Blue Team

The group responsible for defending an enterprise’s use of information systems

Block Cipher

A symmetric-key cryptographic algorithm that transforms one block of information

User ID

Unique symbol or character string used by an information system

Web Server

A computer that provides World Wide Web (WWW) services on the Internet.


Store files containing malware in isolation for future disinfection or examination.


The transmission of packetized voice using the internet protocol (IP)


Individual or (system) process authorized to access an information system.


The ability for an organization’s employees and contractors to conduct work


A uniform resource locator, or URL, is a short string containing an address


Information that does not require safeguarding or dissemination controls

POODLE attack

POODLE is referred to as both a downgrade attack, and a man-in-the-middle exploit.

MITM Attack

Man in the Middle. An attack using active interception or eavesdropping.

Plain text

Plain text is simple text displayed in a readable format. Encryption converts plain text

Volatile Data

Data on a live system that is lost after a computer is powered down.


A flexible text format designed to describe data for electronic publishing.

Watering Hole Attack

Security exploit where the attacker infects websites that are frequently visited

Zero Day Attack

An attack that exploits a previously unknown hardware, firmware, or software

Tabletop Exercise

A discussion-based exercise where personnel with roles and responsibilities


The means used to associate a set of security attributes with a specific information object

XML Encryption

A process or mechanism for encrypting and decrypting XML documents or parts