the Claimant, Credential Service Provider, Verifier, or Relying Party. Examples of active attacks include man-in-the-middle, impersonation, and session hijacking.
SOURCE: SP 800-63
Active security testing
Security testing that involves direct interaction with a target, such as sending packets to a target.
SOURCE: SP 800-115
Add-on security
Incorporation of new hardware, software, or firmware safeguards in an operational information system.
SOURCE: CNSSI-4009
Adequate security
Security commensurate with the risk and the magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information.
SOURCE: SP 800-53; FIPS 200; OMB Circular A-130, App. III
Administrative safeguards
Administrative actions, policies, and procedures to manage the selection, development, implementation, and maintenance of security measures to protect electronic health information and to manage the conduct of the covered entity’s workforce in relation to protecting that information.
SOURCE: SP 800-66
Allocation
The process an organization employs to determine whether security controls are defined as system-specific, hybrid, or common. The process an organization employs to assign security controls to specific information system components responsible for providing a particular security capability (e.g., router, server, remote sensor).
SOURCE: SP 800-37
Anti-virus Software
A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents.
SOURCE: SP 800-83
Attack
Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.
SOURCE: CNSSI-4009
Authentication
Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.
SOURCE: SP 800-53; SP 800-53A; SP 800-27; FIPS 200; SP 800-30
Authorization
Access privileges granted to a user, program, or process or the act of granting those privileges.
SOURCE: CNSSI-4009
B
Back door (backdoor)
Typically unauthorized hidden software or hardware mechanism used to circumvent security controls.
SOURCE: CNSSI-4009
Backup
A copy of files and programs made to facilitate recovery, if necessary.
SOURCE: SP 800-34; CNSSI-4009
Banner
Display on an information system that sets parameters for system or data use.
SOURCE: CNSSI-4009
Baseline
Hardware, software, databases, and relevant documentation for an information system at a given point in time.
SOURCE: CNSSI-4009
Baseline Security
The minimum security controls required for safeguarding an IT system based on its identified needs for confidentiality, integrity, and/or availability protection.
SOURCE: SP 800-16
Binding
Process of associating two related elements of information.
SOURCE: SP 800-32
Bit
A contraction of the term Binary Digit. The smallest unit of information in a binary system of notation.
SOURCE: CNSSI-4009
BitVPN
BitVPN was built upon a decentralized, open-communication TOP-network as well as a public blockchain platform. TOP Network, a project aims to create a decentralized cloud communication network on a public blockchain. The decentralized structure enables BitVPN to become truly anonymous, private, and secure. Because of the decentralized nature, data is handled by numerous servers that are operating independently across around the world. And it’s impossible for any hackers to collect all the scattered data and do something bad with them. By utilizing decentralized P2P mesh network, a single point of failure or attack is no longer a risk to the entire BitVPN’s network. BitVPN makes sure that each and every step of data processing is encrypted, scrambled, and encrypted again.
Originally block chain, is a growing list of records, called blocks, that are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data
SOURCE: Wikipedia
Browsing
Act of searching through information system storage or active content to locate or acquire information, without necessarily knowing the existence or format of information being sought.
SOURCE: CNSSI-4009
Bulk encryption
Simultaneous encryption of all channels of a multichannel telecommunications link.
SOURCE: CNSSI-4009
C
Cascading
Downward flow of information through a range of security levels greater than the accreditation range of a system, network, or component.
SOURCE: CNSSI-4009
Central Services Node
The Key Management Infrastructure core node that provides central security management and data management services.
SOURCE: CNSSI-4009
Certificate
A set of data that uniquely identifies an entity, contains the entity’s public key and possibly other information, and is digitally signed by a trusted party, thereby binding the public key to the entity. Additional information in the certificate could specify how the key is used and its cryptoperiod.
SOURCE: SP 800-21
Certificate Policy (CP)
A specialized form of administrative policy tuned to electronic transactions performed during certificate management. A Certificate Policy addresses all aspects associated with the generation, production, distribution, accounting, compromise recovery, and administration of digital certificates. Indirectly, a certificate policy can also govern the transactions conducted using a communications system protected by a certificate-based security system. By controlling critical certificate extensions, such policies and associated enforcement technology can support provision of the security services required by particular applications.
SOURCE: CNSSI-4009; SP 800-32
Client
Individual or process acting on behalf of an individual who makes requests of a guard or dedicated server. The client’s requests to the guard or dedicated server can involve data transfer to, from, or through the guard or dedicated server.
SOURCE: CNSSI-4009
Code
System of communication in which arbitrary groups of letters, numbers, or symbols represent units of plain text of varying length.
