https://DevOpsCloud.io -- Cloud Monk Losang Jinpa, Ph.D., MCSE/MCT, GitOps DevOps Engineer

RFC 4949 Internet Security Glossary Definitions N

Return to RFC 4949 Internet Security Glossary Definitions, RFC 4949 Internet Security Glossary, RFC 4949 Internet Security Glossary Bibliography, Cybersecurity, Awesome Security

([[Fair Use]] [[Source]]: [[RFC 4949])

name

(I) Synonym for “identifier”.

([[Fair Use]] [[Source]]: [[RFC 4949])

naming authority

(O) /U.S. DoD/ An organizational entity responsible for assigning DNs and for assuring that each DN is meaningful and unique within its domain. DoD9]

([[Fair Use]] [[Source]]: [[RFC 4949])

National Computer Security Center (NCSC)

(O) A U.S. DoD organization, housed in NSA, that has responsibility for encouraging widespread availability of trusted systems throughout the U.S. Federal Government. It has established criteria for, and performed evaluations of, computer and network systems that have a TCB. (See: Rainbow Series, TCSEC.)

([[Fair Use]] [[Source]]: [[RFC 4949])

National Information Assurance Partnership (NIAP)

(N) A joint initiative of NIST and NSA to enhance the quality of commercial products for information security and increase consumer confidence in those products through objective evaluation and testing methods.

Shirey Informational Page 196]

RFC 4949 Internet Security Glossary, Version 2 August 2007

Tutorial: NIAP is registered, through the U.S. DoD, as a National Performance Review Reinvention Laboratory. NIAP functions include the following: - Developing tests, test methods, and other tools that developers and testing laboratories may use to improve and evaluate security products. - Collaborating with industry and others on research and testing programs. - Using the Common Criteria to develop protection profiles and associated test sets for security products and systems. - Cooperating with the NIST National Voluntary Laboratory Accreditation Program to develop a program to accredit private- sector laboratories for the testing of information security products using the Common Criteria. - Working to establish a formal, international mutual recognition scheme for a Common Criteria-based evaluation.

([[Fair Use]] [[Source]]: [[RFC 4949])

National Institute of Standards and Technology (NIST)

(N) A U.S. Department of Commerce organization that promotes U.S. economic growth by working with industry to develop and apply technology, measurements, and standards. Has primary U.S. Government responsibility for INFOSEC standards for sensitive unclassified information. (See: ANSI, DES, DSA, DSS, FIPS, NIAP, NSA.)

([[Fair Use]] [[Source]]: [[RFC 4949])

National Reliability and Interoperability Council (NRIC)

(N) An advisory committee chartered by the U.S. Federal Communications Commission (FCC), with participation by network service providers and vendors, to provide recommendations to the FCC for assuring reliability, interoperability, robustness, and security of wireless, wireline, satellite, cable, and public data communication networks.

([[Fair Use]] [[Source]]: [[RFC 4949])

national security

(O) /U.S. Government/ The national defense or foreign relations of the United States of America.

([[Fair Use]] [[Source]]: [[RFC 4949])

National Security Agency (NSA)

(N) A U.S. DoD organization that has primary U.S. Government responsibility for INFOSEC standards for classified information and for sensitive unclassified information handled by national security systems. (See: FORTEZZA, KEA, MISSI, national security system, NIAP, NIST, SKIPJACK.)

([[Fair Use]] [[Source]]: [[RFC 4949])

national security information

(O) /U.S. Government/ Information that has been determined, pursuant to Executive Order 12958 or any predecessor order, to require protection against unauthorized disclosure. [C4009]

Shirey Informational Page 197]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])

national security system

(O) /U.S. Government/ Any Government-operated information system for which the function, operation, or use (a) involves intelligence activities; (b) involves crypto logic activities related to national security; © involves command and control of military forces; (d) involves equipment that is an integral part of a weapon or weapon system; or (e) is critical to the direct fulfillment of military or intelligence missions and does not include a system that is to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications). Title 40 U.S.C. Section 1552, Information Technology Management Reform Act of 1996.] (See: type 2 product.)

