E - Cybersecurity Glossary

This page is having a slideshow that uses Javascript. Your browser either doesn't support Javascript or you have it turned off. To see this page as it is meant to appear please use a Javascript enabled browser.Verticalis WordPress Slider Plugin.

Glossary E

Exfiltration

The unauthorized transfer of information from an information system.See CNSSI 4009-2015 for more information

Extranet

A computer network that an organization uses for application data traffic between the organization and its business partners.See CNSSI 4009-2015 from IETF RFC 4949 Ver ...

Evaluation Assurance Level

Set of assurance requirements that represent a point on the Common Criteria predefined assurance scale. Rationale: NIAP has switched to a “protection profile” program to ...

Enclave Boundary

Point at which an enclave’s internal network service layer connects to an external network’s service layer, i.e., to another enclave or to a wide area ...

Encryption Certificate

A certificate containing a public key that can encrypt or decrypt electronic messages, files, documents, or data transmissions, or establish or exchange a session key ...

ECC

Elliptic Curve Cryptography, the public-key cryptographic methods using operations in an elliptic curve group. See NIST SP 800-56A Rev. 2 and NIST SP 800-56C  for more information.

E-commerce

The use of network technology (especially the internet) to buy or sell goods and services. See NIST SP 800-32 for more information.

Egress Filtering

Filtering of outgoing network traffic. See NIST SP 800-41 Rev. 1 for more information.

EMI

An electromagnetic disturbance that interrupts, obstructs, or otherwise degrades or limits the effective performance of electronics/electrical equipment. See NIST SP 800-101 Rev. 1 and NIST SP 800-72 for more information.

Encryption Algorithm

Set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key.See CNSSI 4009-2015 for more information.

EPHI

Electronic Protected Health Information Individually identifiable health information: that is: (i) Transmitted by electronic media; ...

Encryption

Encryption provides confidentiality and prevents unauthorized disclosure of data. Encrypted data is in a ciphertext format that is unreadable. Attackers can’t read encrypted traffic sent ...

ECDSA

Elliptic Curve Digital Signature Algorithm (ECDSA) A digital signature algorithm that is an analog of DSA using elliptic curve mathematics and specified in ANSI draft standard X9.62. See NIST SP ...

Emergency Action Plan

A plan developed to prevent loss of national intelligence; protect personnel, facilities, and communications; and recover operations damaged by terrorist attack, natural disaster, or similar ...

Emission Security (EMSEC)

The component of communications security that results from all measures taken to deny unauthorized persons information of value that might be derived from intercept and ...

ESPP

Encapsulating Security Payload Protocol IPsec security protocol that can provide encryption and/or integrity protection for packet headers and data. See NIST SP 800-77 for more information.

Encipher

Cryptographically transform data to produce cipher text.See CNSSI 4009-2015 under encrypt (IETF RFC 4949 Ver 2) for more information. See encrypt. Rationale: Deprecated Term: Encrypt is the preferred term. See CNSSI ...

Enclave

A set of system resources that operate in the same security domain and that share the protection of a single, common, continuous security perimeter. See IETF RFC ...

Encode

Use a system of symbols to represent information, which might originally have some other representation. Example: Morse code.See IETF RFC 4949 Ver 2 for more information.

Encrypt

Cryptographically transform data to produce cipher text. See CNSSI 4009-2015 (IETF RFC 4949 Ver 2) for more information.

Encryption

Cryptographic transformation of data (called “plaintext”) into a form (called “ciphertext”) that conceals the data’s original meaning to prevent it from being known or used. ...

Endpoint Protection Platform

Safeguards implemented through software to protect end-user machines such as workstations and laptops against attack (e.g., antivirus, antispyware, antiadware, personal firewalls, host-based intrusion detection and prevention ...

End-to-End Encryption

Communications encryption in which data is encrypted when being passed through a network, but routing information remains visible. See NIST SP 800-12 and NIST SP 800-12 Rev. 1 under End-to-End ...

Enterprise

An organization with a defined mission/goal and a defined boundary, using information systems to execute that mission, and with responsibility for managing its own risks ...

Ephemeral Key

A cryptographic key that is generated for each execution of a key-establishment process and that meets other requirements of the key type (e.g., unique to ...

Ephemeral Key Pair

A key pair, consisting of a public key (i.e., an ephemeral public key) and a private key (i.e., an ephemeral private key) that is intended ...

Erasure

Process intended to render magnetically stored information irretrievable by normal means. See NIST SP 800-88 Rev. 1 under Erasure for more information.

Error Detection Code

A code computed from data and comprised of redundant bits of information designed to detect, but not correct, unintentional changes in the data. See NIST SP 800-152 under ...

Event

Any observable occurrence in an information system. See the following under Event for more information: NIST SP 800-53 Rev. 4. NIST SP 800-61 Rev. 2. NIST SP 800-61 Rev. ...

Event Aggregation

The consolidation of similar log entries into a single entry containing a count of the number of occurrences of the event. See NIST SP 800-92 under Aggregation for ...

Event Correlation

Finding relationships between two or more log entries. See NIST SP 800-92 under Correlation for more information.

Event Filtering

The suppression of log entries from analysis, reporting, or long-term storage because their characteristics indicate that they are unlikely to contain information of interest. See NIST SP ...

Evidence

Grounds for belief or disbelief; data on which to base proof or to establish truth or falsehood. Note 1: Evidence can be objective or subjective. Evidence ...

Exclusive OR

Exclusive-OR operation. See the following for detailed information: FIPS 197 under XOR. FIPS 197 under ⊕. Bitwise logical “exclusive-or”, where 0⊕ 0 = 0, 0⊕ 1 = 1, 1⊕ 0 = ...