Term
| The process of determining the impact of the loss of confidentiality, integrity, or availability of the information to an organization |
|
Definition
|
|
Term
| The removal of sensitive data from storage devices in such a way that there is assurance that the data may not be reconstructed using normal system functions or software file/data recovery utilities. |
|
Definition
|
|
Term
| The critical point where a material's intrinsic magnetic alignment changes direction. |
|
Definition
|
|
Term
| Entails analyzing the data that the organization retains, determining its importance and value, and then assigning it to a category. |
|
Definition
|
|
Term
| Ensure important datasets are developed, maintained, and accessible within their defined specifications |
|
Definition
|
|
Term
| The methodology that identifies the path to meet user requirements. |
|
Definition
|
|
Term
| The residual physical representation of data that has been in some way erased. |
|
Definition
|
|
Term
| Objects, features, or items that are collected, automated, or affected by activities or the functions of organizations. |
|
Definition
|
|
Term
| The official series of publications relating to standards and guidelines adopted. |
|
Definition
| Federal Information Processing Standards (FIPS) |
|
|
Term
| Allows greater flexibility in applying encryption to specific file(s). |
|
Definition
|
|
Term
| A set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors |
|
Definition
|
|
Term
| Provide context on how an organization views cybersecurity risk and the processes in place to manage that risk. |
|
Definition
| Framework Implementation Tiers |
|
|
Term
| Represents the outcomes based on business needs that an organization has selected from the Framework Categories and Subcategories. |
|
Definition
|
|
Term
| ITAM is a much broader discipline, adding several dimensions of management and involving a much broader base of stakeholders. |
|
Definition
| IT Asset Management (ITAM) |
|
|
Term
| Software that is used to encrypt otherwise unprotected storage media such as CDs, DVDs, USB drives, or laptop hard drives. |
|
Definition
| Media Encryption Software |
|
|
Term
| The U.S. Government repository of publicly available security checklists (or benchmarks) that provide detailed low-level guidance on setting the security configuration of operating systems and applications. |
|
Definition
| The National Checklist Program (NCP) |
|
|
Term
| Focuses on providing measurements and standards to protect information systems against threats to the confidentiality of information, integrity of information and processes, and availability of information and services in order to build trust and confidence in Information Technology systems. |
|
Definition
| NIST Computer Security Division (CSD) |
|
|
Term
| The removal of sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique. |
|
Definition
|
|
Term
| An assessment of quality based on standards external to the process and involves reviewing of the activities and quality control processes to ensure final products meet predetermined standards of quality. |
|
Definition
|
|
Term
| An assessment of quality based on internal standards, processes, and procedures established to control and monitor quality. |
|
Definition
|
|
Term
| Portable USB drives that embed encryption algorithms within the hard drive, thus eliminating the need to install any encryption software. |
|
Definition
| Self-Encrypting USB Drives |
|
|
