Deleted File

A file that has been logically, but not necessarily physically, erased


A set of system resources that operate in the same security domain and that share

Event Filtering

The suppression of log entries from analysis, reporting, or long-term storage


Any observable occurrence in an information system. See the following under Event


Of or relating to biometric identification in which submitted feature data


A string of eight bits. Often referred to as a byte. See the following under Octet


Bit(s) used to determine whether a block of data has been altered.


Of or relating to biometric verification in which submitted feature data


Hardware, firmware, or software that is intentionally included

Mail Server

A host that provides “electronic post office” facilities. It stores incoming mail


A “repair job” for a piece of programming; also known as a “fix”.

Password Cracking

The process of recovering secret passwords stored in a computer system

Web Portal

Provides a single point of entry into the SOA for requester entities


A possible replacement for the conventional BIOS that is becoming widely deployed


A passphrase is a memorized secret consisting of a sequence of words or other text


The behavior of an actor. A tactic is the highest-level description of this behavior


A list of discrete entities, such as hosts or applications that are known to be benign

Web Service

A software component or system designed to support interoperable machine


A generic term that refers to a wireless local area network that observes the IEEE 802.11


Any circumstance or event with the potential to adversely impact organizational operations


A name referring to the investigation, study, and control of unintentional compromising

Third-Party Providers

Service providers, integrators, vendors, telecommunications, and infrastructure support

Technical Controls

The security controls (i.e., safeguards or countermeasures) for an information system

Threat Actor

An individual or a group posing a threat. See NIST SP 800-150 under Threat Actor


The ability for an organization’s employees and contractors to conduct work