- Next-gen Firewall (NGFW) A part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI) and intrusion prevention system (IPS). NGFWs include features like encrypted traffic inspection, intrusion prevention, web filtering, and antivirus protection, delivering more enhanced visibility and control to secure networks against modern threats.
- NIST 800-94 A guideline on intrusion detection and prevention systems (IDPS), providing a detailed explanation of these technologies along with recommendations for their planning, implementation, configuration, securing, monitoring, and maintenance. It aids organizations in comprehending the characteristics of IDPS technologies and offers a comprehensive approach to integrating them effectively into an overall security architecture to enhance the protection of information systems.
- NIST Cybersecurity Framework (CSF) A voluntary set of standards, guidelines, and best practices designed to assist organizations in managing cybersecurity risk. It is composed of three parts - the Framework Core, the Framework Profile, and the Framework Implementation Tiers, each providing specific guidance for establishing new or improving existing cybersecurity programs. The framework has been widely adopted by various sectors and organizations due to its flexibility and scalability.
- NIST Forensic process - Analysis Analysis is a crucial stage in the National Institute of Standards and Technology (NIST) Forensic Process. This phase involves the in-depth evaluation and interpretation of the data that has been examined to arrive at useful insights. It seeks to answer the who, what, where, when, why, and how of an incident by identifying patterns, connections, and contradictions in the evidence.
- NIST Forensic process - Collection Collection is a key stage in the NIST Forensic Process, which involves gathering relevant digital evidence from various sources, like hard drives, network logs, system memory, etc. This stage must be done in a systematic, careful, and legally acceptable manner to ensure the integrity and admissibility of the evidence in potential legal proceedings. This may include creating exact copies of hard drives or other storage media (imaging), logging network traffic, or systematically documenting the physical scene of an incident.
- NIST Forensic process - Examination Examination in the NIST Forensic Process is the systematic review of digital evidence using both automated and manual methods. The goal of this phase is to extract and identify relevant information from the collected data without altering the evidence. This process can involve the use of specialized software and may include activities like searching for specific keywords, recovering deleted files, examining file metadata, and looking for patterns or anomalies in the data.
- NIST Forensic process - Reporting Reporting is the final phase in the NIST Forensic Process, where the findings from the analysis stage are documented in a clear, comprehensive, and accessible manner. This report is expected to present the evidence, methodology, and conclusions in a way that can be understood by both technical and non-technical audiences, such as legal professionals or organizational stakeholders. The report's purpose is to provide an overview of the incident, the investigative actions taken, and the outcomes of those actions, typically leading to an understanding of what occurred and any possible remediation or follow-up actions.
- NIST SP 800-33NIST Special Publication 800-33, titled "Underlying Technical Models for Information Technology Security," is a document from the National Institute of Standards and Technology (NIST) that provides guidance on the technical foundation of IT security. It outlines models that describe the necessary security services and the corresponding security mechanisms required to provide those services. The publication is aimed at helping organizations understand the principles behind building secure IT systems by addressing aspects such as confidentiality, integrity, authentication, and non-repudiation. SP 800-33 has been superseded by other documents in the NIST SP 800 series that provide updated and detailed guidance on securing information technology systems.
- NIST SP 800-37 NIST Special Publication 800-37 presents guidelines for applying the Risk Management Framework to federal information systems, a process that includes identifying and classifying information system assets, identifying relevant threats, determining risk, selecting and implementing appropriate controls, and documenting the process. The goal of the publication is to provide a structured and scalable approach for managing risk to information systems and to promote near real-time risk management.
- NIST SP 800-53A Rev 4NIST Special Publication 800-53A Revision 4 is the previous version of the guidelines for assessing the security controls in federal information systems and organizations. It provides a set of procedures for conducting assessments of security controls and techniques for ensuring those controls are effectively implemented.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.