An online protocol used to determine the status of a public key certificate.
Development Life Cycle
The scope of activities associated with a system, encompassing the system’s initiation
Degauss
To reduce the magnetic flux to virtual zero by applying a reverse magnetizing field.
Quantitative Assessment
Use of a set of methods, principles, or rules for assessing risks based on the use
Ephemeral Key Pair
A key pair, consisting of a public key and a private key that is intended
Ephemeral Key
A cryptographic key that is generated for each execution of a key-establishment
End-to-End Encryption
Communications encryption in which data is encrypted when being passed
Demilitarized Zone (DMZ)
Perimeter network segment that is logically between internal and external networks.
Destroy
To destroy is an action applied to a key or a piece of secret data.
Deny by Default
To block all inbound and outbound traffic that has not been expressly permitted by firewall
USB
Universal Serial Bus A hardware interface for low-speed peripherals such as the keyboard
Byte String
An ordered sequence of bytes. See NIST SP 800-56B Rev. 1 and NIST SP 800-56A Rev. 2
Deterministic Algorithm
An algorithm that, given the same inputs, always produces the same outputs.
Warm Site
An environmentally conditioned work space that is partially equipped with information
Biometrics
A measurable physical characteristic or personal behavioral trait used
Patch Management
The systematic notification, identification, deployment, installation, and verification
Uniform Resource Identifier
A uniform resource identifier, or URI, is a short string containing a name or address
FDCC
Federal Desktop Core Configuration OMB-mandated set of security configurations
Maximum Tolerable Downtime
The amount of time mission/business process can be disrupted
Packet Filtering
See “Packet Filtering”. See NIST SP 800-41 Rev. 1 under Stateless Inspection
Random Number Generator
A process used to generate an unpredictable series of numbers.
Read-Only Memory
ROM is a pre-recorded storage medium that can only be read from and not written to.
Recovery Point Objective
The point in time to which data must be recovered after an outage.
National Vulnerability Database
The U.S. government repository of standards-based vulnerability management data
Network Address Translation
A mechanism for mapping addresses on one network to addresses on another network
Near Field Communication
A form of contactless, close proximity, radio communications based on RFID
Inference
Refers to the ability to deduce the identity of a person associated with a set of data