Skip to main content
ADOA-ASET Logo
  • Home
  • About
    • Careers
    • Leadership Team
    • Statutes and Rules
    • Meeting Requests
  • Services
    • Current Rates
  • Strategy
    • ACT Recommendations
    • Digital Government
    • Enterprise Architecture
    • Enterprise Project Management Office
    • Strategic Oversight
    • Statewide Strategic IT Plans
  • Governance
    • IT Authorization Committee (ITAC)
    • Chief Information Officer (CIO) Council
    • Change Advisory Board (CAB)
    • Enterprise Security Program Advisory Council (ESPAC)
  • Programs
    • AZNET II - Arizona Network
    • Archived Programs
  • Resources
    • ASET Billing
    • Glossary
    • Policies, Standards and Procedures
    • Security
      • Incident Reporting
    • Service Desk
    • Training
    • Agency Engagement Manager List
  • Home
  • Resources
  • Glossary

Glossary

( (2) | A (142) | B (60) | C (158) | D (101) | E (54) | F (42) | G (13) | H (21) | I (120) | J (3) | K (8) | L (16) | M (39) | N (19) | O (16) | P (74) | Q (2) | R (52) | S (109) | T (47) | U (7) | V (14) | W (12) | Z (1)

Hacker (NIST)

Unauthorized user who attempts to or gains access to an information system.

SOURCE: CNSSI-4009

Handshaking Procedures (NIST)

Dialogue between two information systems for synchronizing, identifying, and authenticating themselves to one another.

SOURCE: CNSSI-4009

Hardware

Includes (but not limited to) servers, desktop computers, printers, scanners, fax machines, photocopiers, multi-function devices, routers, communications and mobile equipment, cell phones, mobile devices, removable media.

Hash Total (NIST)

Value computed on data to detect error or manipulation.  See Checksum.

SOURCE: CNSSI-4009

Hash Value (NIST)

The result of applying a cryptographic hash function to data (e.g., a message).

SOURCE:  SP 800-106

Hash-based Message Authentication Code (HMAC) (NIST)

A message authentication code that uses a cryptographic key in conjunction with a hash function.

SOURCE:  FIPS 201; CNSSI-4009

A message authentication code that utilizes a keyed hash.

SOURCE:  FIPS 140-2

Hashing (NIST)

The process of using a mathematical algorithm against data to produce a numeric value that is representative of that data.

SOURCE:  SP 800-72; CNSSI-4009

High Assurance Guard (HAG) (NIST)

An enclave boundary protection device that controls access between a local area network that an enterprise system has a requirement to protect, and an external network that is outside the control of the enterprise system, with a high degree of assurance.

SOURCE:  SP 800-32

A guard that has two basic functional capabilities: a Message Guard and a Directory Guard.  The Message Guard provides filter service for message traffic traversing the Guard between adjacent security domains.  The Directory Guard provides filter service for directory access and updates traversing the Guard between adjacent security domains.

SOURCE: CNSSI-4009

High Availability (NIST)

A failover feature to ensure availability during device or component interruptions.

SOURCE:  SP 800-113

High Impact (NIST)

The loss of confidentiality, integrity, or availability that could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, individuals, other organizations, or the national security interests of the United States; (i.e., 1) causes a severe degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; 2) results in major damage to organizational assets; 3) results in major financial loss; or 4) results in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries).

SOURCE:  FIPS 199; CNSSI-400

High-Impact System (NIST)

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a FIPS 199 potential impact value of high.

SOURCE:  SP 800-37; SP 800-53; SP 800-60; FIPS 200

An information system in which at least one security objective (i.e., confidentiality, integrity, or availability) is assigned a potential impact value of high.

SOURCE: CNSSI-4009

HIPAA

The Health Insurance Portability and Accountability Act of 1996 (HIPAA; Pub.L. 104–191, 110 Stat. 1936, enacted August 21, 1996) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy–Kassebaum Act or Kassebaum-Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.

SOURCE: WIKIPEDIA

HITECH

The Health Information Technology for Economic and Clinical Health Act, abbreviated HITECH Act, was enacted under Title XIII of the American Recovery and Reinvestment Act of 2009 (Pub.L. 111–5). Under the HITECH Act, the United States Department of Health and Human Services is spending $25.9 billion to promote and expand the adoption of health information technology.

SOURCE: WIKIPEDIA

Honeypot (NIST)

A system (e.g., a Web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders and has no authorized users other than its administrators.

SOURCE: CNSSI-4009

Host

A computer dedicated to providing services to many users. Examples of such

systems include mainframes, minicomputers, or servers that provide dynamic host

configuration protocol services.

SOURCE: IRS PUB 1075

Hot Site (NIST)

A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption.

SOURCE:  SP 800-34

Backup site that includes phone systems with the phone lines already connected. Networks will also be in place, with any necessary routers and switches plugged in and turned on.  Desks will have desktop PCs installed and waiting, and server areas will be replete with the necessary hardware to support business-critical functions. Within a few hours, a hot site can become a fully functioning element of an organization.

SOURCE: CNSSI-4009

Hybrid Security Control (NIST)

A security control that is implemented in an information system in part as a common control and in part as a system-specific control. See also Common Control and System-Specific Security Control.

SOURCE:  SP 800-37; SP 800-53; SP 800-53A; CNSSI-4009

Hypertext Markup Language (HTML)

The standard markup language used to create web pages.

SOURCE: WIKIPEDIA

Hypertext Transfer Protocol (HTTP)

An application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web.

Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.

SOURCE: WIKIPEDIA

Hypertext transfer protocol over secure socket layer (HTTPS)

Secure HTTP that provides authentication and encrypted communication on the World Wide Web designed for security-sensitive communication such as web-based logins.

SOURCE: PCI GLOSSARY

Hypervisor

Software or firmware responsible for hosting and managing virtual machines. For the purposes of PCI DSS, the hypervisor system component also includes the virtual machine monitor (VMM).

SOURCE: PCI DSS GLOSSARY

Resources

  • ASET Billing
  • Glossary
  • Policies, Standards and Procedures
  • Security
    • Incident Reporting
  • Service Desk
  • Training
  • Agency Engagement Manager List
LinkedIn Twitter YouTube This site (RSS)
Arizona State Seal
Contact Us
ADOA-ASET
100 N. 15th Avenue, Suite 400
Phoenix, AZ 85007
Find in Google Maps
Phone: 602.542.2250
Map Image

Footer Utility

  • Statewide Website Policies
  • Site Map
  • Meeting Requests