| (I) A security event that involves a security violation. (See:
CERT, GRIP, security event, security intrusion, security
violation.)
(C) In other words, a security-relevant system event in which the
system's security policy is disobeyed or otherwise breached.
(O) "Any adverse event which compromises some aspect of computer
or network security." [R2350]
(D) ISDs SHOULD NOT use this "O" definition because (a) a security
incident may occur without actually being harmful (i.e., adverse)
and (b) this Glossary defines "compromise" more narrowly in
relation to unauthorized access.
|