SOURCE: CNSSI-4009
Computer Abuse
Intentional or reckless misuse, alteration, disruption, or destruction of information processing resources.
SOURCE: CNSSI-4009
Computer security
Measures and controls that ensure confidentiality, integrity, and availability of information system assets including hardware, software, firmware, and information being processed, stored, and communicated.
SOURCE: CNSSI-4009
COMSEC
Communications Security.
SOURCE: CNSSI-4009
Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
SOURCE: SP 800-53; SP 800-53A; SP 800-18; SP 800-27; SP 800- 60; SP 800-37; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542
Content filtering
The process of monitoring communications such as email and Web pages, analyzing them for suspicious content, and preventing the delivery of suspicious content to users.
SOURCE: SP 800-114
Controlled access protection
Minimum set of security functionality that enforces access control on individual users and makes them accountable for their actions through login procedures, auditing of security-relevant events, and resource isolation.
SOURCE: CNSSI-4009
Cookie
A piece of state information supplied by a Web server to a browser, in a response for a requested resource, for the browser to store temporarily and return to the server on any subsequent visits or requests. Learn more about cookies.
SOURCE: SP 800-28
Credential
An object or data structure that authoritatively binds an identity (and optionally, additional attributes) to a token possessed and controlled by a Subscriber.
SOURCE: SP 800-63
Cryptocurrency
A digital asset designed to work as a medium of exchange that uses strong cryptography to secure financial transactions, control the creation of additional units, and verify the transfer of assets. Cryptocurrencies use decentralized control as opposed to centralized digital currency and central banking systems. Learn more about cryptocurrency.
SOURCE: Wikipedia
Cryptographic algorithm
A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output.
SOURCE: SP 800-21; CNSSI-4009
Cryptographic security
Component of COMSEC resulting from the provision of technically sound cryptographic systems and their proper use.
SOURCE: CNSSI-4009
Cryptography
The discipline that embodies the principles, means, and methods for the transformation of data in order to hide their semantic content, prevent their unauthorized use, or prevent their undetected modification.
SOURCE: SP 800-59
Cyber attack
An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.
SOURCE: CNSSI-4009
Cybersecurity
The ability to protect or defend the use of cyberspace from cyber attacks.
SOURCE: CNSSI-4009
Cyberspace
A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
SOURCE: CNSSI-4009
D
Data
A subset of information in an electronic format that allows it to be retrieved or transmitted.
SOURCE: CNSSI-4009
Data breach
The intentional or unintentional release of secure or private/confidential information to an untrusted environment.
SOURCE: Wikipedia
Data security
Protection of data from unauthorized (accidental or intentional) modification, destruction, or disclosure.
SOURCE: CNSSI-4009
Data loss
The exposure of proprietary, sensitive, or classified information through either data theft or data leakage.
SOURCE: SP 800-137
Decentralized network
In computing terms, a decentralized network does not use any single central server. Instead, it is built upon a peer-to-peer mesh network where individual computer around the world are distributing data and information with layers of data scrambling and encryption. This trend of decentralization has evolved from the rapid advancements of desktop and laptop computers, which now offers performance well beyond the needs of most social applications; meaning the extra compute power can be used for distributed processing.
SOURCE: BitVPN
Decode
Convert encoded text to plain text by means of a code.
SOURCE: CNSSI-4009
Decryption
The process of transforming ciphertext into plaintext.
SOURCE: SP 800-67
Disconnection
The termination of an interconnection between two or more IT systems. A disconnection may be planned (e.g., due to changed business needs) or unplanned (i.e., due to an attack or other contingency).
SOURCE: SP 800-47
Domain
An environment or context that includes a set of system resources and a set of system entities that have the right to access the resources as defined by a common security policy, security model, or security architecture. See Security Domain.
SOURCE: CNSSI-4009; SP 800-53; SP 800-37
E
Eavesdropping attack
An attack in which an Attacker listens passively to the authentication protocol to capture information which can be used in a subsequent active attack to masquerade as the Claimant.
SOURCE: SP 800-63
Electronic key entry
The entry of cryptographic keys into a cryptographic module using electronic methods such as a smart card or a key-loading device. (The operator of the key may have no knowledge of the value of the key being entered.)
SOURCE: FIPS 140-2
Encode
Convert plain text to cipher text by means of a code.
SOURCE: CNSSI-4009
Encrypted key
A cryptographic key that has been encrypted using an Approved security function with a key encrypting key, a PIN, or a password in order to disguise the value of the underlying plaintext key.
