Log Management

The process for generating, transmitting, storing, analyzing, and disposing of log data.

Log Entry

An individual record within a log. See NIST SP 800-92 for detailed information.

Misconfiguration

An incorrect or suboptimal configuration of an information system

Metacharacter

A character that has some special meaning to a computer program

Metadata

Information describing the characteristics of data including

WAP

A standard that defines the way in which Internet communications

Risk Response

Accepting, avoiding, mitigating, sharing, or transferring risk to organizational operations

Network Layer

Layer of the TCP/IP protocol stack that is responsible for routing packets

Exclusive OR

Bitwise logical “exclusive-or”, where 0⊕ 0 = 0, 0⊕ 1 = 1, 1⊕ 0 = 1, and 1⊕ 1 = 0.

Evidence

Grounds for belief or disbelief; data on which to base proof or to establish truth or falsehood.

RMF

Risk Management Framework A structured approach used to oversee and manage risk

Risk Management

The process of managing risks to organizational operations organizational assets

Risk Tolerance

The level of risk an entity is willing to assume in order to achieve a potential desired

Risk Mitigation

Prioritizing, evaluating, and implementing the appropriate risk-reducing controls

Media Sanitization

A general term referring to the actions taken to render data written on media unrecoverable

Mission Critical

Any telecommunications or information system that is defined as a national security

Mobile Code

Software programs or parts of programs obtained from remote systems

Log Analysis

Studying log entries to identify events of interest or suppress log entries

Random Number

For the purposes of this Recommendation, a value in a set that has an equal probability

Log

A record of the events occurring within an organization’s systems and networks.

Log Clearing

Removing all entries from a log that precede a certain date and time.