([[Fair Use]] [[Source]]: [[RFC 4949])

natural disaster

(I) /threat action/ See: secondary definitions under “corruption” and “incapacitation”.

([[Fair Use]] [[Source]]: [[RFC 4949])

NCSC

(O) See: National Computer Security Center.

([[Fair Use]] [[Source]]: [[RFC 4949])

need to know, need-to-know

(I) The necessity for access to, knowledge of, or possession of specific information required to carry out official duties.

Usage: The compound “need-to-know” is commonly used as either an adjective or a noun.

Tutorial: The need-to-know criterion is used in security procedures that require a custodian of sensitive information, prior to disclosing the information to someone else, to establish that the intended recipient has proper authorization to access the information.

([[Fair Use]] [[Source]]: [[RFC 4949])

network

(I) An information system comprised of a collection of interconnected nodes. (See: computer network.)

([[Fair Use]] [[Source]]: [[RFC 4949])

Network Hardware Layer

(I) See: Internet Protocol Suite.

([[Fair Use]] [[Source]]: [[RFC 4949])

Network Interface Layer

(I) See: Internet Protocol Suite.

([[Fair Use]] [[Source]]: [[RFC 4949])

Network Layer Security Protocol (NLSP).

(N) An OSI protocol (IS0 11577) for end-to-end encryption services at the top of OSIRM Layer 3. NLSP is derived from SP3 but is more complex. (Compare: IPsec.)

Shirey Informational Page 198]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])

Network Substrate Layer

(I) Synonym for “Network Hardware Layer”.

([[Fair Use]] [[Source]]: [[RFC 4949])

network weaving

(I) A penetration technique in which an intruder avoids detection and trace back by using multiple, linked, communication networks to access and attack a system. [C4009]

([[Fair Use]] [[Source]]: [[RFC 4949])

NIAP

(N) See: National Information Assurance Partnership.

([[Fair Use]] [[Source]]: [[RFC 4949])

nibble

(D) Half of a byte (i.e., usually, 4 bits).

Deprecated Term: To avoid international misunderstanding, IDOCs SHOULD NOT use this term; instead, state the size of the block explicitly (e.g., “4-bit block”). (See: Deprecated Usage under “Green Book”.)

([[Fair Use]] [[Source]]: [[RFC 4949])

NIPRNET

(O) The U.S. DoD's common-use Non-Classified Internet Protocol Router Network; the part of the Internet that is wholly controlled by the U.S. DoD and is used for official DoD business.

([[Fair Use]] [[Source]]: [[RFC 4949])

NIST

(N) See: National Institute of Standards and Technology.

([[Fair Use]] [[Source]]: [[RFC 4949])

NLSP

(N) See: Network Layer Security Protocol

([[Fair Use]] [[Source]]: [[RFC 4949])

no-lone zone

(I) A room or other space or area to which no person may have unaccompanied access and that, when occupied, is required to be occupied by two or more appropriately authorized persons. [C4009] (See: dual control.)

([[Fair Use]] [[Source]]: [[RFC 4949])

no-PIN ORA (NORA)

(O) /MISSI/ An organizational RA that operates in a mode in which the ORA performs no card management functions and, therefore, does not require knowledge of either the SSO PIN or user PIN for an end user's FORTEZZA PC card.

([[Fair Use]] [[Source]]: [[RFC 4949])

node

(I) A collection of related sub systems located on one or more computer platforms at a single site. (See: site.)

Shirey Informational Page 199]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])

nonce

(I) A random or non-repeating value that is included in data exchanged by a protocol, usually for the purpose of guaranteeing liveness and thus detecting and protecting against replay attacks. (See: fresh.)

([[Fair Use]] [[Source]]: [[RFC 4949])

non-critical

See: critical.

([[Fair Use]] [[Source]]: [[RFC 4949])

non-repudiation service

1. (I) A security service that provide protection against false denial of involvement in an association (especially a communication association that transfers data). (See: repudiation, time stamp.)

Tutorial: Two separate types of denial are possible – an entity can deny that it sent a data object, or it can deny that it received a data object – and, therefore, two separate types of non-repudiation service are possible. (See: non-repudiation with proof of origin, non-repudiation with proof of receipt.)

