NCSAM 22

4. An unauthorized user who attempts to or gains access to an information system.
8. A type of malicious software designed to block access to a computer system until a sum of money is paid.
9. The potential for an unwanted or adverse outcome resulting from an incident, event, or occurrence, as determined by the likelihood that a particular threat will exploit a particular vulnerability, with the associated consequences.
11. An occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system processes, stores, or transmits and that may require a response action to mitigate the consequences.
13. The assurance that the confidentiality of, and access to, certain information about an entity is protected.

1. A digital form of social engineering to deceive individuals into providing sensitive information.
2. A capability to limit network traffic between networks and/or information systems.
3. A colloquial term for penetration test or penetration testing.
5. The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation.
6. Software that compromises the operation of a system by performing an unauthorized function or process.
7. A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.
10. A circumstance or event that has or indicates the potential to exploit vulnerabilities and to adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or society.
12. The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication.