Glossary C
callback

Call Back

Procedure for identifying and authenticating a remote information system terminal, whereby the host system disconnects the terminal and reestablishes contact. See CNSSI 4009-2015  for more information. 

Read More

Common criteria

CC (Common Criteria)

Governing document that provides a comprehensive, rigorous method for specifying security function and assurance requirements for products and systems. See NIST SP 800-53 Rev. 4 under Common Criteria ...

Read More

CCB

CCB

Configuration Control Board A group of qualified people with responsibility for the process of regulating and approving changes to hardware, firmware, software, and documentation throughout the ...

Read More

CEO

CEO

Chief Executive Officer “C” level officers aren’t really defined by NIST. However, the acronyms are used so often. 

Read More

Certificate (General)

Certificate

Also known as a digital certificate. A digital representation of information which at least 1. identifies the certification authority issuing it, 2. names or identifies its subscriber, 3. contains the subscriber's ...

Read More

Certificate Authority

Certificate Authority (CA)

A trusted entity that issues and revokes public key certificates. See NISTIR 8149 for more information. 

Read More

Certificate Management

Certificate Management

Process whereby certificates are generated, stored, protected, transferred, loaded, used, and destroyed. See CNSSI 4009-2015 for more information. 

Read More

certification-path

Certification Path

A chain of trusted public-key certificates that begins with a certificate whose signature can be verified by a relying party using a trust anchor, and ...

Read More

CPS

CPS

Certification Practice StatementA statement of the practices that a certification authority (CA) employs in issuing, suspending, revoking, and renewing certificates and providing access to them, ...

Read More

Chain-of-Custody

Chain of Custody

A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time ...

Read More

Chain-of-Evidence

Chain of Evidence

A process and record that shows who obtained the evidence; where and when the evidence was obtained; who secured the evidence; and who had ...

Read More

Challenger-and-Reply-authentication

Challenge and Reply

Prearranged procedure in which a subject requests authentication of another and the latter establishes validity with a correct reply.  See CNSSI 4009-2015 for more information. 

Read More

checksum

Checksum

A value that:(a) is computed by a function that is dependent on the contents of a data object and (b) is stored or transmitted together ...

Read More

Chief Privacy Officer

Chief Privacy Officer

The senior organizationalofficial with overall organization-wide responsibility for information privacyissues.See NIST SP 800-53 Rev. 4 under Senior Agency Official for Privacy and NIST SP 800-53A ...

Read More

CIO2

Chief Information Officer

Agency official responsible for: (i) Providing advice and other assistance to the head of the executive agency and other senior management personnel of the agency ...

Read More

Ciphertext

Ciphertext

Data output from the Cipher or input to the Inverse Cipher.  See  FIPS 197 under Ciphertext for more information.  Data in its enciphered form. See  NIST SP 800-56B Rev. 1 under ...

Read More

Confidentiality

Confidentiality

Confidentiality prevents the unauthorized disclosure of data. In other words, authorized personnel can access the data, but unauthorized personnel cannot access the data. You can ...

Read More

Cybersecurity

Cyber Security

Cyber security is a broad range of practices, tools, and concepts used to  protect information technology assets. It is sometimes referred to as "cybersecurity" (without ...

Read More