Refers to both information and communications networks.
Multipurpose Internet Mail Extensions (MIME)
A protocol that makes use of the headers in an IETF RFC 2822 message to describe the structure of rich message content.
Disposal
Disposal is a release outcome following the decision that media does not contain sensitive data.
Authorization
The process of granting or denying specific requests
Firmware
Computer programs and data stored in hardware – typically in read-only memory (ROM) or programmable read-only memory (PROM)
Pseudonymization
A particular type of de-identification that both removes the association with a data subject
Log Compression
Storing a log file in a way that reduces the amount of storage space needed for the file without altering the meaning of its contents.
Flooding
An attack that attempts to cause a failure in a system by providing more input than the system can process properly.
Disruption
An unplanned event that causes the general system or major application to be inoperable for an unacceptable length of time
Cryptographic
Pertaining to, or concerned with, cryptography.
Privacy
Assurance that the confidentiality of, and access to, certain information about an entity is protected.
Rivest-Shamir-Adleman (RSA)
Algorithm developed by Rivest, Shamir and Adelman (allowed in FIPS 186-3 and specified in ANS X9.31 and PKCS #1).
Disclosure
Divulging of, or provision of access to, data.
Control
The part of the ICS used to perform the monitoring and control of the physical process.
DH
A method used to securely exchange or establish secret keys across an insecure network.
PIN
A memorized secret typically consisting of only decimal digits.
Exfiltration
The unauthorized transfer of information from an information system.
Forensics
The practice of gathering, retaining, and analyzing computer-related data for investigative purposes
Intranet
A computer network, especially one based on Internet technology
Pseudonym
A name assigned through a formal process by a federal department or agency to a federal employee for the purpose of the employee’s protection
Extranet
A computer network that an organization uses for application data traffic between the organization and its business partners.
Awareness
Awareness is not training.
Format
Pre-established layout for data.
Cyberspace
A global domain within the information environment consisting of the interdependent network
Normalization
Converting each log data field to a particular data representation and categorizing it consistently.
Log Conversion
Parsing a log in one format and storing its entries in a second format.
PSK
A single secret key used by IPsec endpoints to authenticate endpoints to each other