Glossary

Confirmation (through strong, sound, objective evidence) that requirements for a specific intended use or application have been fulfilled.

An access method for cyber operations.

Confirmation, through the provision of objective evidence, that specified requirements have been fulfilled.

Network devices and ICT equipment grouped logically based on resources, security or business requirements instead of their physical location.

A network that maintains privacy through a tunnelling protocol and security procedures. VPNs may use encryption to protect traffic.

A simulated experience that can be similar to or completely different from the real world.

Simulation of a hardware platform, operating system, application, storage device or network resource.

A type of malware. Viruses spread on their own by attaching code to other programs, or copying themselves across systems and networks.

Virtual Local Area Network

A British multinational telecommunications conglomerate with headquarters in London.

A type of media, such as RAM, which gradually loses its information when power is removed.

Virtual Private Network

Virtual reality

A weakness in a system’s security requirements, design, implementation or operation that could be accidentally triggered or intentionally exploited and result in a violation of the system’s security policy.

A weakness in system security requirements, design, implementation or operation that could be exploited.

A documentation-based review of a system’s design, an in-depth hands-on assessment, or automated scanning with software tools. In each case, the goal is to identify as many vulnerabilities as possible.

The process of identifying, prioritising and responding to vulnerabilities.