Definition[]
Actual state is
“ | [t]he observable state or behavior of an assessment object (device, software, person, credential, account, etc.) at the point in time when the collector generates security-related information. In particular, the actual state includes the states or behaviors that might indicate the presence of security defects.[1] | ” |
References[]
- ↑ NISTIR 8011, Vol. 1, at B-1.