Incident Handling

An IT security incident is an adverse event in a computer system or network

Incident Response

The mitigation of violations of security policies and recommended practices.

Impact Level

The magnitude of harm that can be expected to result from the consequences


A package that contains all the files required to run a container. See NIST SP 800-190.


A group of eight bits that is treated either as a single entity or as an array of 8 individual


Advanced Encryption Standard (as specified in FIPS 197). NIST SP 800-57 Part 1 Rev. 4


Individual, group, organization, or government that conducts or has the intent to conduct

Hot Site

A fully operational offsite data processing facility equipped with hardware and software

Host-based IDPS

A program that monitors the characteristics of a single host and the events occurring

High Impact System

An information system in which at least one security objective is assigned

High Impact

The loss of confidentiality, integrity, or availability that could be expected

False Rejection

The failure of a biometric system to identify a biometric subject


The set of physical and behavioral characteristics by which an individual is uniquely

Hash Code

The string of bits which is the output of a hash function. See NIST SP 800-15

False Reject Rate (FRR)

Proportion of verification transactions with truthful claims of identity that are incorrectly

False Positive

An erroneous acceptance of the hypothesis that a statistically significant event


The confidential form of the plaintext that is the output of the authenticated-encryption

Active Attack

An attack on the authentication protocol where the Attacker transmits data to the Claimant,


Transmission to all devices in a network without any acknowledgment


Measurable physical characteristics or personal behavioral traits

Boundary Protection

Monitoring and control of communications at the external boundary of an information