Radio Frequency Interference (RFI): Electrical noise caused by electrical components, such as fluorescent lighting and electric cables.
Real (or physical) evidence: Tangible objects from the actual crime, such as the tools or weapons used and any stolen or damaged property.
Recovery controls: Control that restore systems and information.
Recovery Point Objective (RPO): The maximum period of time in which data may be lost of a disaster occurs.
Recovery Time Objective (RTO): The period of time in which data may be lost if a disaster occurs.
Reduction-Instruction-Set-Computing (RISC): A microprocessor instruction set architecture that utilizes a smaller and simpler instruction set than CISC which make RISC more efficient that CISC.
Redundancy: Multiple systems, nodes, or network paths that provide the same functionality for resiliency and availability in the event of failure.
Reference Monitor: An abstract machine (A theoretical model for a computer system or software program) that mediates all access to an object by a subject.
Registration Authority (RA): In a PKI, The RA is responsible for verifying certificate contents for the CA.
Remote Access Service (RAS): A remote access protocol typically used over dial-up facilities.
Remote Authentication Dial-IN Users Service (RADIUS): An Open-Source, User Datagram Protocol (UDP) based client-server protocol used to authenticate remote users.
Remote Backup: A backup operation where the Target backup Media is located in a remote location.
Replication: The process of copying data transactions from one system to another.
Repository: In a PKI infrastructure, a repository is a system that accepts certificates and Certificate Revocation Lists (CRLs) from a CA an distributes them to authorized parties.
Reverse Address Resolution Protocol (RARP): A protocol used by diskless workstations to query and discover their own IP addresses.
Rijindael: The Encryption algorithm used by the AES.
Ring: A network topology in which in all devices are connected to a closed loop.
Risk Acceptance: Accepting the loss associated with a potential risk.
Risk analysis: A method used to identify and assess threats and vulnerabilities in a business, process, system, or activity.
Risk Assignment (or transference): Transferring the potential loss associated with a risk to a third party, such as an insurance company.
Risk Mitigation: Reducing the risk to a level that’s acceptable to an organization.
Risk reduction: Mitigating risk by implementing the necessary security controls, policies, and procedures to protect an asset.
Rivest, Shamir, Adleman (RSA): A key transport algorithm based on the difficulty of factoring a number that’s the product of two large prime numbers.
Role-Based Access Control (RBAC): A method for implementing discretionary access controls in which access decision are based on group memberships according to organizational or functional roles.
Router: A network device that forwards packets among dissimilar network.
Rule-Based access control: A method for applying mandatory access control by matching an object’s sensitivity label to determine whether access should be granted or denied.