2. (D) “Assurance [that] the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender's id[[entity, so neither can later deny having processed the data.” [C4009]

Deprecated Definition: IDOCs SHOULD NOT use definition 2 because it bundles two security services – non-repudiation with proof of origin, and non-repudiation with proof of receipt – that can be provided independently of each other.

Usage: IDOCs SHOULD distinguish between the technical aspects and the legal aspects of a non-repudiation service: - “Technical non-repudiation”: Refers to the assurance a relying party has that if a public key is used to validate a digital signature, then that signature had to have been made by the corresponding private signature key. [SP32] - “Legal non-repudiation”: Refers to how well possession or control of the private signature key can be established. [SP32]

Tutorial: Non-repudiation service does not prevent an entity from repudiating a communication. Instead, the service provides evidence that can be stored and later presented to a third party to resolve disputes that arise if and when a communication is repudiated by one of the entities involved.

Shirey Informational Page 200]

RFC 4949 Internet Security Glossary, Version 2 August 2007

Ford describes the six phases of a complete non-repudiation service and uses “critical action” to refer to the act of communication that is the subject of the service [For94, For97]:

—————————————-. ——– Phase 1:Phase 2:Phase 3:Phase 4:Phase 5:. Phase 6: Request Generate Transfer Verify Retain . Resolve Service EvidenceEvidenceEvidenceEvidence. Dispute —————————————-. ——–

Service CriticalEvidenceEvidenceArchive . Evidence Request ⇒ Action ⇒ Stored ⇒ Is⇒ Evidence. Is Is Made Occurs For Later Tested In Case . Verified

 and  Use ]] | [[ ^Critical. ^
 Evidence v ]] | [[[[Action]] Is  . ]] | [[
 Is+-------------------+ Repudiated . ]] | [[
 [[Generate]]d  ]] | [[Verifiable Evidence]] | [[------> ... . ----+
+-------------------+

Phase / Explanation

1. Request service: Before the critical action, the service requester asks, either implicitly or explicitly, to have evidence of the action be generated. 2. Generate evidence: When the critical action occurs, evidence is generated by a process involving the potential repudiator and possibly also a trusted third party. 3. Transfer evidence: The evidence is transferred to the requester or stored by a third party, for later use (if needed). 4. Verify evidence: The entity that holds the evidence tests it to be sure that it will suffice if a dispute arises. 5. Retain evidence: The evidence is retained for possible future retrieval and use. 6. Resolve dispute: In this phase, which occurs only if the critical action is repudiated, the evidence is retrieved from storage, presented, and verified to resolve the dispute.

([[Fair Use]] [[Source]]: [[RFC 4949])

non-repudiation with proof of origin

(I) A security service that provides the recipient of data with evidence that proves the origin of the data, and thus protects the recipient against an attempt by the originator to falsely deny sending the data. (See: non-repudiation service.)

Tutorial: This service is a strong version of data origin authentication service. This service can not only verify the id[[entity of a system entity that is the original source of received data; it can also provide proof of that id[[entity to a third party.

Shirey Informational Page 201]

RFC 4949 Internet Security Glossary, Version 2 August 2007

([[Fair Use]] [[Source]]: [[RFC 4949])

non-repudiation with proof of receipt

(I) A security service that provides the originator of data with evidence that proves the data was received as addressed, and thus protects the originator against an attempt by the recipient to falsely deny receiving the data. (See: non-repudiation service.)

([[Fair Use]] [[Source]]: [[RFC 4949])

non-volatile media

(I) Storage media that, once written into, provide stable storage of information without an external power supply. (Compare: permanent storage, volatile media.)

([[Fair Use]] [[Source]]: [[RFC 4949])

NORA

(O) See: no-PIN ORA.

([[Fair Use]] [[Source]]: [[RFC 4949])

notarization

(I) Registration of data under the authority or in the care of a trusted third party, thus making it possible to provide subsequent assurance of the accuracy of characteristics claimed for the data, such as content, origin, time of existence, and delivery. [I7498-2] (See: digital notary.)

([[Fair Use]] [[Source]]: [[RFC 4949])

NRIC

(N) See: Network Reliability and Interoperability Council.

([[Fair Use]] [[Source]]: [[RFC 4949])

NSA

(N) See: National Security Agency

([[Fair Use]] [[Source]]: [[RFC 4949])

null

(N) /encryption/ “Dummy letter, letter symbol, or code group inserted into an encrypted message to delay or prevent its decryption or to complete encrypted groups for transmission or transmission security purposes.” [C4009]

([[Fair Use]] [[Source]]: [[RFC 4949])

NULL encryption algorithm

(I) An algorithm [R2410] that is specified as doing nothing to transform plain text data; i.e., a no-op. It originated because ESP always specifies the use of an encryption algorithm for confidentiality. The NULL encryption algorithm is a convenient way to represent the option of not applying encryption in ESP (or in any other context where a no-op is needed). (Compare: null.)

Fair Use Sources

Fair Use Sources:

RFC 4949 Internet Security Glossary

Access Control, Access Control List, Access Management, Account Lockout, Account Takeover, Active Defense, Active Directory Security, Active Scanning, Advanced Encryption Standard, Advanced Persistent Threat, Adversarial Machine Learning, Adware, Air Gap, Algorithmic Security, Anomaly Detection, Anti-Malware, Antivirus Software, Anti-Spyware, Application Blacklisting, Application Layer Security, Application Security, Application Whitelisting, Arbitrary Code Execution, Artificial Intelligence Security, Asset Discovery, Asset Management, Asymmetric Encryption, Asymmetric Key Cryptography, Attack Chain, Attack Simulation, Attack Surface, Attack Vector, Attribute-Based Access Control, Audit Logging, Audit Trail, Authentication, Authentication Protocol, Authentication Token, Authorization, Automated Threat Detection, AutoRun Malware, Backdoor, Backup and Recovery, Baseline Configuration, Behavioral Analysis, Behavioral Biometrics, Behavioral Monitoring, Biometric Authentication, Black Hat Hacker, Black Hat Hacking, Blacklisting, Blockchain Security, Blue Team, Boot Sector Virus, Botnet, Botnet Detection, Boundary Protection, Brute Force Attack, Brute Force Protection, Buffer Overflow, Buffer Overflow Attack, Bug Bounty Program, Business Continuity Plan, Business Email Compromise, BYOD Security, Cache Poisoning, CAPTCHA Security, Certificate Authority, Certificate Pinning, Chain of Custody, Challenge-Response Authentication, Challenge-Handshake Authentication Protocol, Chief Information Security Officer, Cipher Block Chaining, Cipher Suite, Ciphertext, Circuit-Level Gateway, Clickjacking, Cloud Access Security Broker, Cloud Encryption, Cloud Security, Cloud Security Alliance, Cloud Security Posture Management, Code Injection, Code Review, Code Signing, Cold Boot Attack, Command Injection, Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Compromised Account, Computer Emergency Response Team, Computer Forensics, Computer Security Incident Response Team, Confidentiality, Confidentiality Agreement, Configuration Baseline, Configuration Management, Content Filtering, Continuous Monitoring, Cross-Site Request Forgery, Cross-Site Request Forgery Protection, Cross-Site Scripting, Cross-Site Scripting Protection, Cross-Platform Malware, Cryptanalysis, Cryptanalysis Attack, Cryptographic Algorithm, Cryptographic Hash Function, Cryptographic Key, Cryptography, Cryptojacking, Cyber Attack, Cyber Deception, Cyber Defense, Cyber Espionage, Cyber Hygiene, Cyber Insurance, Cyber Kill Chain, Cyber Resilience, Cyber Terrorism, Cyber Threat, Cyber Threat Intelligence, Cyber Threat Intelligence Sharing, Cyber Warfare, Cybersecurity, Cybersecurity Awareness, Cybersecurity Awareness Training, Cybersecurity Compliance, Cybersecurity Framework, Cybersecurity Incident, Cybersecurity Incident Response, Cybersecurity Insurance, Cybersecurity Maturity Model, Cybersecurity Policy, Cybersecurity Risk, Cybersecurity Risk Assessment, Cybersecurity Strategy, Dark Web Monitoring, Data at Rest Encryption, Data Breach, Data Breach Notification, Data Classification, Data Encryption, Data Encryption Standard, Data Exfiltration, Data Governance, Data Integrity, Data Leakage Prevention, Data Loss Prevention, Data Masking, Data Mining Attacks, Data Privacy, Data Protection, Data Retention Policy, Data Sanitization, Data Security, Data Wiping, Deauthentication Attack, Decryption, Decryption Key, Deep Packet Inspection, Defense in Depth, Defense-in-Depth Strategy, Deidentification, Demilitarized Zone, Denial of Service Attack, Denial-of-Service Attack, Device Fingerprinting, Dictionary Attack, Digital Certificate, Digital Certificate Management, Digital Forensics, Digital Forensics and Incident Response, Digital Rights Management, Digital Signature, Disaster Recovery, Disaster Recovery Plan, Distributed Denial of Service Attack, Distributed Denial-of-Service Attack, Distributed Denial-of-Service Mitigation, DNS Amplification Attack, DNS Poisoning, DNS Security Extensions, DNS Spoofing, Domain Hijacking, Domain Name System Security, Drive Encryption, Drive-by Download, Dumpster Diving, Dynamic Analysis, Dynamic Code Analysis, Dynamic Data Exchange Exploits, Eavesdropping, Eavesdropping Attack, Edge Security, Email Encryption, Email Security, Email Spoofing, Embedded Systems Security, Employee Awareness Training, Encapsulation Security Payload, Encryption, Encryption Algorithm, Encryption Key, Endpoint Detection and Response, Endpoint Protection Platform, Endpoint Security, Enterprise Mobility Management, Ethical Hacking, Ethical Hacking Techniques, Event Correlation, Event Logging, Exploit, Exploit Development, Exploit Framework, Exploit Kit, Exploit Prevention, Exposure, Extended Detection and Response, Extended Validation Certificate, External Threats, False Negative, False Positive, File Integrity Monitoring, File Transfer Protocol Security, Fileless Malware, Firmware Analysis, Firmware Security, Firewall, Firewall Rules, Forensic Analysis, Forensic Investigation, Formal Methods in Security, Formal Verification, Fraud Detection, Full Disk Encryption, Fuzz Testing, Fuzz Testing Techniques, Gateway Security, General Data Protection Regulation, General Data Protection Regulation Compliance, Governance Risk Compliance, Governance, Risk, and Compliance, Gray Hat Hacker, Gray Hat Hacking, Group Policy, Group Policy Management, Hacker, Hacking, Hardware Security Module, Hash Collision Attack, Hash Function, Hashing, Health Insurance Portability and Accountability Act, Health Insurance Portability and Accountability Act Compliance, Heartbleed Vulnerability, Heuristic Analysis, Heuristic Detection, High-Availability Clustering, Honeynet, Honeypot, Honeypot Detection, Host-Based Intrusion Detection System, Host Intrusion Prevention System, Host-Based Intrusion Prevention System, Hypervisor Security, Identity and Access Management, Identity Theft, Incident Handling, Incident Response, Incident Response Plan, Incident Response Team, Industrial Control Systems Security, Information Assurance, Information Security, Information Security Management System, Information Security Policy, Information Systems Security Engineering, Insider Threat, Integrity, Intellectual Property Theft, Interactive Application Security Testing, Internet of Things Security, Intrusion Detection System, Intrusion Prevention System, IP Spoofing, ISO 27001, IT Security Governance, Jailbreaking, JavaScript Injection, Juice Jacking, Key Escrow, Key Exchange, Key Management, Keylogger, Kill Chain, Knowledge-Based Authentication, Lateral Movement, Layered Security, Least Privilege, Lightweight Directory Access Protocol, Log Analysis, Log Management, Logic Bomb, Macro Virus, Malicious Code, Malicious Insider, Malicious Software, Malvertising, Malware, Malware Analysis, Man-in-the-Middle Attack, Mandatory Access Control, Mandatory Vacation Policy, Mass Assignment Vulnerability, Media Access Control Filtering, Message Authentication Code, Mobile Device Management, Multi-Factor Authentication, Multifunction Device Security, National Institute of Standards and Technology, Network Access Control, Network Security, Network Security Monitoring, Network Segmentation, Network Tap, Non-Repudiation, Obfuscation Techniques, Offensive Security, Open Authorization, Open Web Application Security Project, Operating System Hardening, Operational Technology Security, Packet Filtering, Packet Sniffing, Pass the Hash Attack, Password Cracking, Password Policy, Patch Management, Penetration Testing, Penetration Testing Execution Standard, Perfect Forward Secrecy, Peripheral Device Security, Pharming, Phishing, Physical Security, Piggybacking, Plaintext, Point-to-Point Encryption, Policy Enforcement, Polymorphic Malware, Port Knocking, Port Scanning, Post-Exploitation, Pretexting, Preventive Controls, Privacy Impact Assessment, Privacy Policy, Privilege Escalation, Privilege Management, Privileged Access Management, Procedure Masking, Proactive Threat Hunting, Protected Health Information, Protected Information, Protection Profile, Proxy Server, Public Key Cryptography, Public Key Infrastructure, Purple Teaming, Quantum Cryptography, Quantum Key Distribution, Ransomware, Ransomware Attack, Red Teaming, Redundant Array of Independent Disks, Remote Access, Remote Access Trojan, Remote Code Execution, Replay Attack, Reverse Engineering, Risk Analysis, Risk Assessment, Risk Management, Risk Mitigation, Role-Based Access Control, Root of Trust, Rootkit, Salami Attack, Sandbox, Sandboxing, Secure Coding, Secure File Transfer Protocol, Secure Hash Algorithm, Secure Multipurpose Internet Mail Extensions, Secure Shell Protocol, Secure Socket Layer, Secure Sockets Layer, Secure Software Development Life Cycle, Security Assertion Markup Language, Security Audit, Security Awareness Training, Security Breach, Security Controls, Security Event Management, Security Governance, Security Incident, Security Incident Response, Security Information and Event Management, Security Monitoring, Security Operations Center, Security Orchestration, Security Policy, Security Posture, Security Token, Security Vulnerability, Segmentation, Session Fixation, Session Hijacking, Shoulder Surfing, Signature-Based Detection, Single Sign-On, Skimming, Smishing, Sniffing, Social Engineering, Social Engineering Attack, Software Bill of Materials, Software Composition Analysis, Software Exploit, Software Security, Spear Phishing, Spoofing, Spyware, SQL Injection, Steganography, Supply Chain Attack, Supply Chain Security, Symmetric Encryption, Symmetric Key Cryptography, System Hardening, System Integrity, Tabletop Exercise, Tailgating, Threat Actor, Threat Assessment, Threat Hunting, Threat Intelligence, Threat Modeling, Ticket Granting Ticket, Time-Based One-Time Password, Tokenization, Traffic Analysis, Transport Layer Security, Transport Security Layer, Trapdoor, Trojan Horse, Two-Factor Authentication, Two-Person Control, Typosquatting, Unauthorized Access, Unified Threat Management, User Behavior Analytics, User Rights Management, Virtual Private Network, Virus, Vishing, Vulnerability, Vulnerability Assessment, Vulnerability Disclosure, Vulnerability Management, Vulnerability Scanning, Watering Hole Attack, Whaling, White Hat Hacker, White Hat Hacking, Whitelisting, Wi-Fi Protected Access, Wi-Fi Security, Wi-Fi Protected Setup, Worm, Zero-Day Exploit, Zero Trust Security, Zombie Computer

