An entity that relies upon the subscriber’s credentials or verifier’s assertion of an identity, typically to process a transaction or grant access to information or a system.
The residual information that remains on a storage medium after erasure or clearing.
Hardware and software maintenance activities conducted by individuals communicating external to an information system security perimeter or through an external, nonorganization-controlled network (for example, the Internet).
A plan to perform the remediation of one or more threats or vulnerabilities facing an organization’s systems. The plan typically includes options to remove threats and vulnerabilities and priorities for performing the remediation.
(1) Access to an organizational information system by a user or an information system communicating through an external, non-organization-controlled network (e.g., the Internet). (2) The ability for an organization’s users to access its non-public computing resources from locations other than the organization’s facilities.
A program installed on a system that allows remote attackers to gain access to the system as needed.
Transaction logs or journals are transmitted to a remote location. If the server needed to be recovered, the logs or journals could be used to recover transactions, applications, or database changes that occurred after the last server backup. Remote journaling can either be conducted though batches or be communicated continuously using buffering software. Remote journaling and electronic vaulting require a dedicated offsite location (that is, hot-site or offsite storage site) to receive the transmissions and a connection with limited bandwidth.
Maintenance activities conducted by individuals communicating through an external, nonorganization-controlled network (e.g., the Internet).
Some hardware and software vendors who have access to an organization’s computer systems for problem diagnosis and remote maintenance work can modify database contents or reconfigure network elements to their advantage.
Remotely using a computer at an organization from a telework computer.
Portable electronic storage media such as magnetic, optical, and solid-state devices, which can be inserted into and removed from a computing device, and are used to store text, video, audio, and image information. Such devices have no independent processing capabilities. Examples of removable media include hard disks, zip drives, compact disks, thumb drives, flash drives, pen drives, and similar universal serial bus (USB) storage devices. Removable media are less risky than the nonremovable media in terms of security breaches.
A device to amplify the received signals and it operates in the physical layer of the ISO/OSI reference model.
One can eavesdrop upon another’s authentication exchange and learn enough to impersonate a user. It is used in conducting an impersonation attack.
(1) An attack that involves the capture of transmitted authentication or access control information and its subsequent retransmission with the intent of producing an unauthorized effect or gaining unauthorized access. (2) An attack in which the attacker can replay previously captured messages (between a legitimate claimant and a verifier) to masquerade as that claimant to the verifier or vice versa.
A database containing information and data relating to certificates; may also be referred to as a directory.
An Internet standard, developed, and published by the Internet Engineering Task Force (IETF).
A statement of the system behavior needed to enforce a given policy. Requirements are used to derive the technical specification of a system.
Cryptographic key held to satisfy unplanned needs. It is also called a contingency key where a key is held for use under specific operational conditions or in support of specific contingency plans.
Data left in storage after information-processing operations are complete; but before degaussing or overwriting has taken place.
Data from deleted files or earlier versions of existing files.
The remaining, potential risk after all IT security measures are applied. There is a residual risk associated with each threat.