Skip to main content
ADOA-ASET Logo
  • Home
  • About
    • Careers
    • Leadership Team
    • Statutes and Rules
    • Meeting Requests
  • Services
    • Current Rates
  • Strategy
    • ACT Recommendations
    • Digital Government
    • Enterprise Architecture
    • Enterprise Project Management Office
    • Strategic Oversight
    • Statewide Strategic IT Plans
  • Governance
    • IT Authorization Committee (ITAC)
    • Chief Information Officer (CIO) Council
    • Change Advisory Board (CAB)
    • Enterprise Security Program Advisory Council (ESPAC)
  • Programs
    • AZNET II - Arizona Network
    • Archived Programs
  • Resources
    • ASET Billing
    • Glossary
    • Policies, Standards and Procedures
    • Security
      • Incident Reporting
    • Service Desk
    • Training
    • Agency Engagement Manager List
  • Home
  • Resources
  • Glossary

Glossary

( (2) | A (142) | B (60) | C (158) | D (101) | E (54) | F (42) | G (13) | H (21) | I (120) | J (3) | K (8) | L (16) | M (39) | N (19) | O (16) | P (74) | Q (2) | R (52) | S (109) | T (47) | U (7) | V (14) | W (12) | Z (1)

N-2

N-2 – A term used to refer to the version of system software that is within two releases prior to current release (and not manufacturer discontinued).

National Industrial Security Program Operating Manual (NISPOM)

The NISPOM (DoD 5220.22-M) establishes the standard procedures and requirements for all government contractors, with regards to classified information. NISPOM is sometimes cited as a standard for sanitization to counter data remanence. The NISPOM actually covers the entire field of government-industrial security, of which data sanitization is a very small part (about two paragraphs in a 141 page document).[4] Furthermore, the NISPOM does not actually specify any particular method. Standards for sanitization are left up to the Cognizant Security Authority. The Defense Security Service provides a Clearing and Sanitization Matrix (C&SM) which does specify methods.[5] As of the June 2007 edition of the DSS C&SM, overwriting is no longer acceptable for sanitization of magnetic media; only degaussing or physical destruction is acceptable.

SOURCE: WIKIPEDIA

National Institute of Standards and Technology (NIST)

A measurement standards laboratory that is a non-regulatory agency of the United States Department of Commerce. The institute's official mission is to: Promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.

The Information Technology Laboratory (ITL), one of several components within NIST, publishes standards concerning information security.

SOURCE: WIKIPEDIA

NCC

Network Change Control – A process, including a committee consisting of representatives from invested parties, for reviewing proposed changes to networks to ensure awareness and communication of impact to all parties, resulting in network change management, less down time, and minimal impact to users.

Need-To-Know (NIST)

A method of isolating information resources based on a user’s need to have access to that resource in order to perform their job but no more. The terms ‘need-to know” and “least privilege” express the same idea.  Need-to-know is generally applied to people, while least privilege is generally applied to processes.

SOURCE: CNSSI-4009

Net-centric Architecture (NIST)

A complex system of systems composed of subsystems and services that are part of a continuously evolving, complex community of people, devices, information and services interconnected by a network that enhances information sharing and collaboration. Subsystems and services may or may not be developed or owned by the same entity, and, in general, will not be continually present during the full life cycle of the system of systems. Examples of this architecture include service-oriented architectures and cloud computing architectures.

SOURCE:  SP 800-37

Network (NIST)

Information system(s) implemented with a collection of interconnected components.  Such components may include routers, hubs, cabling, telecommunications controllers, key distribution centers, and technical control devices.

SOURCE: SP 800-53; CNSSI-4009

Network Access (NIST)

Access to an organizational information system by a user (or a process acting on behalf of a user) communicating through a network (e.g., local area network, wide area network, Internet).

SOURCE: SP 800-53; CNSSI-4009

Network Access Control (NAC) (NIST)

A feature provided by some firewalls that allows access based on a user’s credentials and the results of health checks performed on the telework client device.

SOURCE:  SP 800-41

Network Address Translation (NAT) (NIST)

A routing technology used by many firewalls to hide internal system addresses from an external network through use of an addressing schema.

SOURCE:  SP 800-41

Network Disconnect

Terminate the network connection at the end of the session or after a period of inactivity.

Network Resilience (NIST)

A computing infrastructure that provides continuous business operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged), rapid recovery if failure does occur, and the ability to scale to meet rapid or unpredictable demands.

SOURCE: CNSSI-4009

Network Security Scan

Process by which an entity’s systems are remotely checked for vulnerabilities through use of manual or automated tools. Security scans that include probing internal and external systems and reporting on services exposed to the network. Scans may identify vulnerabilities in operating systems, services, and devices that could be used by malicious individuals.

SOURCE: PCI DSS GLOSSARY

Network Sniffing (NIST)

A passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest.  It is both a review technique and a target identification and analysis technique.

SOURCE:  SP 800-115

Network Time Protocol (NTP)

A networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.

SOURCE: WIKIPEDIA

Network Weaving (NIST)

Penetration technique in which different communication networks are linked to access an information system to avoid detection and trace- back.

SOURCE: CNSSI-4009

Network-attached Storage (NAS)

A file-level computer data storage connected to a computer network providing data access to a heterogeneous group of clients.

SOURCE: WIKIPEDIA

Non-repudiation (NIST)

Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information.

SOURCE:  CNSSI-4009; SP 800-60

Protection against an individual falsely denying having performed a particular action. Provides the capability to determine whether a given individual took a particular action such as creating information, sending a message, approving information, and receiving a message.

SOURCE:  SP 800-53; SP 800-18

Is the security service by which the entities involved in a communication cannot deny having participated. Specifically, the sending entity cannot deny having sent a message (non-repudiation with proof of origin), and the receiving entity cannot deny having received a message (non-repudiation with proof of delivery).

SOURCE:  FIPS 191

A service that is used to provide assurance of the integrity and origin of data in such a way that the integrity and origin can be verified and validated by a third party as having originated from a specific entity in possession of the private key (i.e., the signatory).

SOURCE:  FIPS 186

Null (NIST)

Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption or to complete encrypted groups for transmission or transmission security purposes.

SOURCE: CNSSI-4009

Resources

  • ASET Billing
  • Glossary
  • Policies, Standards and Procedures
  • Security
    • Incident Reporting
  • Service Desk
  • Training
  • Agency Engagement Manager List
LinkedIn Twitter YouTube This site (RSS)
Arizona State Seal
Contact Us
ADOA-ASET
100 N. 15th Avenue, Suite 400
Phoenix, AZ 85007
Find in Google Maps
Phone: 602.542.2250
Map Image

Footer Utility

  • Statewide Website Policies
  • Site Map
  • Meeting Requests