Glossary: B Flashcards
back door
A hidden capability in a system or program for bypassing normal computer authentication systems. A back door can be purposeful or the result of malware or other attack.
banner grabbing
An enumeration technique used to provide information about a computer system; generally used for operating system identification (also known as fingerprinting).
baseline
A point of reference used to mark an initial state in order to manage change.
bastion host
A computer placed outside a firewall to provide public services to other Internet sites and hardened to resist external attacks.
biometrics
A measurable, physical characteristic used to recognize the identity, to verify the claimed identity, of an applicant. Facial images, fingerprints, and handwriting samples are all examples of biometrics.
bit flipping
A cryptographic attack where bits are manipulated in the ciphertext to generate a predictable outcome in the plain text once it is decrypted.
black hat
An attacker who breaks into computer systems with malicious intent, without the owner’s knowledge or permission.
black-box testing
In penetration testing, a method of testing the security of a system or subnet without any previous knowledge of the device or network. It is designed to simulate an attack by an outside intruder (usually from the Internet).
block cipher
A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm, the length of the input block is the same as the length of the output block.
Blowfish
A symmetric, block-cipher data-encryption standard that uses a variable-length key that can range from 32 bits to 448 bits.
BlueBorne attack
An amalgamation of techniques and attacks against known, already existing Bluetooth vulnerabilities.
Bluejacking
Sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile devices, tablets, and laptop computers.
Bluesnarfing
Unauthorized access to information such as calendars, contact lists, e-mails, and text messages on a wireless device through a Bluetooth connection.
Bluetooth
A proprietary, open, wireless technology used for transferring data from fixed and mobile devices over short distances.
boot sector virus
A virus that plants itself in a system’s boot sector and infects the master boot record.
brute-force password attack
A method of password cracking whereby all possible options are systematically enumerated until a match is found. These attacks try every password (or authentication option), one after another, until successful. Brute-force attacks take a long time to work and are easily detectable.
buffer
A portion of memory used to temporarily store output or input data.
buffer overflow
A condition that occurs when more data is written to a buffer than it has space to store, which results in data corruption or other system errors. This is usually because of insufficient bounds checking, a bug, or improper configuration in the program code.
bug
A software or hardware defect that often results in system vulnerabilities.
business continuity plan (BCP)
A set of plans and procedures to follow in the event of a failure or a disaster– security related or not– to get business services back up and running. BCPs include a disaster recovery plan (DRP) that addresses exactly what to do to recover any lost data or services.
business impact analysis (BIA)
An organized process to gauge the potential effects of an interruption to critical business operations as a result of a disaster, accident, or emergency.
