B(s) Flashcards
Backdoor
A shortcut in a system that allows a user to bypass security checks
Background checks
Verification of a person’s background and experience, also called a pre-employment screening
Backward chaining
Expert system mode that starts with begins with a premise, and works backwards
Baseband
Network with one channel; can only send one signal at a time
Baseline
Uniform ways to implement a safeguard,administrative control
Baselining
The process of capturing a point in time understanding of the current system security configuration
BIOS
Basic Input Output System, typically stored in firmware
BRI
Basic Rate Interface, provides two 64 K digital ISDN channels
Bastion host
Any host placed on the internet that is not protected by another device
Bayesian filtering
Uses mathematical formulas to assign probabilities to make decisions such as identifying spam
BCI
The business continuity Institute
BCP
Business Continuity Plan. A long-term plan to ensure the continuity of business operations
BCP/DRP project manager
The key point of contact for ensuring that a BCP/DRP is not only completed, but also routinely tested
Bell-LaPadula
Security model focused on maintaining the confidentiality of objects
Best evidence rule
Requires use of the strongest possible evidence
Best practice
A consensus of the best way to protect the confidentiality, integrity and availability of assets
BGP
Border Gateway Protocol, the routing protocol used on the Internet
Biba
Security model focused on maintaining the integrity of of objects
Big Bang testing
Integration testing that tests all integrated software components
Binary image
Bit-level copy of memory
Black box software testing
Gives the tester no internal details: the software is treated as a black box that receives inputs
Black hat
Unethical hacker or researcher
Blowfish
Block cipher using from 32 through 448 bit (the default is 128) keys to encrypt 64 bit of data
Bluetooth
802.15 networking, a PAN wireless technology
Bollard
A post designed to stop a car, typically deployed in front of building entrances
Book cipher
Cryptographic method that uses whole words from a well-known text such as a dictionary as a one-to-one replacement for plaintext
Boot sector virus
Virus that infects the boot sector of a PC, which ensures the virus loads upon system startup
BOOTP
Bootstrap protocol, used for bootstrapping via a network by diskless systems
Bot
A computer system running malware that is controlled via a botnet
Botnet
A central bot command and control (C&C) Network, managed by humans called bot herders
Bottom-Up programming
Starts with the low-level technical implementation details and works up to the concept of the complete program
Breach notification
Notification of persons whose personal data has been, or is like to have been compromised
Brewer-Nash
Or (Chinese wall model) model designed to avoid conflicts of interest by prohibiting one person, like a consultant, from accessing multiple conflict of interest categories (CoIs)
Bridge
Layer 2 device that has two ports and connects network segments together
Broadband
Network with multiple channels; can send multiple signals at a time, like cable TV
Broadcast
Traffic that is sent to all stations in a LAN
BRP
Business Recovery Plan, details the steps required to restore normal business operations after a recovering from a disruptive event. Also known as the Business Resumption Plan
Brute force attack
Attack that attempts every possible key or combination
BS-25999
Continuity standard by the British Standards Institute (BSI)
Buffer overflow
Condition where an attacker can insert data beyond the end of a buffer variable
Bus
Physical network topology that connects network nodes in a string
Business interruption testing
Partial or complete failover to an alternate site
Business Owners
Also called Mission Owners, members of senior management who create the information security program and ensure that is properly staffed, funded, and has organizational priority
Bytecode
Machine-independent code, used by Java