Devices, such as virtual private network gateways and modem servers
RADIUS
An authentication and accounting system used to control access to an ISP.
Event Aggregation
The consolidation of similar log entries into a single entry containing a count of the number
BCP
Business Continuity Plan. The documentation of a predetermined set of instructions
Media Access Control Address
A hardware address that uniquely identifies each component of an IEEE 802-based
Message Digest
The result of applying a cryptographic hash function to data (e.g., a message).
Worm
A computer program that can run independently, can propagate a complete working
Wireless Device
Any device that can connect to an ICS network via radio or infrared waves
Event Correlation
Finding relationships between two or more log entries. See NIST SP 800-92
Network Discovery
The process of discovering active and responding hosts on a network
Error Detection Code
A code computed from data and comprised of redundant bits of information
Erasure
Process intended to render magnetically stored information irretrievable by normal means.
Key Owner
A person authorized by an FCKMS service provider or FCKMS service
Likelihood of Occurrence
A weighted factor based on a subjective analysis of the probability that a given threat
Information Owner
Official with statutory or operational authority for specified information
Remote Access
Access to an organizational information system by a user (or an information system)
Flash ROM
Non-volatile memory that is writable.
NIST SP 800-101 Rev. 1
Risk Assessment
The process of identifying risks to organizational operations, organizational assets,
Replay Attacks
An attack in which the Attacker is able to replay previously captured messages
Transport Layer Security
An authentication and encryption protocol widely implemented in browsers
Token
The means used to confirm the identity of a user, processor, or device
Threat Intelligence
Threat information that has been aggregated, transformed, analyzed, interpreted
Timestamp
A token or packet of information that is used to provide assurance of timeliness
Hybrid Security Control
A security control that is implemented in an information system
Hotfix
Updated code from Microsoft that addresses a specific security problem.
Jitter
The time or phase difference between the data signal and the ideal clock.
Information Management Policy
The high-level policy of an organization that specifies what information is to be collected