Glossary
Browse the IADC Lexicon alphabetically or by category. Get comprehensive definitions of drilling industry terms.
Red Team Exercise
Definition(s)
Red Team Exercise
An exercise, reflecting real-world conditions, that is conducted as a simulated attempt by an adversary to attack or exploit vulnerabilities in an enterprise's information systems. Adapted from: NIST SP 800-53 Rev 4. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsRed Team
Definition(s)
Red Team
A group authorized and organized to emulate a potential adversarys attack or exploitation capabilities against an enterprises cybersecurity posture. Adapted from: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPublic Key Infrastructure
Definition(s)
Public Key Infrastructure
A framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the Internet. Extended Definition: A framework and services for generating, producing, distributing, controlling, accounting for, and revoking (destroying) public key certificates. Adapted from: CNSSI 4009, IETF RFC 2828, Federal Bridge Certificate Authority Cross-certification Methodology 3.0, InCommon Glossary, Kantara Identity Assurance Framework 1100, NIST SP 800-63 Rev 1. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPublic Key Encryption
Definition(s)
Public Key Encryption
A branch of cryptography in which a cryptographic system or algorithms use two uniquely linked keys: a public key and a private key (a key pair). Adapted from: CNSSI 4009, FIPS 140-2, InCommon Glossary. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPublic Key Cryptography
Definition(s)
Public Key Cryptography
A branch of cryptography in which a cryptographic system or algorithms use two uniquely linked keys: a public key and a private key (a key pair). Adapted from: CNSSI 4009, FIPS 140-2, InCommon Glossary. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPublic Key
Definition(s)
Public Key
A cryptographic key that may be widely published and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. Extended Definition: The public part of an asymmetric key pair that is uniquely associated with an entity and that may be made public. Adapted from: CNSSI 4009, NIST SP 800-63 Rev 1, FIPS 201-2, FIPS 140-2, Federal Bridge Certificate Authority Certification Policy 2.25. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsProtect & Defend
Definition(s)
Protect & Defend
A NICE Workforce Framework category consisting of specialty areas responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks. From: NICE Workforce Framework. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPrivate Key
Definition(s)
Private Key
A cryptographic key that must be kept confidential and is used to enable the operation of an asymmetric (public key) cryptographic algorithm. Extended Definition: The secret part of an asymmetric key pair that is uniquely associated with an entity. Adapted from: CNSSI 4009, NIST SP 800-63 Rev 1, FIPS 201-2, FIPS 140-2, Federal Bridge Certificate Authority Certification Policy 2.25. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPrivacy
Definition(s)
Privacy
The assurance that the confidentiality of, and access to, certain information about an entity is protected. Extended Definition: The ability of individuals to understand and exercise control over how information about themselves may be used by others. From: NIST SP 800-130; Adapted from: DHS personnel. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPreparedness
Definition(s)
Preparedness
The activities to build, sustain, and improve readiness capabilities to prevent, protect against, respond to, and recover from natural or manmade incidents. Adapted from: NIPP. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPrecursor
Definition(s)
Precursor
An observable occurrence or sign that an attacker may be preparing to cause an incident. Adapted from: CNSSI 4009, NIST SP 800-61 Rev 2 (DRAFT). Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPlaintext
Definition(s)
Plaintext
Unencrypted information. From: CNSSI 4009. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPlaintext
Unencoded data that is input to and transformed by an encryption process, or that is output by a decryption process [11]. Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National StandardPhishing
Definition(s)
Phishing
Fraudulent process of attempting to acquire private or confidential information by masquerading as a trustworthy entity in an electronic communication.- NOTE Phishing can be accomplished by using social engineering or technical deception.
Phishing
A digital form of social engineering to deceive individuals into providing sensitive information. Adapted from: NCSD Glossary, CNSSI 4009, NIST SP 800-63 Rev 1. Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global StandardsPhishing
Type of security attack that lures victims to reveal information, by presenting a forged email to lure the recipient to a web site that looks like it is associated with a legitimate source.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard