Glossary M
FIPS

MOU/A

A type of intra-agency, interagency, or National Guard agreement between two or more parties, which includes specific terms that are agreed to, and a commitment ...

Read More

Multipurpose Internet Mail Extensions (MIME)

Multipurpose Internet Mail Extensions (MIME)

A protocol that makes use of the headers in an IETF RFC 2822 message to describe the structure of rich message content.See NIST SP 800-45 ...

Read More

Mail Server

Mail Server

A host that provides “electronic post office” facilities. It stores incoming mail for distribution to users and forwards outgoing mail. The term may refer to ...

Read More

Malware

Malware

Hardware, firmware, or software that is intentionally included or inserted in a system for a harmful purpose. See IETF RFC 4949 Ver 2 for more information.  A program that ...

Read More

Masquerading

Masquerading

A type of threat action whereby an unauthorized entity gains access to a system or performs a malicious act by illegitimately posing as an authorized ...

Read More

Maximum Tolerable Downtime

Maximum Tolerable Downtime

The amount of time mission/business process can be disrupted without causing significant harm to the organization’s mission. See NIST SP 800-34 Rev. 1 for more information. 

Read More

Media Access Control

Media Access Control

Message Authentication Code. See the following for more information: NIST SP 800-108. NIST SP 800-185. NIST SP 800-56C.  An access control policy that is uniformly enforced across all subjects and ...

Read More

Media Access Control Address

Media Access Control Address

A hardware address that uniquely identifies each component of an IEEE 802-based network. On networks that do not conform to the IEEE 802 standards but ...

Read More

Media Sanitization

Media Sanitization

A general term referring to the actions taken to render data written on media unrecoverable by both ordinary and extraordinary means. See NIST SP 800-88 Rev. 1 under ...

Read More

Message Digest

Message Digest

The result of applying a cryptographic hash function to data (e.g., a message). Also known as a “message digest”. See the following for more information: NIST SP ...

Read More

Metacharacter

Metacharacter

A character that has some special meaning to a computer program and therefore will not be interpreted properly as part of a literal string.See NISTIR ...

Read More

Metadata

Metadata

Information describing the characteristics of data including, for example, structural metadata describing data structures (e.g., data format, syntax, and semantics) and descriptive metadata describing data ...

Read More

Misconfiguration

Misconfiguration

An incorrect or suboptimal configuration of an information system or system component that may lead to vulnerabilities.See NIST SP 800-128 under Misconfiguration for detailed information.A ...

Read More

MITM Attack

MITM Attack

Man in the Middle.An attack using active interception or eavesdropping. It uses a third computer to capture traffic sent between two other systems. See POODLE ...

Read More

Mission Critical

Mission Critical

Any telecommunications or information system that is defined as a national security system (FISMA) or processes any information the loss, misuse, disclosure, or unauthorized access ...

Read More

Mobile Device

Mobile Device

A portable computing device that: (i) has a small form factor such that it can easily be carried by a single individual; (ii) is designed ...

Read More

Mobile Code

Mobile Code

Software programs or parts of programs obtained from remote systems, transmitted across a network, and executed on a local system without explicit installation or execution ...

Read More

Most Significant Bit(s)

Most Significant Bit(s)

The left-most bit(s) of a bit string.See the following under Most Significant Bit(s) for detailed information:NIST SP 800-38A.NIST SP 800-38B.NIST SP 800-38C.NIST SP 800-38D.NIST SP ...

Read More

Multi-level Security (MLS)

Multi-level Security (MLS)

Concept of processing information with different classifications and categories that simultaneously permits access by users with different security clearances and denies access to users who ...

Read More