 |
Letter: C - capability
- Definition: The means to accomplish a mission, function, or objective.
- Related Term(s): intent
- cipher
- Synonym(s): cryptographic algorithm
- ciphertext
- Definition: Data or information in its encrypted form.
- Related Term(s): plaintext
- cloud computing
- Definition: A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
- collect & operate
- Definition: A NICE Framework category consisting of specialty areas responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.
- collection operations
- Definition: In the NICE Framework, cybersecurity work where a person: Executes collection using appropriate strategies and within the priorities established through the collection management process.
- computer forensics
- Synonym(s): digital forensics
- computer network defense
- Definition: The actions taken to defend against unauthorized activity within computer networks.
- computer network defense analysis
- Definition: In the NICE Framework, cybersecurity work where a person: Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
- computer network defense infrastructure support
- Definition: In the NICE Framework, cybersecurity work where a person: Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources; monitors network to actively remediate unauthorized activities.
- From: NICE Framework
- computer security incident
- Related Term(s): event
- confidentiality
- Definition: A property that information is not disclosed to users, processes, or devices unless they have been authorized to access the information.
- Extended Definition: Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
- Related Term(s): availability, integrity
- consequence
- Definition: The effect of an event, incident, or occurrence.
- Extended Definition: In cybersecurity, the effect of a loss of confidentiality, integrity or availability of information or an information system on an organization's operations, its assets, on individuals, other organizations, or on national interests.
- continuity of operations plan
- Definition: A document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption.
- Related Term(s): Business Continuity Plan, Disaster Recovery Plan, Contingency Plan
- critical infrastructure
- Definition: The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.
- Related Term(s): key resource
- critical infrastructure and key resources
- Synonym(s): critical infrastructure
- cryptanalysis
- Definition: The operations performed in defeating or circumventing cryptographic protection of information by applying mathematical techniques and without an initial knowledge of the key employed in providing the protection.
- Extended Definition: The study of mathematical techniques for attempting to defeat or circumvent cryptographic techniques and/or information systems security.
- cryptographic algorithm
- Definition: A well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output.
- Related Term(s): key, encryption, decryption, symmetric key, asymmetric key
- cryptography
- Definition: The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication.
- Extended Definition: The art or science concerning the principles, means, and methods for converting plaintext into ciphertext and for restoring encrypted ciphertext to plaintext.
- Related Term(s): plaintext, ciphertext, encryption, decryption
- cryptology
- Definition: The mathematical science that deals with cryptanalysis and cryptography.
- Related Term(s): cryptanalysis, cryptography
- customer service and technical support
- Definition: In the NICE Framework, cybersecurity work where a person: Addresses problems, installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquiries (e.g., tiered-level customer support).
- cyber ecosystem
- Definition: The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions.
- cyber exercise
- Definition: A planned event during which an organization simulates a cyber disruption to develop or test capabilities such as preventing, detecting, mitigating, responding to or recovering from the disruption.
- cyber incident
- Related Term(s): event
- Synonym(s): incident
- cyber incident response plan
- Synonym(s): incident response plan
- cyber infrastructure
- Definition: An electronic information and communications systems and services and the information contained therein.
- Extended Definition: The information and communications systems and services composed of all hardware and software that process, store, and communicate information, or any combination of all of these elements: • Processing includes the creation, access, modification, and destruction of information. • Storage includes paper, magnetic, electronic, and all other media types. • Communications include sharing and distribution of information.
- cyber operations
- Definition: In the NICE Framework, cybersecurity work where a person: Performs activities to gather evidence on criminal or foreign intelligence entities in order to mitigate possible or real-time threats, protect against espionage or insider threats, foreign sabotage, international terrorist activities, or to support other intelligence activities.
- cyber operations planning
- Definition: in the NICE Framework, cybersecurity work where a person: Performs in-depth joint targeting and cyber planning process. Gathers information and develops detailed Operational Plans and Orders supporting requirements. Conducts strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.
- cybersecurity
- Definition: The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation.
- Extended Definition: Strategy, policy, and standards regarding the security of and operations in cyberspace, and encompass[ing] the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, diplomacy, military, and intelligence missions as they relate to the security and stability of the global information and communications infrastructure.
- cyber threat intelligence (CTI)
- Definition: The collecting, processing, organizing, and analyzing data into actionable information that relates to capabilities, opportunities, actions, and intent of adversaries in the cyber domain to meet a specific requirement determined by and informing decision-makers.
|
|
|
