Glossary C
Cyber

Cyber

Refers to both information and communications networks.See NISTIR 8074 Vol. 2 for more information.

Read More

Disruption

Cryptographic

Pertaining to, or concerned with, cryptography.See CNSSI 4009-2015 from NSA/CSS Manual Number 3-16 (COMSEC) for more information.

Read More

Control

Control

The part of the ICS used to perform the monitoring and control of the physical process. This includes all control servers, field devices, actuators, sensors, ...

Read More

Cyberspace

Cyberspace

A global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded ...

Read More

Aggregated Information

Certificate Status Authority

A trusted entity that provides on-line verification to a Relying Party of a subject certificate's trustworthiness, and may also provide additional attribute information for the ...

Read More

Classified Information Spillage

Classified Information Spillage

Security incident that occurs whenever classified data is spilled either onto an unclassified information system or to an information system with a lower level of ...

Read More

Certificate Revocation List (CRL)

Certificate Revocation List (CRL)

A list of revoked public key certificates created and digitally signed by a Certification Authority.See NISTIR 7711 under Certificate Revocation List for more information.A list of revoked ...

Read More

Certificate Policy (CP)

Certificate Policy (CP)

A specialized form of administrative policy tuned to electronic transactions performed during certificate management. A certificate policy addresses all aspects associated with the generation, production, ...

Read More

callback

Call Back

Procedure for identifying and authenticating a remote information system terminal, whereby the host system disconnects the terminal and reestablishes contact. See CNSSI 4009-2015  for more information. 

Read More

Common criteria

CC (Common Criteria)

Governing document that provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems. See NIST SP 800-53 Rev. 4 under Common Criteria ...

Read More

CCB

CCB

Configuration Control Board A group of qualified people with responsibility for the process of regulating and approving changes to hardware, firmware, software, and documentation throughout the ...

Read More

CEO

CEO

Chief Executive Officer “C” level officers aren’t really defined by NIST. However, the acronyms are used so often. 

Read More

Certificate (General)

Certificate

Also known as a digital certificate. A digital representation of information which at least 1. identifies the certification authority issuing it, 2. names or identifies its subscriber, 3. contains the subscriber's ...

Read More

Certificate Authority

Certificate Authority (CA)

A trusted entity that issues and revokes public key certificates. See NISTIR 8149 for more information. 

Read More

Certificate Management

Certificate Management

Process whereby certificates are generated, stored, protected, transferred, loaded, used, and destroyed. See CNSSI 4009-2015 for more information. 

Read More

certification-path

Certification Path

A chain of trusted public-key certificates that begins with a certificate whose signature can be verified by a relying party using a trust anchor, and ...

Read More

CPS

CPS

Certification Practice StatementA statement of the practices that a certification authority (CA) employs in issuing, suspending, revoking, and renewing certificates and providing access to them, ...

Read More

Chain-of-Custody

Chain of Custody

A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time ...

Read More

Chain-of-Evidence

Chain of Evidence

A process and record that shows who obtained the evidence; where and when the evidence was obtained; who secured the evidence; and who had ...

Read More

Challenger-and-Reply-authentication

Challenge and Reply

Prearranged procedure in which a subject requests authentication of another and the latter establishes validity with a correct reply.  See CNSSI 4009-2015 for more information. 

Read More

checksum

Checksum

A value that:(a) is computed by a function that is dependent on the contents of a data object and (b) is stored or transmitted together ...

Read More

Chief Privacy Officer

Chief Privacy Officer

The senior organizationalofficial with overall organization-wide responsibility for information privacyissues.See NIST SP 800-53 Rev. 4 under Senior Agency Official for Privacy and NIST SP 800-53A ...

Read More

CIO2

Chief Information Officer

Agency official responsible for: (i) Providing advice and other assistance to the head of the executive agency and other senior management personnel of the agency ...

Read More

CISO

CISO

Chief Information Security Officer.Official responsible for carrying out the Chief Information Officer responsibilities under the Federal Information Security Management Act (FISMA) and serving as the ...

Read More

Ciphertext

Ciphertext

Ciphertext is the result of encrypting plain text. In other words, plain text is encrypted with an algorithm, resulting in ciphertext, which is unintelligible. If ...

Read More

Classified Information

Classified Information

Information that has been determined: pursuant to Executive Order 12958 as amended by Executive Order 13526, or any predecessor Order, to be classified national security information; ...

Read More

Classified National Security Information

Classified National Security Information

Information that has been determined pursuant to Executive Order 13526 or any predecessor order to require protection against unauthorized disclosure and is marked to indicate ...

Read More

Clear Text

Clear Text

Information that is not encrypted.See NIST SP 800-82 Rev. 2 under Clear Text for more information.Intelligible data, the semantic content of which is available. Note: Clear ...

Read More

Container Runtime

Container Runtime

The environment for each container; comprised of binaries coordinating multiple operating system components that isolate resources and resource usage for running containers.See NIST SP 800-190 ...

Read More

Contingency Plan

Contingency Plan

Management policy and procedures used to guide an enterprise response to a perceived loss of mission capability. The Contingency Plan is the first plan used ...

Read More

Confidentiality

Confidentiality

Confidentiality prevents the unauthorized disclosure of data. In other words, authorized personnel can access the data, but unauthorized personnel cannot access the data. You can ...

Read More

Cybersecurity

Cyber Security

Cyber security is a broad range of practices, tools, and concepts used to  protect information technology assets. It is sometimes referred to as "cybersecurity" (without ...

Read More