Glossary T
- The Federal Information ...
- Threat Analysis
- Time bomb
- Tabletop Exercise
- TTP
- Technical Controls
- Technical Security Controls
- Telecommuting
- Telework
- Tempest
- Third-Party Providers
- Threats
- Threat Actor
- Threat Intelligence
- Timestamp
- Token
- Total Risk
- Training
- Transmission
- Transmission Control Protocol
- Transport Layer Security

The Federal Information Security Management Act (FISMA)
Requires agencies to integrate IT security into their capital planning and enterprise architecture processes at the agency, conduct annual IT security reviews of all programs ...
Threat Analysis
Process of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threat.See CNSSI 4009-2015 under threat ...
Tabletop Exercise
A discussion-based exercise where personnel with roles and responsibilities in a particular IT plan meet in a classroom setting or in breakout groups to validate ...
Technical Controls
The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in ...
Technical Security Controls
Security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by the information system through mechanisms contained in the ...
Telecommuting
The ability for an organization’s employees and contractors to conduct work from locations other than the organization’s facilities. See NIST SP 800-114 under Telework for more information.
Third-Party Providers
Service providers, integrators, vendors, telecommunications, and infrastructure support that are external to the organization that operates the manufacturing system. See NISTIR 8183 for more information.
Threat Actor
An individual or a group posing a threat. See NIST SP 800-150 under Threat Actor for more information. See threat actor under NIST SP 800-150 for more information.
Threat Intelligence
Threat information that has been aggregated, transformed, analyzed, interpreted, or enriched to provide the necessary context for decision-making processes. See NIST SP 800-150 for more information.
Total Risk
The potential for the occurrence of an adverse event if no mitigating action is taken (i.e., the potential for any applicable threat to exploit a ...
Transmission
The state that exists when information is being electronically sent from one location to one or more other locations.See NIST SP 800-53 Rev. 5 for more ...
Transmission Control Protocol
TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a ...