Terms

Synonym for "identifier".

An organizational entity responsible for assigning DNs and for assuring that each DN is meaningful and unique within its domain. [DoD9]

A U.S. DoD organization, housed in NSA, that has responsibility for encouraging widespread availability of trusted systems throughout the U.S. Federal Government. It has established criteria for, and performed evaluations of, computer and network systems that have a TCB. (See: Rainbow Series, TCSEC.)

A joint initiative of NIST and NSA to enhance the quality of commercial products for information security and increase consumer confidence in those products through objective evaluation and testing methods.

A U.S. Department of Commerce organization that promotes U.S. economic growth by working with industry to develop and apply technology, measurements, and standards. Has primary U.S. Government responsibility for INFOSEC standards for sensitive unclassified information. (See: ANSI, DES, DSA, DSS, FIPS, NIAP, NSA.)

An advisory committee chartered by the U.S. Federal Communications Commission (FCC), with participation by network service providers and vendors, to provide recommendations to the FCC for assuring reliability, interoperability, robustness, and security of wireless, wireline, satellite, cable, and public data communication networks.

The national defense or foreign relations of the United States of America.

A U.S. DoD organization that has primary U.S. Government responsibility for INFOSEC standards for classified information and for sensitive unclassified information handled by national security systems. (See: FORTEZZA, KEA, MISSI, national security system, NIAP, NIST, SKIPJACK.)

Information that has been determined, pursuant to Executive Order 12958 or any predecessor order, to require protection against unauthorized disclosure. [C4009]

Any Government operated information system for which the function, operation, or use (a) involves intelligence activities; (b) involves cryptologic activities related to national security; (c) involves command and control of military forces; (d) involves equipment that is an integral part of a weapon or weapon system; or (e) is critical to the direct fulfillment of military or intelligence missions and does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications). [Title 40 U.S.C. Section 1552, Information Technology Management Reform Act of 1996.] (See: type 2 product.)

Adversaries may use Android’s Native Development Kit (NDK) to write native functions that can achieve execution of binaries or functions. Like system calls on a traditional desktop operating system, native code achieves execution on a lower level than normal Android SDK calls.

See: secondary definitions under "corruption" and "incapacitation".

The necessity for access to, knowledge of, or possession of specific information required to carry out official duties.

An information system comprised of a collection of interconnected nodes. (See: computer network.)

Adversaries may perform network connection enumeration to discover information about device communication patterns. If an adversary can inspect the state of a network connection with tools, such as Netstat(Citation: Netstat), in conjunction with System Firmware, then they can determine the role of certain devices on the network (Citation: MITRE). The adversary can also use Network Sniffing to watch network traffic for details about the source, destination, protocol, and content.

Adversaries may perform Network Denial of Service (DoS) attacks to degrade or block the availability of targeted resources to users. Network DoS can be performed by exhausting the network bandwidth that services rely on, or by jamming the signal going to or coming from devices.

Adversaries may compromise third party network devices that can be used during targeting. Network devices, such as small office/home office (SOHO) routers, may be compromised where the adversary's ultimate goal is not Initial Access to that environment, but rather to leverage these devices to support additional targeting.

See: Internet Protocol Suite.

See: Internet Protocol Suite.

An OSI protocol (IS0 11577) for end to end encryption services at the top of OSIRM Layer 3. NLSP is derived from SP3 but is more complex. (Compare: IPsec.)

The ability of a network to: (1) provide continuous operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged); (2) recover effectively if failure does occur; and (3) scale to meet rapid or unpredictable demands.

In the NICE Framework, cybersecurity work where a person: Installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, and protective distributor systems) and software that permit the sharing and transmission of all spectrum transmissions of information to support the security of information and information systems.

Adversaries may attempt to get a listing of services running on remote hosts, including those that may be vulnerable to remote software exploitation. Methods to acquire this information include port scans and vulnerability scans from the mobile device. This technique may take advantage of the mobile device's access to an internal enterprise network either through local connectivity or through a Virtual Private Network (VPN).

Network sniffing is the practice of using a network interface on a computer system to monitor or capture information (Citation: Enterprise ATT&CK January 2018) regardless of whether it is the specified destination for the information.

Synonym for "Network Hardware Layer".

A penetration technique in which an intruder avoids detection and traceback by using multiple, linked, communication networks to access and attack a system. [C4009]

The emerging field that studies how the brain relates to performance in everyday settings and at work, integrating neuroscience and ergonomics to design safer and more efficient systems and understand brain performance relationships.

Neuromorphic computing is a method of computing that uses artificial neurons to mimic the human brain's structure and function. The word "neuromorphic" means "characteristic of the shape of the brain or neurons"

Half of a byte (i.e., usually, 4 bits).

A collection of related subsystems located on one or more computer platforms at a single site. (See: site.)

A room or other space or area to which no person may have unaccompanied access and that, when occupied, is required to be occupied by two or more appropriately authorized persons. [C4009] (See: dual control.)

A random or non repeating value that is included in data exchanged by a protocol, usually for the purpose of guaranteeing liveness and thus detecting and protecting against replay attacks. (See: fresh.)

A property achieved through cryptographic methods to protect against an individual or entity falsely denying having performed a particular action related to data.

A security service that provide protection against false denial of involvement in an association (especially a communication association that transfers data). (See: repudiation, time stamp.)

A security service that provides the recipient of data with evidence that proves the origin of the data, and thus protects the recipient against an attempt by the originator to falsely deny sending the data. (See: non repudiation service.)

A security service that provides the originator of data with evidence that proves the data was received as addressed, and thus protects the originator against an attempt by the recipient to falsely deny receiving the data. (See: non repudiation service.)

Adversaries may generate network traffic using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088 or port 587 as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.

Storage media that, once written into, provide stable storage of information without an external power supply. (Compare: permanent storage, volatile media.)

a person who is inexperienced in a particular sphere or activity, especially as related to computing

An organizational RA that operates in a mode in which the ORA performs no card management functions and, therefore, does not require knowledge of either the SSO PIN or user PIN for an end user's FORTEZZA PC card.

Registration of data under the authority or in the care of a trusted third party, thus making it possible to provide subsequent assurance of the accuracy of characteristics claimed for the data, such as content, origin, time of existence, and delivery. [I7498 2] (See: digital notary.)

"Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption or to complete encrypted groups for transmission or transmission security purposes." [C4009]

An algorithm [R2410] that is specified as doing nothing to transform plaintext data; i.e., a no op. It originated because ESP always specifies the use of an encryption algorithm for confidentiality. The NULL encryption algorithm is a convenient way to represent the option of not applying encryption in ESP (or in any other context where a no op is needed). (Compare: null.)