Appendix A List of Acronyms¶
2FA |
Multifactor Authentication |
ACC |
Administration Control Center |
CentOS |
Community Enterprise Operating System |
CLI |
Command Line Interface |
CNSSI |
Committee on National Security Systems Instruction |
CPU |
Central Processing Unit |
CRADA |
Cooperative Research and Development Agreement |
DNS |
Domain Name System |
FIPS |
Federal Information Processing Standards |
FQDN |
Fully Qualified Domain Name |
GB |
Gigabyte |
GUI |
Graphical User Interface |
IP |
Internet Protocol |
IT |
Information Technology |
LAN |
Local Area Network |
MDU |
Mobile Data Unit |
NAT |
Network Address Translation |
NCCoE |
National Cybersecurity Center of Excellence |
NIST |
National Institute of Standards and Technology |
NTP |
Network Time Protocol |
OS |
Operating System |
PCI |
Payment Card Industry |
PHP |
Hypertext Preprocessor |
PMS |
Property Management System |
RDP |
Remote Desktop Protocol |
SAKA |
StrongAuth KeyAppliance |
SP |
Special Publication |
SSH |
Secure Shell |
SSL |
Secure Sockets Layer |
TCP |
Transport Control Protocol |
UDP |
User Datagram Protocol |
VLAN |
Virtual Local Area Network |
VM |
Virtual Machine |
VNC |
Virtual Network Computing |
ZTA |
Zero Trust Architecture |
Appendix B Glossary¶
Access Control |
The process of granting or denying specific requests: 1) for obtaining and using information and related information processing services; and 2) to enter specific physical facilities (e.g., Federal buildings, military establishments, and border crossing entrances). SOURCE: Committee on National Security Systems Instruction (CNSSI) 4009-2015 |
Architecture |
the design of the network of the hotel environment and the components that are used to construct it |
Authentication |
The process of verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. SOURCE: Federal Information Processing Standards (FIPS) 200 |
Authorization |
The right or a permission that is granted to a system entity to access a system resource. SOURCE: National Institute of Standards and Technology (NIST) Special Publication (SP) 800-82 Rev. 2 |
Certificate Revocation List |
A list maintained by a Certification Authority of the certificates which it has issued that are revoked prior to their stated expiration date. SOURCE: NIST SP 800-32 |
Configuration |
The possible conditions, parameters, and specifications with which an information system or system component can be described or arranged. SOURCE: NIST SP 800-128 |
Console |
a visually oriented input and output device used to interact with a computational resource |
Firewall |
A part of a computer system or network that is designed to block unauthorized access while permitting outward communication. SOURCE: NIST SP 800-152 |
Fully Qualified Domain Name |
an unambiguous identifier that contains every domain level, including the top-level domain |
Information Security |
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. SOURCE: FIPS 200 |
Multifactor Authentication |
Authentication using two or more factors to achieve authentication. Factors include: (i) something you know (e.g., password/personal identification number [PIN]); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric). SOURCE: CNSSI 4009-2015 |
Privilege |
A right granted to an individual, a program, or a process. SOURCE: CNSSI 4009-2015 |
Security Control |
A safeguard or countermeasure prescribed for an information system or an organization designed to protect the confidentiality, integrity, and availability of its information and to meet a set of defined security requirements. SOURCE: NIST SP 800-161 |
Wi-Fi |
A generic term that refers to a wireless local area network that observes the IEEE 802.11 protocol. SOURCE: NIST Interagency or Internal Report 725 |