→
DFIR
| Term | Meaning |
|---|---|
| Image / Image file | A raw copy of original hardware (HDD, SSD, SD, USB). |
| Actioncard | A short, descriptive way of approaching a task, aligned with management expectations. |
| CTF | Capture The Flag — a challenge to find hidden treasures. |
| CoC | Chain of Custody — documenting when and how evidence changes hands. |
| DD | Data Duplication — an uncompressed image file format. |
| DFIR | Digital Forensics and Incident Response. |
| E01 | EnCase image file (raw drive data); compressed or uncompressed. |
| Forensics | A scientific way of finding the truth of what happened. |
| Live Image Boot | Bootable drive (e.g. CAINE, Paladin) for acquisition where hardware can't be removed. |
| Live triage | Triage and acquisition from a running system. |
| Playbook | A guided way of approaching a problem (see also actioncards). |
| Triage / SWB / WB | Quick pre-analysis · Software Write-Blocker · Write-Blocker. |
→
Governance
| Term | Meaning |
|---|---|
| BCP | Business Continuity Plan (a.k.a. contingency / beredskabsplan). |
| CB | Certification Body — responsible for e.g. ISO certification. |
| CMMC | Cybersecurity Maturity Model Certification. |
| FUD | Fear, Uncertainty and Doubt. |
| GRC | Governance, Risk Management and Compliance. |
| Risk appetite | The level of risk an organisation is willing to accept. |
| PCI DSS | Payment Card Industry Data Security Standards. |
| TNO / ZT | Trust No One · Zero Trust — strict access control and encryption around your data. |