CPM Dictionary: M
MAC (Media Access Control) Address: Physical address for a device connected to a network; numeric value that uniquely identifies that device from every other device
MacMag: Early Macintosh virus considered the first to have infected commercial software
Macro: Sequence of keystrokes and instructions that are recorded, saved, and assigned to an abbreviated key code; when key code is entered, the previously recorded keystrokes and instructions execute
Macro Keys: Key codes assigned to sets of specific instructions. See also Macro
Macro Virus: Malware that attack computer macros; for example, Microsoft Word Basic and VBA macro languages can include macros in data files with sufficient functionality to write complete viruses
Magnetic Remanence: Measure of magnetic flux density remaining after removal of an applied magnetic force; refers to any data remaining on magnetic storage media after removing power; used to assess stability of magnetic media and assess likelihood that traces of data remain after being deleted or overwritten
Mail Storm: Situation in which many redundant messages are generated and sent, generally resulting from automated mail handling
Mail Bomb: Excessively large volume of email (typically many thousands of messages) or one large message sent to a user's e-mail account, for the purpose of crashing the system, or preventing genuine messages from being received
Maintenance Hook: Software instructions that facilitate maintenance and additional feature development; permit entry into code at unusual points or without the usual checks, and can be serious security risks if not removed prior to live implementation; also a special type of trap door
Major Disaster: Natural catastrophe (including hurricanes, tornadoes, storms, high water, wind-driven water, tidal waves, tsunamis, earthquakes, volcanic eruptions, landslides, mudslides, snowstorms, or drought); or, regardless of cause, any fire, flood, or explosion, in any part of the U.S., which in the determination of the President causes damage of sufficient magnitude to warrant major disaster assistance to supplement efforts and available resources of states, local governments, and disaster relief organizations in alleviating the damage, loss, hardship, or suffering
Malicious: Virus that carries an intentionally damaging payload that will erase or corrupt files or data. See also Benign
Malicious Code: Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic
Malicious Logic: Hardware, software, or firmware intentionally built into a system for unauthorized purposes; e.g., a Trojan horse
Malware: Generic term for different types of malicious code
Man-in-the-Middle: Type of active wiretapping attack where the attacker intercepts and selectively modifies communicated data so as to masquerade as one or more of the entities involved in a communication; similar to hijacking
Management by Objectives: A top-down management activity that uses a three-step process to achieve desired goals: a) establishing the objectives, b) selecting the appropriate strategy(s) to achieve the objectives, and c) launching actions associated with selected strategy
Management Information Base (MIB): Organized collection of objects that can be monitored by a network management system; for example, SNMP and RMON use standardized MIB formats such that any SNMP and RMON tool can monitor any device defined by the MIB
Management, Resource: See Resource Management
Mandatory Access Control (MAC): Situation where a system controls access to resources based on classification levels assigned to both the objects and the users; controls cannot be changed by anyone
Mandatory Evacuation: Warning delivered to people within a designated area that an imminent threat to life and property exists and individuals must evacuate in accordance with instructions of local officials (FEMA). See also Evacuation
Manmade Disaster: Negative situation clearly caused by humans, such as wars, armed conflicts or civil strife; all other situations, except for technological disasters (e.g., industrial accidents, railway crashes) are considered natural. See also Disaster; Natural Disaster
Manual Procedures: Alternative method of processing work following a loss of IT systems; recommended in situations where loss of automation for a medium to extended period of time could result is significant loss of business, loss of reputation or other negative impact
Marshal: See also Emergency Marshal
Marshaling Area: Site used for completed mobilization and assemblage of personnel and resources prior to their deployment to disaster area; used particularly for disasters outside of continental U.S.
Masquerade Attack: Situation where one system entity illegitimately poses as (assumes the identity of) another entity. See also Spoofing
Mass Care: Actions taken to protect evacuees and other disaster victims from further impact of a disaster; include providing temporary shelter, food, medical care, clothing, and other essential life support needs to people who have been displaced from their homes because of a disaster or threatened disaster (FEMA). See also Emergency Support Function Mass Care; Evacuees
Mass Care Center: Facility where care for both medical and personal needs is provided; usually temporary and established for a specific event Mass Fire: Single, massive fire covering a large area, usually occurring in built-up districts, and generally resulting from the union of many smaller fires
Master Boot Record (MBR): Initial physical (not logical) sector on a hard drive; includes the BIOS as part of the boot process, and also contains data about hard drive structure in the partition table; used on ISA and Wintel computers. See also Boot Record, Boot Sector, and System Boot Record
Master Mutual Aid Agreement: Documented agreement entered into by and between a state, its various departments and agencies, and various political subdivisions, municipal corporations, and other state agencies to assist each other by providing resources during an emergency
Material Convergence: Tendency in disasters for large number of donated materials, supplies, and equipment to flow into disaster areas. See also Convergence, Informational Convergence, and Personal Convergence
Maturity: See also Business Continuity Management Maturity
Maximum Acceptable Outage (MAO): Timeframe within which recovery efforts must become effective before an outage compromises the organization’s ability to achieve its business objectives and/or survival. See also Outage, MTD, and MTA
Maximum Contaminant Level (MCL): Highest permitted level of a contaminant in water in a public water system; established by the Environmental Protection Agency (EPA); defined in the Safe Drinking Water Act as the level that may be achieved with the use of the best available technology, treatment techniques, and other means that EPA finds are available after taking cost in consideration. See also Treatment Technique
Maximum Tolerable Downtime (MTD): See also Recovery Time Objective, Maximum Acceptable Outage
Maximum Time in Alternative Operations (MTA): See: Maximum Acceptable Outage (MAO)
MCL: See Maximum Contaminant Level
MD5: One-way hash-based operation that transforms a data string of any length into a shorter, fixed-length value; no two data strings will produce same hash value; attempts to ensure that data has not been altered or tampered with, and that its integrity may be trusted
Measures of Effectiveness (MOE): Probability model based on engineering techniques that approximates the impact a given action will have on an environment; in information warfare it is the ability to attack or defend within an Internet environment
Media: News reporting function including TV, radio, Internet, e-mail and newspapers; also refers to the type of material used for storing data, e.g., disk, tape, or optical storage
Media Virus: Designed to capture the public’s attention, and particularly the media, generally out of proportion to its significance
Medical Control: Entity accountable for medical competence of an emergency medical services (EMS) system; involves training of physicians, nurses, and emergency medical technicians in pre-hospital phase of care, and measurement, assessment, and improvement of the EMS system's performance
Medical Coordination: Operating relationship established among healthcare providers during transition from pre-hospital to hospital phase of patient care; assumes simplification and standardization of materials and methods. See also Medical Control
Medical Unit: Functional unit within the Service Branch of the ICS Logistics Section responsible for development of a Medical Emergency Plan, and provision of emergency medical treatment for incident personnel
Meet in the Middle: Cryptanalytic attack in which the attacker uses known plaintext and corresponding ciphertext to perform both encryption and decryption so as to determine a multi-part key
Melissa: Microsoft Word macro virus that used Microsoft Outlook functions to quickly spread itself
Meme Virus: See also Hoax
Memory Resident Virus: Remains in memory after executing and infects other files when certain conditions are met; by contrast, non-memory resident viruses (direct action), are active only while an infected application runs
Message Center: Unit with an Incident or Communications Center that receives, records, and routes information to appropriate locations at an incident or within an EOC
Message Digest: Se also Digest
Metavirus: See also Hoax
Michelangelo: Evolution of Stoned boot sector/MBR virus that is supposed to release a damaging payload when a computer is booted on March 6th, the birth date of Michelangelo
Middleware: Application that connects two otherwise separate applications
Military Assistance for Civil Disturbance (MACDIS): Military measures taken by DoD elements to minimize effects on the population resulting from an enemy attack on the U.S. and its territories or possessions; includes emergency repair to destroyed or damaged utilities and facilities
Military Resources: Military and civilian personnel, facilities, equipment, and supplies under the control of a DoD component
Military Support Liaison Officer (MSLO): DoD representative to FEMA or DHS, normally an Army Officer Grade 6 (0-6), who facilitates communications and provides coordination between the DoD and FEMA/DHS
Military Support to Civil Authorities (MSCA): Activities and measures taken by DoD components to foster mutual assistance and support among the DoD and civil government agencies in planning or preparedness for, or in the application of resources for response to the consequences of civil emergencies or attack, including national security emergencies
Millennium Bug: See also Y2K
Mimicking: See also Spoofing
Mirroring: See also Data Mirroring
Mission Critical Activities: Significant operational and/or business support activities (either provided internally or externally) without which the business or government agency would quickly be unable to achieve its objective(s). See also Critical Service
Mission Critical Activity Dependencies: Key operational or support activities (either provided internally or externally), needed by mission critical activities that facilitate its completion. See also Dependencies
Mission-Critical Application: Application determined to be essential to an organization's ability to perform necessary business functions; its loss would have a negative impact on the organization, including potential legal and/or regulatory impacts
Mitigation: Processes and procedures used to reduce the potential impact or damage from a specific disaster or crisis; incorporates preparedness and long-term risk reduction measures; addresses planning and deployment measures that reduce risks associated with known natural and manmade hazards and responds to disasters which do occur; attempts to reduce identified risks and vulnerabilities to more acceptable levels Mitigation Activities: Actions and procedures that help avoid a disaster or minimize its impact
Mitigation, Hazard: See Hazard Mitigation
Mobile Code: Software transferred from a host to a client (or another host computer) to be subsequently executed; example: worms
Mobile Recovery: Transportable resource purchased or contracted to facilitate operational recovery; can include computers, workstations, telephone, electrical power, etc.
Mobile Standby: Transportable operating environment - often a large trailer - complete with office facilities and computer equipment that can be delivered and deployed a suitable site at short notice
Mobile Support Team: Individuals designated by a Governor or other designated leader to train and to be dispatched, when and if a Governor or leader so determines, to aid and reinforce emergency management efforts in response to a disaster
Mobilization: Launching emergency response and recovery assets in response to invocation of an emergency plan; assembling and organizing national resources to support national objectives in time of war and other emergencies; processes and procedures used by all Federal, state and local organizations for activating, assembling, and transporting resources that have been designated to respond to or support an incident; a) full mobilization involves expansion of active forces resulting from action by Congress to mobilize reserve military and non-military units; b) total mobilization involves expansion of active forces by organizing and activating additional units beyond the existing approved troop basis to respond to additional requirements; c) partial mobilization involves expansion of active forces in a time of national emergency (short of full mobilization) as a result of an action of the President or Congress to mobilize Reserve Component (RC) units and individual reservists; d) selective mobilization involves expansion of active forces by mobilization of RC units to satisfy an emergency requirement for assets tailored to a specific requirement (such as civil disturbances or other domestic situations)
Mobilization Center (MC): Designated location where response personnel and resources are received from supply areas and readied for deployment to a local staging area or incident site; provides temporary support services, such as food and billeting, for response personnel prior to their deployment; also refers to off-incident site where emergency service personnel and equipment are located
Mock Disaster: Method used for exercising crisis response and recovery teams in which participants must define actions they would take in response to a specific disaster scenario; usually involve all or most applicable emergency teams; using exercise coordinators, the teams walk through actions they would take according to their plans, or simulate performance of these actions; exercises may use a single exercise location or multiple sites, with communication between teams simulating actual disaster mode communications
Model: Framework for thinking and acting; representation of how processes and procedures should interact
Modem: Device that lets computers transmit information over standard telephone lines; can transmit at different speeds and data transfer rates
Modes of Operation: Describes conditions under which a system functions, based on sensitivity of data processed and user clearance levels and authorizations; four modes are authorized:
1) Dedicated Mode – Occurs when each user with direct or indirect individual access to the system, its peripherals, remote terminals, or remote hosts, has a valid personnel clearance for all information on the system; formal access approval and signed nondisclosure agreements for all information stored and/or processed; a valid need to know for all information contained within the system
2) System-High Mode – Occurs when each user with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts has a valid personnel clearance for all information on the system; formal access approval and signed nondisclosure agreements for all information stored and/or processed; a valid need to know for some of the information in the system
3) Compartmented Mode – Occurs when each user with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts, has valid clearance for the most restricted information processed in the system; formal access approval and signed nondisclosure agreements for that information to which he/she is to have access; a valid need to know for that specific information
4) Multilevel Mode – Occurs when users with direct or indirect access to the system, its peripherals, remote terminals, or remote hosts satisfy all the following conditions: a) some do not have valid personnel clearances for all the information processed in the system; b) all have proper clearances and appropriate formal access approval for that information to which he/she is to have access; c) all have a valid need to know for that information to which they are to have access
Modified Mercalli Intensity Scale: Scale that ranks effects produced by an earthquake on people, structures, and the ground; values denoted by a Roman numeral and range from I (not generally felt) to XII (general panic; conspicuous cracks in ground; damage considerable and substantial to all but the most seismically resistant engineered structures)
Modifies Files: Condition in which a payload changes contents of files on a computer and may corrupt files