Cybersecurity: DevSecOps - Security Automation, Cloud Security - Cloud Native Security (AWS Security - Azure Security - GCP Security - IBM Cloud Security - Oracle Cloud Security, Container Security, Docker Security, Podman Security, Kubernetes Security, Google Anthos Security, Red Hat OpenShift Security); CIA Triad (Confidentiality - Integrity - Availability, Authorization - OAuth, Identity and Access Management (IAM), JVM Security (Java Security, Spring Security, Micronaut Security, Quarkus Security, Helidon Security, MicroProfile Security, Dropwizard Security, Vert.x Security, Play Framework Security, Akka Security, Ratpack Security, Netty Security, Spark Framework Security, Kotlin Security - Ktor Security, Scala Security, Clojure Security, Groovy Security;

, JavaScript Security, HTML Security, HTTP Security - HTTPS Security - SSL Security - TLS Security, CSS Security - Bootstrap Security - Tailwind Security, Web Storage API Security (localStorage Security, sessionStorage Security), Cookie Security, IndexedDB Security, TypeScript Security, Node.js Security, NPM Security, Deno Security, Express.js Security, React Security, Angular Security, Vue.js Security, Next.js Security, Remix.js Security, PWA Security, SPA Security, Svelts.js Security, Ionic Security, Web Components Security, Nuxt.js Security, Z Security, htmx Security

Python Security - Django Security - Flask Security - Pandas Security,

Programming Language Security ((1. Python Security, 2. JavaScript Security, 3. Java Security, 4. C Sharp Security | Security, 5. CPP Security | C++ Security, 6. PHP Security, 7. TypeScript Security, 8. Ruby Security, 9. C Security, 10. Swift Security, 11. R Security, 12. Objective-C Security, 13. Scala Security, 14. Golang Security, 15. Kotlin Security, 16. Rust Security, 17. Dart Security, 18. Lua Security, 19. Perl Security, 20. Haskell Security, 21. Julia Security, 22. Clojure Security, 23. Elixir Security, 24. F Sharp Security | Security, 25. Assembly Language Security, 26. Shell Script Security / bash Security, 27. SQL Security, 28. Groovy Security, 29. PowerShell Security, 30. MATLAB Security, 31. VBA Security, 32. Racket Security, 33. Scheme Security, 34. Prolog Security, 35. Erlang Security, 36. Ada Security, 37. Fortran Security, 38. COBOL Security, 39. Lua Security, 40. VB.NET Security, 41. Lisp Security, 42. SAS Security, 43. D Security, 44. LabVIEW Security, 45. PL/SQL Security, 46. Delphi/Object Pascal Security, 47. ColdFusion Security, 49. CLIST Security, 50. REXX);

OS Security, Mobile Security: Android Security - Kotlin Security - Java Security, iOS Security - Swift Security; Windows Security - Windows Server Security, Linux Security (Ubuntu Security, Debian Security, RHEL Security, Fedora Security), UNIX Security (FreeBSD Security), IBM z Mainframe Security (RACF Security), Passwords (Windows Passwords, Linux Passwords, FreeBSD Passwords, Android Passwords, iOS Passwords, macOS Passwords, IBM z/OS Passwords), Password alternatives (Passwordless, Personal Access Token (PAT), GitHub Personal Access Token (PAT), Passkeys), Hacking (Ethical Hacking, White Hat, Black Hat, Grey Hat), Pentesting (Red Team - Blue Team - Purple Team), Cybersecurity Certifications (CEH, GIAC, CISM, CompTIA Security Plus, CISSP), Mitre Framework, Common Vulnerabilities and Exposures (CVE), Cybersecurity Bibliography, Cybersecurity Courses, Firewalls, CI/CD Security (GitHub Actions Security, Azure DevOps Security, Jenkins Security, Circle CI Security), Functional Programming and Cybersecurity, Cybersecurity and Concurrency, Cybersecurity and Data Science - Cybersecurity and Databases, Cybersecurity and Machine Learning, Cybersecurity Glossary (RFC 4949 Internet Security Glossary), Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics (navbar_security - see also navbar_aws_security, navbar_azure_security, navbar_gcp_security, navbar_k8s_security, navbar_docker_security, navbar_podman_security, navbar_mainframe_security, navbar_ibm_cloud_security, navbar_oracle_cloud_security, navbar_database_security, navbar_windows_security, navbar_linux_security, navbar_macos_security, navbar_android_security, navbar_ios_security, navbar_os_security, navbar_firewalls, navbar_encryption, navbar_passwords, navbar_iam, navbar_pentesting, navbar_privacy, navbar_rfc)

Request for Comments (RFC): List of RFCs, GitHub RFCs, Awesome RFCs, (navbar_rfc - see also navbar_network_security, navbar_security, navbar_networking)

SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.

Table of Contents

RFC 4949 Internet Security Glossary Definitions N

Fair Use Sources