A feature provided by some firewalls that allows access based on a user’s credentials

A language for representing system configuration information, assessing machine state, and reporting assessment results.

The process of preparing National Security System equipment for disposal by extracting all CCI

A certificate containing a public key that can encrypt or decrypt electronic messages, files, documents

Security incident that occurs whenever classified data is spilled either onto an unclassified information system

To combine several more-specific prefixes into a less-specific prefix.

A generic term encompassing decoding and deciphering.

See Credential Service Provider.

A list of revoked public key certificates created and digitally signed by a Certification Authority.

Convert encoded data back to its original form of representation.

An assessment object that includes people applying specifications, mechanisms, or activities.

A routing technology used by many firewalls to hide internal system addresses from an external network through use of an addressing schema.

Output Block.

Encompasses all those components of the system that are to be accredited by the DAA.

A specialized form of administrative policy tuned to electronic transactions performed during certificate management.

A host-based IPS program that monitors and analyzes activity and performs preventive actions.

Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.

Convert enciphered text to plain text by means of a cryptographic system.

A program that specializes in detecting both malware and non-malware forms of spyware.

A technique for concealing or destroying data so that others cannot access it.

Authorization to perform some action on a system.

 The level of impact on organizational operations (including mission, functions, image

The state that exists when information is being electronically sent from one location

The environment for each container; comprised of binaries coordinating multiple OS

Management policy and procedures used to guide an enterprise response

A portable computing device that: (i) has a small form factor such that

TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol