CPM Dictionary: S
S/Key: Security mechanism that uses a cryptographic hash function to generate a sequence of 64-bit, one-time passwords for remote user login; for each successive user authentication, the number of hash applications is reduced by one
Safeguard: Protective measure or control prescribed to meet security requirements specified for a system; may include but are not necessarily limited to hardware and software security features, operating procedures, accountability procedures, access and distribution controls, management constraints, personnel security, and physical structures, areas, and devices
Safeguard Assessment: Process identifying safeguards that best support the risk-reduction strategy formed during the risk assessment phase
Safety: Need to ensure that people involved with an organization, including employees, customers, and visitors, are protected from harm
Safety Officer: Member of Command Staff at an incident or within an emergency operations center responsible for monitoring and assessing safety hazards or unsafe situations, and for developing measures for ensuring personnel safety
Safir-Simpson Scale: Used to measure strength of hurricanes
Salami: Attack program that takes advantage of active systems to make incremental changes; example: banking system that siphons fractions of a penny at a time into a programmer's account
Salt: Random data added to small amounts of information, such as passwords or session keys, prior to encryption in order to make dictionary attacks (a type of brute force attack) more difficult or time consuming; comparable to challenge/response, initialization vector, and nonce processes
Salvage and Restoration: Process of reclaiming or refurbishing computer hardware, vital records, office facilities, etc. following a disaster
Sample: Material collected from a source other than an animal or human for laboratory analysis (such as a water sample or soil sample)
Sanctuary: Initial safe place where displaced people visit after leaving a zone of conflict
Sandbox: Security model describing how code or programs from untrusted sources can be run in an environment that restricts potentially dangerous activities and functions
Sanitize: Delete sensitive data from a file, a device, or a system; or modify data so as to be able to downgrade its classification level
Scan String: See also Signature
Scanner: 1) Program which reads contents of a file looking for code known to exist in specific virus programs; also called known virus scanning (KVS); 2) in network situations, program which examines computers and network systems examining configurations and looking for security vulnerabilities; can be used by both defenders and attackers
Scavenging: Searching through data residue in a system to gain unauthorized knowledge of sensitive data
Scenario: Pre-defined set of business and government continuity incidents and conditions that describe an interruption, disruption or loss related to some aspect(s) of an organization's business for purposes of exercising a plan(s) and the people that would manage an event
SCO: See State Coordinating Officer
Scores: Macintosh virus written with intent to cause problems for a specific company and software program
Screened Subnet: Isolated subnet created behind a screening router to protect a private network
Screening: Presumptive identification of unrecognized diseases or defects by the application of tests, examinations or other procedures, which can be applied rapidly; designed to sort out apparently well persons who probably have a disease from those who probably do not; not intended to be diagnostic
Screening Router: Device configured to permit or deny traffic using filtering techniques based on a set of permission rules installed by the administrator; typically found in firewalls to block traffic between the network and specific hosts on an IP port level; considered a basic firewall, and used when speed or network performance is the major decision criteria
Script: Program that consists of a set of instructions for an application; consists of instructions expressed using the application's rules and syntax, combined with simple control structures
Script Virus: Standalone object, contained in a text file or email message
Secondary Attack Rate: Number of cases of an infection that occur among contacts within an incubation period following exposure to a primary case in relation to the total number of exposed contacts. See also Attack Rate
Secondary Hazard: Threat whose potential is realized as the result of a triggering event that in itself would constitute an emergency; example: dam failure might be a secondary hazard associated with earthquakes (FEMA)
Secondary Server: Device which functions as a “child” of a primary server; in a server group, secondary servers retrieve information from the same primary server; when a secondary server is itself a parent server, it in turn passes information to its managed clients
Section: Organization level with responsibility for a major functional area of the incident or at an EOC, e.g., Operations, Planning, Logistics, Administration/Finance
Section Chief: ICS title for individuals responsible for command of functional sections
Sector Virus: See also Cluster Virus
Secure Configuration Management: Procedures used for controlling changes to a system's hardware and software structure so as to ensure that changes will not lead to violations of the system's security policy
Secure Electronic Transactions (SET): Protocol developed for credit card transactions in which all parties (customers, merchant, and bank) are authenticated using digital signatures; encryption protects the message and provides integrity, and provides end-to-end security for credit card transactions online
Secure Shell (SSH): Program designed to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another
Secure Socket Layer (SSL): Widely used security protocol developed by Netscape for transmitting private documents via the Internet; uses a public key to encrypt data transferred over the SSL connection; SSL is independent of application it encapsulates, and any higher level protocol can layer on top of SSL transparently; protocol has two layers: a) SSL Record Protocol (lower layer) sits above the transport protocol and encapsulates higher level protocols; b) upper layer provides asymmetric cryptography for server authentication (verifying the server's identity to the client) and optional client authentication (verifying the client's identity to the server), also enables setup of a symmetric encryption algorithm and secret session key
Secure State: Condition in which no subject can access any object in an unauthorized manner
Secure Subsystem: Contains its own implementation of a reference monitor concept for those resources it controls; must depend on other controls and base operating system for control of subjects and more primitive system objects
Security Architecture: Detailed plan with principles that describe a) security services a system must provide to meet user needs; b) system elements needed to implement such services; and c) performance levels required in the elements to deal with threat environments; total system security architecture includes administrative security, communication security, computer security, emanations security, personnel security, and physical security, and deals with both intentional, intelligent threats and accidental kinds of threats. See also Security Policy
Security Association: 1) Relationship established between two or more entities that facilitates protection of data they exchange; used to negotiate characteristics of protection mechanisms, but does not include the mechanisms themselves; 2) For IPsec situations, a simplex (uni-directional) logical connection created for security purposes and implemented with either AH or ESP (but not both); typically identified by three components, a) destination IP address, b) protocol (AH or ESP) identifier, and c) Security Parameter Index
Security Audit: Independent review and examination of an organization’s security policy, records, and activities to determine the adequacy of system controls, ensure compliance with established security policy and procedures, detect breaches in security services, and recommend any changes that are indicated for countermeasures; audit establishes accountability for system entities that initiate or participate in security-relevant events and actions
Security by Obscurity: Practice of attempting to secure a system by failing to publish information about it, in the hope that nobody will be able to figure out how it works
Security Critical Mechanisms: Procedures whose correct operation is necessary to ensure that security policy is enforced
Security Evaluation: Analysis performed to assess the degree of trust or assurance that can be placed in systems for the secure handling of sensitive information; two types: a) product evaluation is performed on hardware and software features and assurances of a computer product without factoring in applications; b) system evaluation assesses a system's security safeguards with respect to a specific operational mission and is a major step in the certification and accreditation process
Security Fault Analysis: Assessment performed on hardware at the gate level to determine security properties of a device when a hardware fault is encountered
Security Features: Functions, mechanisms, and characteristics of system hardware and software related to security; typically a subset of system security safeguards
Security Filter: Trusted subsystem that enforces a security policy on data that pass through it
Security Flaw: Error of commission or omission in a system that may facilitate bypassing of protection mechanisms or safeguards. See also Loophole
Security Flow Analysis: Assessment performed on a formal system specification that locates potential flaws in information flows within the system
Security Kernel: Hardware, firmware, and software elements of a TCB that implement the reference monitor concept; must mediate all accesses, be protected from modification, and be verifiable as correct
Security Label: Information that represents security level of an object
Security Life Cycle: Method of initiating and maintaining a security plan; involves assessing business risk, risk mitigation activities, plan implementation, and measurement actions to verify that the plan reduced risks
Security Level: Hierarchical classification and a set of nonhierarchical categories that represent the sensitivity of information
Security Measures: Elements of software, firmware, hardware, or procedures included in a system to satisfy security specifications or security policy
Security Perimeter: Boundary where security controls are in effect to protect assets
Security Policy: Rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources
Security Policy Model: Formal presentation of security policy enforced by a system; must identify rules and practices that regulate how a system manages, protects, and distributes sensitive information. See also Bell-La Padula Model and Formal Security Policy Model
Security Range: Highest and lowest security levels permitted in or on a system, system component, subsystem or network
Security Requirements: Types and levels of protection necessary for equipment, data, information, applications, and facilities to satisfy established security policy
Security Requirements Baseline: Minimum requirements a system must contain to establish and maintain an acceptable security environment
Security Response: Research, creation, delivery, and notification of responses to viral and malicious code threats, as well as operating system, application, and network infrastructure vulnerabilities. Also see Notification
Security Review: Periodic security review of tangible and intangible assets which should cover security policy, effectiveness of policy implementation, restriction of access to assets, accountability for access and basic safety
Security Safeguards: See also Safeguard
Security Specifications: Detailed description of safeguards required to protect a system
Security Services: Management, assessment, monitoring, and response services available to organizations (both internally and externally) that help them protect their networked assets and infrastructure
Security Test and Evaluation: Examination and analysis of system security safeguards as applied in an operational environment to determine overall security posture of the system
Security Testing: Process used to determine that security features of a system are implemented as designed; includes hands-on functional testing, penetration testing, and verification
Segment: Another name for TCP packets; also an individual link in a multipoint network.
Self-Extracting Files: Contains software to decompress part of itself into one or more parts when executed; used to transmit files and software via the Internet; potential security problem as compression provides a form of encryption, giving self-extracting files the ability to hide viruses and other malware
Self-Garbling Virus: See also Polymorphic
Self-Insurance: Management decision to bear losses that could result from a business interruption rather than take insurance to cover the risk
SEMS: See also Standardized Emergency Management System
Sensitive Information: Unclassified information that, if compromised, could adversely affect the national interest or conduct of federal initiatives
Sensitivity Label: Information that describes the security level of an object; used by the TCB as basis for mandatory access control decisions
Sentinel Surveillance: Technique that uses selected population samples chosen to represent relevant experience of particular groups
Separation of Duties: Principle of splitting privileges among multiple individuals or systems
Seroepidemiology: Special study or activity based on serologic testing of characteristic changes in the serum level of specific antibodies; makes it possible to detect latent, sub-clinical infections and carrier states. See also Epidemiology
Sequence Number: Found in Norton AntiVirus products, sequence numbers are an alternate method of representing the date of the latest definitions or required definitions
Serial Communication: Transmission of information between computers, or between computers and peripheral devices, one bit at a time over a single line (or a data path that is one bit wide); can be either synchronous or asynchronous; sender and receiver must use same data transfer rate, parity, and flow control information
Serial Interface: Data transmission scheme in which data and control bits are sequentially sent in one-bit-wide data paths over a single transmission line. See also RS-232-C Standard
Serial Port: Also known as a communications port or COM port; used for sending and receiving serial data transmissions; on PCs typically referred to as COM1, COM2, COM3, and COM4
Serial Transmission: See also Serial Communication
Server: System entity that provides a service in response to requests from other system entities called clients
Server Group: Collection of servers and clients that share network channels; can be managed as a unit
Service Branch: Unit within the ICS Logistics Section responsible for service activities at the incident; includes Communications, Medical and Food Units
Service Level Agreement (SLA): Formal documented agreement between a service provider (whether internal or external) and the client (whether internal or external), which covers the nature, quality, availability, scope and response of the service provider; often covers day-to-day situations and disaster situations, as the need for the service may vary in a disaster
Servlet: Java applet that runs within a Web server environment
Session: Virtual connection between two hosts by which network traffic is passed
Session Hijacking: Take over a session that someone else has established
Session Key: Temporary symmetric encryption key used for a relatively short period of time; used for a defined period of communication between two computers, such as for the duration of a single connection or transaction set
Severe Thunderstorm Warning: Issued when severe thunderstorms are imminent that could produce large hail (3/4 inch in diameter or larger), winds of 58 mph or more, lightning and heavy rainfall
Severe Thunderstorm Watch: Issued when thunderstorms may develop that could produce large hail (3/4 inch in diameter or larger), winds of 58 mph or more, lightning and heavy rainfall
Severity: Level assigned to an incident. See also Incident
Shadow Password Files: System file in which encryption user passwords are stored so that they aren't available to people who try to break into the system
Share: Resource made public on a machine, such as a directory (file share) or printer (printer share)
Shared Drives: Situation where systems and applications may share more than one hard drive; potential threat based on opportunity for malware to replicate itself through mapped drives or other server volumes to which the user might be authenticated
Shareware: Software that is distributed widely, but users who continue to use the software are supposed to pay for the programs. See also Freeware, Open Source, Public Domain
Shell: Unix term for interactive user interface with an operating system; typically the layer of programming that understands and executes the commands a user enters; sometimes called a command interpreter
Shell Scrap Object: Microsoft file format, one of many that may include executable content
Shrink Wrap: Plastic film used to protect the packaging of commercial software
Sickness: See Disease
Sickness, Radiation: See Radiation Sickness
Side Effect: Result, other than the intended one, produced by a preventive, diagnostic, or therapeutic procedure or regimen; not necessarily harmful
Signals Analysis: Gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains data but is not intended to communicate that data
Signature: Distinct pattern in network traffic that can be identified to a specific tool or exploit; may be a fixed string of bytes, known as a scan string, although it may be more complex and algorithmically based. See also Scanner
Silver Control (UK): The agreed civil Emergency Services term for Tactical Control. See also Tactical Control; Level 2 Control
Simple Integrity Property: Situation in which users cannot write data to a higher integrity level than their own
Simple Network Management Protocol (SNMP): Rules governing network management and monitoring of network devices and their functions; used to manage complex networks
Simple Security Condition: See also Simple Security Property
Simple Security Property: Situation in which users cannot read data of a higher classification than their own; a Bell-La Padula security model permits subject read access to an object only if subject’s security level dominates the security level of the object. See also Simple Security Condition
Simulation: Use of a model system, e.g., a mathematical model or an animal model, to approximate the action of a real system, often used to study the properties of a real system
Simulation Exercise: Approach for rehearsing teams in which participants perform some or all of the actions they would take in the event of plan activation; may involve one or more teams, and are performed under conditions that at least partially simulate 'disaster mode'
Single-Level Device: Element that is used to process data of only a single security level at any one time
Single Point of Failure: Unique (single) source or pathway of a service, activity and/or process; typically there is no alternative, and loss of that element could lead to total failure of a mission critical activity and/or dependency
Single Resource: Individual piece of equipment and its personnel complement, or a crew or team of individuals with an identified work supervisor that can be used on an incident
Single Sign-On: Specialized system or procedure in which users are authenticated once, and thereafter have access to a number of different systems
Site Access Denial: See also Denial of Access
SITSTAT: Acronym for the Situation Unit-A Unit within the ICS Planning Section
Situation Unit: Group within the ICS Planning Section responsible for collection, organization and analysis of incident status information, and for analysis of situation as it progresses
Size of Attachment: Data field that indicates the size of a file attached to the infected email
Size-Up: Identify a problem and assess potential consequences; usually the responsibility of the first officer to arrive at an emergency scene; continue throughout the response phase and continuously update the status of the incident, evaluate the hazards present, determine the size of the affected area as well as whether the area can be isolated. See also Incident Command System
Slow-Onset Disaster (Creeping Disasters, Slow-Onset Emergencies): Situations in which the ability of people to acquire food and other necessities of life slowly declines to a point where survival is ultimately jeopardized; typically brought on by drought, crop failure, pest diseases, or other forms of "ecological disaster, or neglect; early detection and action can help effect remediation and prevent excessive human distress or suffering
Smartcard: Electronic badge with a magnetic strip or chip that can record and replay a set key
Smurfing: Information security denial of service (DOC) attack that works by spoofing target addresses and sending pings to the broadcast address for a remote network resulting in a large amount of ping replies being sent to the target; exploits IP broadcast addressing and ICMP ping packets to cause network flooding
Sniffer: Specialized tool that monitors network traffic as received in a network interface
Sniffing: Synonym for passive wiretapping
Social Engineering: Non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threats - used to attack or penetrate a system by tricking or subverting operators or users, rather than by means of a technical attack
Social Impact: Effect an emergency or business continuity incident has on the overall well being of a community or overall population
Socket: Code that tells a host's IP stack where to plug in a data stream so that it connects to the right application
Socket Pair: Technique to uniquely specify a connection, i.e., source IP address, source port, destination IP address, destination port
SOCKS: Protocol that a proxy server can use to accept requests from client users in a company's network so that it can forward them across the Internet
Software: Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution
Software Development Methodologies: Techniques for specifying and verifying design programs for system development
Software Security: General purpose (executive, utility or software development tools) and applications programs or routines that protect data handled by a system
Software System Test and Evaluation Process: Procedures used for planning, development and documentation of all baseline functional performance, operational and interface requirements
SOP: See Standard Operating Procedure
Source Computer: Device (with drivers and applications installed) that can be used as a template; image file of this computer is created and cloned onto other client computers
Source Port: Used by a host to connect to a server
Sourcing: See also Supplier, Third Party Supplier, and Outsourcing
Spam: Electronic junk mail or junk newsgroup postings
Span of Control: Supervisory ratio maintained within an ICS or EOC organization; optimum is five positions reporting to one supervisor. See also Control
Spanning Port: Configures switch to behave like a hub for a specific port
Spawning: See also Companion Virus
Special District: Local government unit (other than a city, county, or city and county) with authority or responsibility to own, operate or maintain a project for natural disaster support; may include a joint powers authority
Specific Immunity: State of altered responsiveness to a specific substance acquired through immunization or natural infection; for some diseases (e.g., measles, chicken pox) this protection can last for individual’s life
Speculative Risk: Situation where uncertainty exists as to whether a gain or loss will occur; example: exposure to movements in exchange rates
SpeedSend: Enhances file transfer performance when sending files with duplicate file names, by comparing the two files and transferring only the data that is different in the source file
Spill Event: Discharge, in harmful amounts, which includes, but is not limited to, spilling, leaking, pumping, pouring, emitting, emptying, or dumping of oil or hazardous substances on land, navigable waters, their tributaries, or adjoining shorelines; can include inland rivers, coastal territorial waters, or the contiguous zone and high seas where there exists a threat to U.S. waters, shore face, or shelf-bottom, and intrastate and interstate lakes, rivers and streams used for travel, recreation, or other purposes
Split Key: Cryptographic key divided into two or more separate data items that individually convey no knowledge of the whole key that results from combining the items
Split Horizon: Algorithm for avoiding problems caused by including routes in updates sent to a gateway from which they were learned
Spontaneous Evacuation: Situation where residents or citizens in threatened areas observe an emergency event or receive unofficial word of an actual or perceived threat and without receiving instructions to do so, elect to evacuate the area; typically their movement, means, and direction of travel are unorganized and unsupervised. See also Evacuation
Spoof: Attempt by an unauthorized entity to gain access to a system by posing as an authorized user
Spyware: Type of malware that reports on contents, status, or operation of a computer to a remote system or user; usually refers to modules or functions in software that report to the author, publisher, or service provider of an otherwise legitimate system. See also Adware, Cookie, and Web Bug
SQL Injection: Type of input validation attack specific to database-driven applications where SQL (structured query language) code is inserted into application queries to manipulate the database
Stack Mashing: Technique of using a buffer overflow to trick a computer into executing arbitrary code
Staging Area: Locations set up at an incident where resources can be placed while awaiting specific tactical assignments; usually managed by ICS Operations Section; location where incident personnel and equipment are assigned on a three (3) minute available status or immediate deployment to an operational site within the disaster area. See also Incident Command System
Staging Area Managers: Individuals within ICS organizational units assigned specific managerial responsibilities at Staging Areas Stand Down: Formal notification that the response to an emergency or other incident has been concluded
Standalone, Shared System: System that is physically and electrically isolated from all other systems; is intended to be used by more than one person, either simultaneously (e.g., a system with multiple terminals) or serially, with data belonging to one user remaining available to the system while another user is using the system (e.g., a personal computer with non-removable storage media such as a hard disk)
Standalone, Single-User System: System that is physically and electrically isolated from all other systems; is intended for use by one person at a time, with no data belonging to other users remaining in the system (e.g., a personal computer with removable storage media such as a floppy disk)
Standalone Test: Examination conducted on a specific plan component, in isolation from other components, typically under simulated operating conditions
Standard Metropolitan Statistical Area (SMSA): Geographic area which must include one city of 50,000 or more; area as a whole must have a total population of at least 100,000, and may also cross state lines
Standard Operating Procedure (SOP): Set of instructions constituting a directive, covering those operational features which are best handled by a step-by-step process; used in EOPs to detail and specify how tasks assigned in the EOP are to be carried out (FEMA)
Standard Precautions: Activities that reduce the potential for negative impacts or hazards; examples include hand-washing after patient contact; using gloves when touching blood, body fluids, secretions, excretions, and contaminated items; using mask, eye protection, and gown during procedures likely to generate splashes or sprays of blood, body fluids, secretion, or excretions; handling contaminated patient-care equipment and linens in a manner that prevents the transfer of microorganisms to people or equipment; practicing care when handling sharp objects; using a mouthpiece or other ventilation device as an alternative to mouth-to-mouth resuscitation; placing patients in a private room if he/she contaminates the environment. See also Airborne Precautions, Contact Precautions, and Droplet Precautions
Standardized Emergency Management System (SEMS): Required by the State of California for managing response to multi-agency and multi-jurisdiction emergencies in the state; consists of five organizational levels activated as necessary: Field Response, Local Government, Operational Area, Region, and State
Standby Service: Provision of relevant recovery facilities. See also Cold Site, Warm Site, Hot Site, Work Area and Mobile Standby
Star Property: Security provision where users cannot write data to a lower classification level without logging in at that lower classification level
State: Any State of the United States; also the District of Columbia, Puerto Rico, the Virgin Islands, Guam, American Samoa, Northern Mariana Islands, and the Trust Territory of the Pacific Islands
State Coordinating Officer (SCO): State Governor’s representative who coordinates state, commonwealth, or territorial response and recovery activities with those of the Federal Government
State Delta Verification System: System providing high confidence regarding microcode performance that uses formulas that represent isolated computation states to check proofs concerning the course of that computation
State Emergency Operations Center (SEOC): Facility where SCO and staff are initially located; this may shift from the SEOC upon arrival of the emergency response team at that location State Emergency Operations Plan: State plan designed specifically for State-level response to emergencies or major disasters and which sets forth actions to be taken by the State and local governments, including those for implementing Federal disaster assistance
State Liaison: FEMA/DHS official assigned to a particular State who handles initial coordination with the State in the early stages of an emergency (FEMA)
State Machine: System that moves through a series of progressive conditions
State Operations Center (SOC): Emergency operations facility operated by a Governor's Office of Emergency Management at the state level
State Variable: Represents either the state of a system or the state of some system resource
Stateful Dynamic Signature Inspection: Intrusion detection method used to detect attacks; refers to the process in which NetProwler builds a context around a monitored network session, enabling efficient analysis and recording of complex events
Stateful Inspection: Firewall architecture that works at the network layer; unlike static packet filtering, which examines a packet based on header information, stateful inspection examines not just the header information but also the contents of the packet up through the application layer to determine more about the packet than just information about its source and destination; also referred to as dynamic packet filtering
Static Host Tables: Text files that contain hostname and address mapping
Static Routing: Defines routing table entries containing information that does not change
Statutory: See also Legislative, Regulatory
Statutory Services: First responder organizations whose activities and procedures are specified by law, such as fire and rescue, Coast Guard. See also Emergency Services, Blue Light Services
Stealth: Technologies used by viral programs to avoid detection on disk
Stealthing: Refers to approaches used by malicious code to conceal its presence on the infected system
Steganalysis: Process of detecting and defeating the use of steganography
Steganography: Methods of hiding the existence of messages or other data; differs from cryptography, which hides the meaning of a message but does not hide the message itself; example: "invisible" ink
Stimulus: Network traffic that initiates a connection or solicits a response
Stockpile: Area or storehouse where medicine and other supplies are kept in the event of an emergency
Stoned: MS-DOS virus that has been used as a template for other viral strains, including Michelangelo
Storage Object: Object that supports both read and write accesses
Store-and-Forward: Method of data/message switching where individual packets are read and validated by a switch prior to sending them to another location
Storm Surge: Dome of seawater created by strong winds and low barometric pressure in a hurricane that causes severe coastal flooding as the hurricane strikes land
Straight-Through Cable: Connection method where pins on one side of a connector are wired to the same pins on the other end; used for interconnecting network nodes
Strategic Control: Process of establishing a framework of policy within which tactical controls will work and a strategy that tactical control will implement
Strategy: General plan or direction selected to accomplish incident or emergency management objectives
Stream Cipher: Encrypts a message a single bit, byte, or computer word at a time
Stress: Physical, mental or emotional strain or tension. See also Traumatic Stress
Stress, Traumatic: See Traumatic Stress
Strike Team: Specified combinations of the same kind and type of resources, with common communications and a leader. See also Incident Command Center
Strong Star Property: Users cannot write data to higher or lower classifications levels than their own
Structured External Threat: Defines someone outside the organization who may be a threat; typically technically skilled individual, may collaborate with others, and may use automated tools
Structured Internal Threat: Defines someone inside the organization who may be a threat; typically technically skilled, may collaborate with others, and may use automated tools
Structured Threat: Defines an individual who may be a threat to an organization; individual is technically skilled, may collaborate with others, and may use automated tools
Structured Walkthrough: Emergency plan rehearsal method that tests specific plan components; typically, team members make detailed presentations of the plan component to other team members (and possibly non-members) for their critique and evaluation
Sub Network: Separately identifiable part of a larger network that typically represents a certain limited number of host computers, the hosts in a building or geographic area, or the hosts on an individual local area network
Subcommittee on Automated Information Systems Security (SAISS): Group positioned under NTISSC, includes one voting member from each organization represented on NTISSC; authorized by U.S. Regulation NSDD-145
Subcommittee on Telecommunications Security (STS): Group positioned under the NTISSC, includes one voting member from each organization represented on the NTISSC; authorized by U.S. Regulation NSDD-145
Subject: Active entity, generally in the form of a person, process, or device, that causes information to flow among objects or changes the system state
Subject of E-mail: Technique used by worms for sending themselves via e-mail; this field indicates the subject of the e-mail the worm sends
Subject Security Level: Equal to the security level of the objects to which it has both read and write access; must be dictated by the subject user’s clearance level
Subnet Mask: Used to determine the number of bits used for the subnet and host portions of the address; usually a 32-bit value that uses one-bits for the network and subnet portions and zero-bits for the host portion
Subscription: Contract commitment that provides an organization with the right to utilize a vendor recovery facility for processing capability in the event of a disaster declaration
Sudden Natural Disasters: Calamities that strike with little or no warning; typically caused by natural phenomena such as earthquakes, floods, tropical storms, or volcanic eruptions; usually have an immediate adverse impact on human populations, activities, and economic systems
Super-User: Possesses full and unrestricted access to all aspects and resources of the system
Superfund: P.L. 96-510, Comprehensive Environmental Response, Compensation, and Liability Act (CERCLA); provides authority for Federal and state governments to respond directly to hazardous substance incidents
Supervisor State: See also Executive State
Supplier: Person or company who supplies goods or services to an organization. See also Outsourcing, Sourcing
Supply Unit: Functional unit within Support Branch of the ICS Logistics Section responsible for ordering equipment and supplies required for incident operations Support Agency: Federal department or agency that assists a primary agency with available resources, capabilities, or expertise in support of emergency response operations managed by the primary agency Support Branch: Unit within the ICS Logistics Section responsible for providing personnel, equipment and supplies to support incident operations; includes Supply, Facilities and Ground Support Units Support Resources: Non-tactical resources supervised by the Logistics, Planning, Finance/Administration Sections or Command Staff Supporting Materials: Refers to attachments that may be included with an Incident Action Plan, e.g., communications plan, map, safety plan, traffic plan, and medical plan Surveillance: Systematic ongoing collection, collation, and analysis of data and the timely dissemination of information to those who need to know so that action can be taken
Surveillance, Exposure: See Exposure Surveillance
Surveillance, Hazard: See Hazard Surveillance
Surveillance, Public Health: See Public Health Surveillance
Surveillance, Reporting Unit: See Reporting Unit For Surveillance
Sustainable Development: Activities occurring in the present that do not destroy resources needed for future development
Switch: Networking device that keeps track of MAC addresses attached to each of its ports so that data is only transmitted on the ports that are the intended recipient of the data; also, device that dynamically links various data streams via instructions contained in message headers
Switched Line: Standard dial-up telephone connection; type of line established when a call is routed through a switching station. See also Leased Line
Switched Network: Communications network, such as the public switched telephone network, in which any user may be connected to any other user through the use of message, circuit, or packet switching and control devices; links established to transport the call are held in place for the duration of the call, after which they are dropped for reuse on another call
Symbolic Links: Special files which point at another file
Symmetric Cryptography: Method of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or signature creation and signature verification); also called "secret-key cryptography" (versus public-key cryptography) because the entities share the key
Symmetric Key: Cryptographic key used in a symmetric cryptographic algorithm
Symmetric Key Encryption: Also known as private key encryption, uses same, private, key for encryption and decryption, the key being shared between two parties; does not require a public key infrastructure, as does asymmetric key encryption, but does require key exchange via a secure channel
SYN Flood: Denial of service (DOS) attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle
Synchronization: Signal made up of a distinctive pattern of bits that network hardware looks for to signal the start of a frame; loss of synchronization can disable a network; loss of clocking source can also disable synchronization
Synchronize: Copy files between two folders on host and remote computers to make the folders identical to one another; copying occurs in both directions; in situations where two files have the same name, the file with the most current date and time is copied. See also Clone
Synchronous Transmission: Method of data transmission in which information is sent in blocks of bits separated by equal time intervals; sending and receiving devices must link wit each other through a common reference signal, called a clock, so they can interact with one another at precise intervals; data are sent in a steady stream rather than in bursts. See also Asynchronous Transmission
Syndication Ratio: Number of times an alternate work area is sold by third party providers at a resource recovery location; availability at the time of an incident is on a first-come-first-served basis
Syndrome: See Disorder
Syntax Error: Occurs when creating a script, such as not enclosing a string in quotes or specifying the wrong number of parameters; usually detected during script compilation and are written to a file with the same source file name and the .err extension
Syslog: System logging facility for Unix systems
System: Set of related elements that work together to accomplish a task or provide a service
System Boot Record: First logical (not physical) sector of master hard drive or first physical sector on a floppy diskette; system boot record is called by the master boot record and points to the files needed to continue the boot process for the specific operating system; typically on ISA and Wintel systems. See also Boot Record, Boot Sector, and Master Boot Record
System Denial: Failure of an IT system for a protracted period, which may impact an organization's ability to sustain its normal business activities
System Development Methodologies: Techniques developed through software engineering to manage system development complexity; include software engineering aids and high-level design analysis tools
System Downtime: Planned or unplanned interruption in system availability
System High Security Mode: See also Modes of Operation
System Recovery: Procedures for rebuilding a computer system to the condition where it is ready to accept data and applications
System Restore: Procedures needed to return a system to an operable state where it is possible to run application software against available data
System High Security Mode: See also Modes Of Operation
System Integrity: Level of quality provided by a system when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system
System Low Security Mode: Lowest security level supported by a system at a particular time or in a particular environment
System Security Officer (SSO): Individual responsible for enforcement or administration of security policies that apply to a system. See also Information System Security Officer
System-Specific Policy: Written for a specific system or device
System Virus: Makes changes to system structures such as the MS Windows Registry or program search paths; virus which redirects system pointers and information so as to infect a file without actually changing the infected program file
Systemic Risk: Potential difficulties, such as failure of one participant or part of a process, system, industry or market to meet its obligations, that could cause other participants to not meet their obligations; this could cause liquidity and other problems, thereby threatening stability of the whole process, system, industry or market
Systems Affected: Operating systems or applications that are vulnerable to a threat
Systems Not Affected: Operating systems or applications that are not vulnerable to a threat
Systems Security Engineering-Capability Maturity Model (SSE-CMM): System for describing the essential characteristics of an organization's security engineering process, which must exist to ensure good security management; model can be used to evaluate and refine security engineering practices, evaluate a provider's security engineering capability, evaluate organizations, and establish organizational, capability-based confidences
Systems Security Steering Group: Senior U.S. government body established by NSDD-145 to provide top-level review and policy guidance for the telecommunications security and automated information systems security activities of the U.S. Government
CPM Dictionary
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z