The FREE Cybersecurity Glossary by Thor Pedersen!

NIST Forensic process - Collection: Collection is a key stage in the NIST Forensic Process, which involves gathering relevant digital evidence from various sources, like hard drives, network logs, system memory, etc. This stage must be done in a systematic, careful, and legally acceptable manner to ensure the integrity and admissibility of the evidence in potential legal proceedings. This may include creating exact copies of hard drives or other storage media (imaging), logging network traffic, or systematically documenting the physical scene of an incident.

NIST Forensic process - Examination: Examination in the NIST Forensic Process is the systematic review of digital evidence using both automated and manual methods. The goal of this phase is to extract and identify relevant information from the collected data without altering the evidence. This process can involve the use of specialized software and may include activities like searching for specific keywords, recovering deleted files, examining file metadata, and looking for patterns or anomalies in the data.

NIST Forensic process - Reporting: Reporting is the final phase in the NIST Forensic Process, where the findings from the analysis stage are documented in a clear, comprehensive, and accessible manner. This report is expected to present the evidence, methodology, and conclusions in a way that can be understood by both technical and non-technical audiences, such as legal professionals or organizational stakeholders. The report's purpose is to provide an overview of the incident, the investigative actions taken, and the outcomes of those actions, typically leading to an understanding of what occurred and any possible remediation or follow-up actions.

NIST SP 800-124: NIST Special Publication 800-124, titled "Guidelines for Managing the Security of Mobile Devices in the Enterprise," is a guidance document from the National Institute of Standards and Technology (NIST). This publication provides recommendations for the secure deployment and management of mobile devices, such as smartphones and tablets, within enterprise environments. It covers topics like device policy development, device configuration and management, secure data communication, and the protection of enterprise data stored on mobile devices. The objective of NIST SP 800-124 is to help organizations mitigate security risks associated with the use of mobile devices while supporting the productivity benefits that these devices offer. The guidance is intended for IT managers and security professionals responsible for mobile device security. As mobile technology and security threats evolve, NIST periodically updates its publications to reflect the most current best(...)

NIST SP 800-133: NIST Special Publication 800-133 provides guidance on generating cryptographic keys, which are used in many security protocols to provide confidentiality, integrity, and authentication. The guidance includes the provision of secure random number generators and other technical details necessary for secure key generation, aiding organizations in ensuring the adequacy of the cryptographic keys that protect their data.

NIST SP 800-160: NIST Special Publication 800-160 provides principles and practices for engineering secure and reliable systems, emphasizing the need for security and privacy to be considered throughout a system's life cycle. The document promotes a holistic and risk-based approach to enhance the resilience of systems and networks. Its focus is on the integration of security into systems engineering to create systems that are secure by design, effectively managing and mitigating risk from the inception of a system's life cycle.