Awareness is not training.
Format
Pre-established layout for data.
Cyberspace
A global domain within the information environment consisting of the interdependent network
Normalization
Converting each log data field to a particular data representation and categorizing it consistently.
Log Conversion
Parsing a log in one format and storing its entries in a second format.
PSK
A single secret key used by IPsec endpoints to authenticate endpoints to each other
Interface
In a service-oriented architecture, a specification of the operations that a service offers its clients.
Authentication, Authorization, and Accounting
The property that data originated from its purported source.
Null
Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption
Default Classification
Classification reflecting the highest classification being processed in an information system.
Algorithm Identifier
A PIV algorithm identifier is a one-byte identifier that specifies a cryptographic algorithm and key size.
The Federal Information Security Management Act (FISMA)
Requires agencies to integrate IT security into their capital planning and enterprise architecture processes at the agency
Decryption
The process of transforming ciphertext into plaintext using a cryptographic algorithm and key.
Aggregated Information
Information elements collated on a number of individuals, typically used for the purposes of making comparisons or identifying patterns.
Certificate Status Authority
A trusted entity that provides on-line verification to a Relying Party of a subject certificate’s trustworthiness
Threat Analysis
Process of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threat.
Evaluation Assurance Level
Set of assurance requirements that represent a point on the Common Criteria predefined assurance scale.
Enclave Boundary
Point at which an enclave’s internal network service layer connects to an external network’s service layer
Anonymozation
Process that removes the association between the identifying dataset and the data subject.
URI
A uniform resource identifier, or URI, is a short string containing a name or address which refers to an object in the “web.”
Time bomb
Resident computer program that triggers an unauthorized act at a predefined time.
Network Access Control (NAC)
A feature provided by some firewalls that allows access based on a user’s credentials
Open Vulnerability and Assessment Language (OVAL)
A language for representing system configuration information, assessing machine state, and reporting assessment results.
Demilitarize
The process of preparing National Security System equipment for disposal by extracting all CCI
Encryption Certificate
A certificate containing a public key that can encrypt or decrypt electronic messages, files, documents
Classified Information Spillage
Security incident that occurs whenever classified data is spilled either onto an unclassified information system
Aggregate
To combine several more-specific prefixes into a less-specific prefix.