SOURCE: FIPS 140-2
Encrypted network
A network on which messages are encrypted (e.g., using DES, AES, or other appropriate algorithms) to prevent reading by unauthorized parties.
SOURCE: SP 800-32
Encryption
Conversion of plaintext to ciphertext through the use of a cryptographic algorithm.
SOURCE: FIPS 185
Event
Any observable occurrence in a network or system.
SOURCE: SP 800-61
External security testing
Security testing conducted from outside the organization’s security perimeter.
SOURCE: SP 800-115
F
Failure access
Type of incident in which unauthorized access to data results from hardware or software failure.
SOURCE: CNSSI-4009
Failure control
Methodology used to detect imminent hardware or software failure and provide fail safe or fail soft recovery.
SOURCE: CNSSI-4009
False rejection
When a biometric system fails to identify an applicant or fails to verify the legitimate claimed identity of an applicant.
SOURCE: SP 800-76
File security
Means by which access to computer files is limited to authorized users only.
SOURCE: CNSSI-4009
Firewall
A gateway that limits access between networks in accordance with local security policy.
SOURCE: SP 800-32
Flaw
Error of commission, omission, or oversight in an information system that may allow protection mechanisms to be bypassed.
SOURCE: CNSSI-4009
Forensics
The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.
SOURCE: CNSSI-4009
G
Gateway
Interface providing compatibility between networks by converting transmission speeds, protocols, codes, or security measures.
SOURCE: CNSSI-4009
Graduated security
A security system that provides several levels (e.g., low, moderate, high) of protection based on threats, risks, available technology, support services, time, human concerns, and economics.
SOURCE: FIPS 201
Gray box testing
Also called focused testing, a test methodology that assumes some knowledge of the internal structure and implementation detail of the assessment object. Also known as gray box testing.
SOURCE: SP 800-53A
Guard
A mechanism limiting the exchange of information between information systems or subsystems.
SOURCE: CNSSI-4009
H
Hacker
Unauthorized user who attempts to or gains access to an information system.
SOURCE: CNSSI-4009
Honeypot
A system (e.g., a Web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders and has no authorized users other than its administrators.
SOURCE: CNSSI-4009
Hot site
A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption.
SOURCE: SP 800-34
Hotspot
Mobile hotspot and tethering are ways you can use your data as a wireless internet service. Basically, you can connect your computer or tablet or any other device to your phone’s internet. You will use your phone’s data plan as the way to connect to the internet.
SOURCE: Wikipedia
I
Identification
The process of verifying the identity of a user, process, or device, usually as a prerequisite for granting access to resources in an IT system.
SOURCE: SP 800-47
Identification token
Smart card, metal key, or other physical object used to authenticate identity.
SOURCE: CNSSI-4009
Image
An exact bit-stream copy of all electronic data on a device, performed in a manner that ensures that the information is not altered.
SOURCE: SP 800-72
Incident
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
SOURCE: SP 800-61
Information Assurance (IA)
Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.
SOURCE: SP 800-59; CNSSI-4009
Information flow control
Procedure to ensure that information transfers within an information system are not made in violation of the security policy.
SOURCE: CNSSI-4009
Information security
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
SOURCE: SP 800-37; SP 800-53; SP 800-53A; SP 800-18; SP 800- 60; CNSSI-4009; FIPS 200; FIPS 199; 44 U.S.C., Sec. 3542
Information system
A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.
SOURCE: FIPS 200; FIPS 199; SP 800-53A; SP 800-37; SP 800-60; SP 800-18; 44 U.S.C., Sec. 3502; OMB Circular A-130, App. III
Internal network
A network where: (i) the establishment, maintenance, and provisioning of security controls are under the direct control of organizational employees or contractors; or (ii) cryptographic encapsulation or similar security technology provides the same effect. An internal network is typically organization-owned, yet may be organization-controlled while not being organization-owned.
SOURCE: SP 800-53
Internet Protocol (IP)
Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks.
SOURCE: CNSSI-4009
Intranet
A private network that is employed within the confines of a given enterprise (e.g., internal to a business or agency).
SOURCE: CNSSI-4009
IP address
A numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: host or network interface identification and location addressing.
SOURCE: Wikipedia
IP security (IPsec)
Suite of protocols for securing Internet Protocol (IP) communications at the network layer, layer 3 of the OSI model by authenticating and/or encrypting each IP packet in a data stream. IPsec also includes protocols for cryptographic key establishment.
SOURCE: CNSSI-4009
J
Jamming
An attack in which a device is used to emit electromagnetic energy on a wireless network’s frequency to make it unusable.
SOURCE: SP 800-48
K
Key
A numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification.
