Glossary of Key Information Security Terms (NIST) part 35 / IN

Internal Network –

A network where: (i) the establishment, maintenance, and provisioning of security controls are under the direct control of organizational employees or contractors; or (ii) cryptographic encapsulation or similar security technology provides the same effect. An internal network is typically organization-owned, yet may be organization-controlled while not being organization-owned. A network where 1) the establishment, maintenance, and provisioning of security controls are under the direct control of organizational employees or contractors; or 2) cryptographic encapsulation or similar security technology implemented between organization-controlled endpoints provides the same effect (at least with regard to confidentiality and integrity). An internal network is typically organization-owned, yet may be organization-controlled while not being organization-owned.

Internal Security Controls –

Hardware, firmware, or software features within an information system that restrict access to resources only to authorized subjects.

Internal Security Testing –

Security testing conducted from inside the organization’s security perimeter.

Internet –

The Internet is the single, interconnected, worldwide system of commercial, governmental, educational, and other computer networks that share (a) the protocol suite specified by the Internet Architecture Board (IAB), and (b) the name and address spaces managed by the Internet Corporation for Assigned Names and Numbers (ICANN).

Internet Protocol (IP) –

Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks.

Interoperability –

For the purposes of this standard, interoperability allows any government facility or information system, regardless of the PIV Issuer, to verify a cardholder’s identity using the credentials on the PIV Card.

Interview –

A type of assessment method that is characterized by the process of conducting discussions with individuals or groups within an organization to facilitate understanding, achieve clarification, or lead to the location of evidence, the results of which are used to support the determination of security control effectiveness over time.

Intranet –

A private network that is employed within the confines of a given enterprise (e.g., internal to a business or agency).

Intrusion –

Unauthorized act of bypassing the security mechanisms of a system.

Intrusion Detection Systems (IDS) –

Hardware or software product that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organizations) and misuse (attacks from within the organizations.)

Intrusion Detection Systems (IDS) – (Host-Based)

IDSs which operate on information collected from within an individual computer system. This vantage point allows host-based IDSs to determine exactly which processes and user accounts are involved in a particular attack on the Operating System. Furthermore, unlike network-based IDSs, host-based IDSs can more readily “see” the intended outcome of an attempted attack, because they can directly access and monitor the data files and system processes usually targeted by attacks.

Intrusion Detection Systems (IDS) – (Network-Based)

IDSs which detect attacks by capturing and analyzing network packets. Listening on a network segment or switch, one network-based IDS can monitor the network traffic affecting multiple hosts that are connected to the network segment.

Intrusion Detection and Prevention System (IDPS) –

Software that automates the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents and attempting to stop detected possible incidents.

Intrusion Prevention System(s) (IPS) –

System(s) which can detect an intrusive activity and can also attempt to stop the activity, ideally before it reaches its targets.

Inverse Cipher –

Series of transformations that converts ciphertext to plaintext using the Cipher Key.

IP Security (IPsec) –

Suite of protocols for securing Internet Protocol (IP) communications at the network layer, layer 3 of the OSI model by authenticating and/or encrypting each IP packet in a data stream. IPsec also includes protocols for cryptographic key establishment.

IT-Related Risk –

The net mission/business impact considering 1) the likelihood that a particular threat source will exploit, or trigger, a particular information system vulnerability, and 2) the resulting impact if this should occur. IT-related risks arise from legal liability or mission/business loss due to, but not limited to: * Unauthorized (malicious, non-malicious, or accidental) disclosure, modification, or destruction of information; * Non-malicious errors and omissions; * IT disruptions due to natural or man-made disasters; or * Failure to exercise due care and diligence in the implementation and operation of the IT.

IT Security Architecture –

A description of security principles and an overall approach for complying with the principles that drive the system design; i.e., guidelines on the placement and implementation of specific security services within various distributed computing environments.

IT Security Awareness –

The purpose of awareness presentations is simply to focus attention on security. Awareness presentations are intended to allow individuals to recognize IT security concerns and respond accordingly.

IT Security Awareness and Training Program –

Explains proper rules of behavior for the use of agency IT systems and information. The program communicates IT security policies and procedures that need to be followed. Explains proper rules of behavior for the use of agency information systems and information. The program communicates IT security policies and procedures that need to be followed (i.e., NSTISSD 501, NIST SP 800-50).