Plain text

Plain text is simple text displayed in a readable format. Encryption converts plain text

Volatile Data

Data on a live system that is lost after a computer is powered down.

XML

A flexible text format designed to describe data for electronic publishing.

Watering Hole Attack

Security exploit where the attacker infects websites that are frequently visited

Zero Day Attack

An attack that exploits a previously unknown hardware, firmware, or software

Tabletop Exercise

A discussion-based exercise where personnel with roles and responsibilities

Label

The means used to associate a set of security attributes with a specific information object

XML Encryption

A process or mechanism for encrypting and decrypting XML documents or parts

Object

Passive information system-related entity (e.g., devices, files, records, tables, processes,

Media Access Control

An access control policy that is uniformly enforced across all subjects and objects

Password

A string of characters (letters, numbers, and other symbols) used to authenticate an identity

Passive Attack

An attack against an authentication protocol where the attacker intercepts data

Virus

A hidden, self-replicating section of computer software, usually malicious logic,

Vulnerability

Weakness in an information system, system security procedures, internal controls

Partition

A logical portion of a media that functions as though it were physically separate from other

VPN

Protected information system link utilizing tunneling, security controls, and endpoint address

Virtual Machine

A simulated environment created by virtualization. See under Virtual Machine.

Virtualization

The simulation of the software and/or hardware upon which other software runs.

Vendor

A commercial supplier of software or hardware. See NISTIR 4734

Packet Sniffer

Software that observes and records network traffic. See CNSSI 4009-2015