SOURCE: CNSSI-4009
Keylogger
A program designed to record which keys are pressed on a computer keyboard used to obtain passwords or encryption keys and thus bypass other security measures.
SOURCE: SP 800-82
Key tag
Identification information associated with certain types of electronic key.
SOURCE: CNSSI-4009
L
Local access
Access to an organizational information system by a user (or process acting on behalf of a user) communicating through a direct connection without the use of a network.
SOURCE: SP 800-53; CNSSI-4009
Local authority
Organization responsible for generating and signing user certificates in a PKI-enabled environment.
SOURCE: CNSSI-4009
Log file
A file that records either events that occur in an operating system or other software runs, or messages between different users of a communication software. Logging is the act of keeping a log. In the simplest case, messages are written to a single log file.
SOURCE: Wikipedia
M
Malicious code
Software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host. Spyware and some forms of adware are also examples of malicious code.
SOURCE: SP 800-53; CNSSI-4009
A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or of otherwise annoying or disrupting the victim.
SOURCE: SP 800-83
Manual remote rekeying
Procedure by which a distant crypto-equipment is rekeyed electronically, with specific actions required by the receiving terminal operator. Synonymous with cooperative remote rekeying. See also Automatic Remote Keying.
SOURCE: CNSSI-4009
Metrics
Tools designed to facilitate decision-making and improve performance and accountability through collection, analysis, and reporting of relevant performance-related data.
SOURCE: SP 800-55
N
Network access
Access to an organizational information system by a user (or a process acting on behalf of a user) communicating through a network (e.g., local area network, wide area network, Internet).
SOURCE: SP 800-53; CNSSI-4009
Network resilience
A computing infrastructure that provides continuous business operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged), rapid recovery if failure does occur, and the ability to scale to meet rapid or unpredictable demands.
SOURCE: CNSSI-4009
Network sniffing
A passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest. It is both a review technique and a target identification and analysis technique.
SOURCE: SP 800-115
Null
Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption or to complete encrypted groups for transmission or transmission security purposes.
SOURCE: CNSSI-4009
O
Offline attack
An attack where the Attacker obtains some data (typically by eavesdropping on an authentication protocol run, or by penetrating a system and stealing security files) that he/she is able to analyze in a system of his/her own choosing.
SOURCE: SP 800-63
Operating System (OS)
A system software that manages computer hardware, software resources, and provides common services for computer programs.
SOURCE: Wikipedia
Operational key
Key intended for use over-the-air for protection of operational information or for the production or secure electrical transmission of key streams.
SOURCE: CNSSI-4009
P
Packet filter
A routing device that provides access control functionality for host addresses and communication sessions.
SOURCE: SP 800-41
Packet sniffer
Software that observes and records network traffic.
SOURCE: CNSSI-4009
Patch
An update to an operating system, application, or other software issued specifically to correct particular problems with the software.
SOURCE: SP 800-123
Penetration testing
A test methodology in which assessors, using all available documentation (e.g., system design, source code, manuals) and working under specific constraints, attempt to circumvent the security features of an information system.
SOURCE: SP 800-53A
Phishing
Deceiving individuals into disclosing sensitive personal information through deceptive computer-based means.
SOURCE: CNSSI-4009
Plaintext
Intelligible data that has meaning and can be understood without the application of decryption.
SOURCE: SP 800-21
Privacy
Restricting access to subscriber or Relying Party information in accordance with federal law and agency policy.
SOURCE: SP 800-32
Private key
The secret part of an asymmetric key pair that is typically used to digitally sign or decrypt data.
SOURCE: SP 800-63
Privilege
A right granted to an individual, a program, or a process.
SOURCE: CNSSI-4009
Profiling
Measuring the characteristics of expected activity so that changes to it can be more easily identified.
SOURCE: SP 800-61; CNSSI-4009
Protocol
Set of rules and formats, semantic and syntactic, permitting information systems to exchange information.
SOURCE: CNSSI-4009
Proxy
A proxy is an application that “breaks” the connection between client and server. The proxy accepts certain types of traffic entering or leaving a network and processes it and forwards it. This effectively closes the straight path between the internal and external networks making it more difficult for an attacker to obtain internal addresses and other details of the organization’s internal network. Proxy servers are available for common Internet services; for example, a Hyper Text Transfer Protocol (HTTP) proxy used for Web access, and a Simple Mail Transfer Protocol (SMTP) proxy used for email. The difference between Proxy and VPN usually confuses people who have no idea how to choose.
SOURCE: SP 800-44
R
Read access
Permission to read information in an information system.