Module: Executable that runs security checks on specific areas of a server or workstation security
Monoculture: Situation where a large number of users run the same software, and are vulnerable to the same attacks
Morbidity: Departure, whether subjective or objective, from a state of physiological or psychological normality or well-being
Morris Worm: Malware program written by Robert T. Morris, Jr. that flooded the ARPANET in November 1988, causing problems for thousands of hosts
Mortality Data: Information relating to the number of deaths used to assess the magnitude of a disaster, evaluate the effectiveness of disaster preparedness, evaluate the adequacy of warning systems, and aid in contingency planning by identifying high risk groups
Motivation: Relative amount of incentive a threat has to compromise or damage an organization’s assets
MtE: Abbreviation for polymorphic or mutation engines written by virus author known as Dark Avenger; while not a virus, can be attached to any virus, giving the virus polymorphic features
MTX: Multipartite virus that reproduces both by sending itself as an email message, and by infecting program files; takes control of Internet connections on infected machines, and seeks to bar access to antiviral Web sites
Mudslide (Mudflow): Describes a condition where a river, flow, or inundation of liquid mud flows down a hillside, usually the result of a dual condition of loss of brush cover, and the subsequent accumulation of water on or under the ground preceded by a period of unusually heavy or sustained rain
Multi-Agency Coordination System (MACS): Combination of personnel, facilities, equipment, procedures and communications integrated into a common system; responsible for coordination of assisting agency resources and support in a multi-agency or multi-jurisdictional environment
Multi-Agency Incident: Situation where one or more agencies assist a jurisdictional agency or agencies; may be managed under single or unified command
Multi-Agency or Inter-Agency Coordination: Participation of agencies and disciplines involved at any level of an emergency organization working together in a coordinated effort to facilitate decisions for overall emergency response activities, including the sharing of critical resources and the prioritization of incidents
Multicast: Broadcasting from one host to a given set of hosts; simultaneously send the same message to a list of recipients on a network
Multi-Homed: Situation exists if a network is directly connected to two or more ISPs
Multi-Jurisdiction Incident: Event requiring action from multiple agencies that have a statutory responsibility for incident mitigation; under ICS these incidents are managed under Unified Command procedures
Multilevel Device: Permits simultaneous processing of data at two or more security levels without risk of compromise; requires storage of sensitivity labels on the same physical medium and in the same form (i.e., machine-readable or human-readable) as data being processed
Multilevel Secure: System classification that contains information with different sensitivities that simultaneously permits access by users with different security clearances and needs-to-know, but prevents users from obtaining access to information for which they lack authorization
Multilevel Security Mode: See also Modes of Operation
Multipartite: Defines a virus that infects multiple types of objects, or which reproduces in multiple ways
Multiple Access Rights Terminal: Device that may be used by more than one class of users; for example, users with different access rights to data
Multiplexing: Process that combines multiple signals from the same and/or different sources into a single data stream so that it can be transmitted over a single communications path
Multiuser Mode of Operation: Designed for systems that process sensitive unclassified information where users may not have a need to know for all information processed in the system; also used for microcomputers processing sensitive unclassified information that cannot meet requirements of the stand-alone mode of operation
Municipality: Any city, village, or incorporated town
Mutating Virus: See also Polymorphic
Mutual Aid Agreement: Written agreement among and between agencies and/or jurisdictions in which they agree to assist one another upon request, by furnishing personnel and equipment
Mutual Aid Coordinator: Designated individual at local government, operational area, region or state level with responsibility to coordinate requesting, obtaining, processing and using mutual aid resources
Mutual Aid Region: Subdivision of a state office of emergency services established to coordinate mutual aid and other emergency operations within a geographical area of the state, usually consisting of two or more county (operational) areas
Mutual Suspicion: State that exists between interacting processes (subsystems or programs) in which neither process can expect the other process to function securely with respect to some property
CPM Dictionary
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z