Log Analysis

Studying log entries to identify events of interest or suppress log entries

Random Number

For the purposes of this Recommendation, a value in a set that has an equal probability

Log

A record of the events occurring within an organization’s systems and networks.

Log Clearing

Removing all entries from a log that precede a certain date and time.

Payload

Consists of the information passed down from the previous layer.

RBAC

Access control based on user roles (i.e., a collection of access authorizations a user

Record

To write data on a medium, such as a magnetic tape, magnetic disk, or optical disk.

RADIUS

An authentication and accounting system used to control access to an ISP.

Event Aggregation

The consolidation of similar log entries into a single entry containing a count of the number

BCP

Business Continuity Plan. The documentation of a predetermined set of instructions

Message Digest

The result of applying a cryptographic hash function to data (e.g., a message).

Worm

A computer program that can run independently, can propagate a complete working

Wireless Device

Any device that can connect to an ICS network via radio or infrared waves

Event Correlation

Finding relationships between two or more log entries. See NIST SP 800-92

Network Discovery

The process of discovering active and responding hosts on a network

Erasure

Process intended to render magnetically stored information irretrievable by normal means.

Key Owner

A person authorized by an FCKMS service provider or FCKMS service

Information Owner

Official with statutory or operational authority for specified information

Remote Access

Access to an organizational information system by a user (or an information system)

Flash ROM

Non-volatile memory that is writable.
NIST SP 800-101 Rev. 1

Risk Assessment

The process of identifying risks to organizational operations, organizational assets,

Replay Attacks

An attack in which the Attacker is able to replay previously captured messages