SOURCE: CNSSI-4009
Reciprocity
Mutual agreement among participating enterprises to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information.
SOURCE: CNSSI-4009
Red/black concept
Separation of electrical and electronic circuits, components, equipment, and systems that handle unencrypted information (Red), in electrical form, from those that handle encrypted information (Black) in the same form.
SOURCE: CNSSI-4009
Remote access
Access to an organizational information system by a user (or an information system acting on behalf of a user) communicating through an external network (e.g., the Internet).
SOURCE: SP 800-53
Repository
A database containing information and data relating to certificates as specified in a CP; may also be referred to as a directory.
SOURCE: SP 800-32
Residue
Data left in storage after information-processing operations are complete, but before degaussing or overwriting has taken place.
SOURCE: CNSSI-4009
Resilience
The ability to quickly adapt and recover from any known or unknown changes to the environment through holistic implementation of risk management, contingency, and continuity planning.
SOURCE: SP 800-34
Rootkit
A set of tools used by an attacker after gaining root-level access to a host to conceal the attacker’s activities on the host and permit the attacker to maintain root-level access to the host through covert means.
SOURCE: CNSSI-4009
S
S-box
Nonlinear substitution table used in several byte substitution transformations and in the Key Expansion routine to perform a one-for-one substitution of a byte value.
SOURCE: FIPS 197
Salt
A non-secret value that is used in a cryptographic process, usually to ensure that the results of computations for one instance cannot be reused by an Attacker.
SOURCE: SP 800-63; CNSSI-4009
Scanning
Sending packets or requests to another system to gain information to be used in a subsequent attack.
SOURCE: CNSSI-4009
Security controls
The management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availability of the system and its information.
SOURCE: SP 800-53; SP 800-37; SP 800-53A; SP 800-60; FIPS 200; FIPS 199; CNSSI-4009
Security label
The means used to associate a set of security attributes with a specific information object as part of the data structure for that object.
SOURCE: SP 800-53
Security marking
Human-readable information affixed to information system components, removable media, or output indicating the distribution limitations, handling caveats, and applicable security markings.
SOURCE: SP 800-53
Sensitive information
Information, the loss, misuse, or unauthorized access to or modification of, that could adversely affect the national interest or the conduct of federal programs, or the privacy to which individuals are entitled under 5 U.S.C. Section 552a (the Privacy Act), but that has not been specifically authorized under criteria established by an Executive Order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.
SOURCE: SP 800-53
Skimming
The unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag.
SOURCE: SP 800-98
SkyVPN
A top rated VPN service provider located in Sunnyvale, CA, SkyVPN currently serves over twenty million users across the globe. Regardless of user location, their service provides unlimited access to all sites, apps and content while protecting data, intercepting cookies, hiding the IP of the users and allowing the users to browse anonymously.
Social engineering
An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks.
SOURCE: SP 800-61
Spoofing
“IP spoofing” refers to sending a network packet that appears to come from a source other than its actual source.
SOURCE: SP 800-48
T
Tactical data
Information that requires protection from disclosure and modification for a limited duration as determined by the originator or information owner.
SOURCE: CNSSI-4009
Token
Something that the Claimant possesses and controls (typically a key or password) that is used to authenticate the Claimant’s identity.
SOURCE: SP 800-63
Transmission
The state that exists when information is being electronically sent from one location to one or more other locations.
SOURCE: CNSSI-4009
Trap door
In cryptography, one-to-one function that is easy to compute in one direction, yet believed to be difficult to invert without special information.
SOURCE: CNSSI-4009
Trojan horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
SOURCE: CNSSI-4009
Tunneling
Technology enabling one network to send its data via another network’s connections. Tunneling works by encapsulating a network protocol within packets carried by the second network.
SOURCE: CNSSI-4009
V
Virtual Private Network (VPN)
A virtual network, built on top of existing physical networks, that provides a secure communications tunnel for data and other information transmitted between networks.
SOURCE: SP 800-46
Virus
A computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to spread itself to other computers, or even erase everything on a hard disk.
SOURCE: CNSSI-4009
W
Wireless Access Point (WAP)
A device that acts as a conduit to connect wireless communication devices together to allow them to communicate and create a wireless network.
SOURCE: CNSSI-4009
You May Also Like:
- How to Tell if Someone is Spying on My Phone and How to Stop That
- Ask Your Employees These Questions to Easily Test Their Cybersecurity Awareness
- What’s Computer Hacking and How to Prevent It
- What is Ransomware? Everything You Should Know About Top 1 Possible Cyberattack in 2021
- Affected by Facebook Leak? How to Stay More Private on Social Media