• Choose a category
• All
• Classic-Fiction

audit files Files that hold information about a resource’s access by users.

auditing The act of tracking resource usage by users.

auditors Individuals involved in auditing log and security files.

authenticating the evidence Verifying that the logs and other resources collected are legitimate. This technique can be useful in verifying that an attack has occurred.

authentication The means of verifying that someone is who they say they are.

Authentication Header (AH) A header used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays.

availability The ability of a resource to be accessed, often expressed as a time period. Many networks limit users’ ability to access network resources to working hours, as a security precaution.

B

back door (backdoor) An opening left in a program application (usually by the developer) that allows additional access to data. Typically, these are created for debugging purposes and aren’t documented. Before the product ships, the back doors are closed; when they aren’t closed, security loopholes exist.

Back Orifice Originally created as a support tool, it is now well known as an illicit server program that can be used to gain access to Windows NT/2000 servers and take control.

backup A usable copy of data made to media. Ideally, the backup is made to removable media and stored for recovery should anything happen to the original data.

backup plan A documented plan governing backup situations.

backup policy A written policy detailing the frequency of backups and the location of storage media.

Bell La-Padula model A model designed for the military to address the storage and protection of classified information. This model is specifically designed to prevent unauthorized access to classified information. The model prevents the user from accessing information that has a higher security rating than they are authorized to access. It also prevents information from being written to a lower level of security.

best practices A set of rules governing basic operations.

BGP See Border Gateway Protocol (BGP).

BIA See Business Impact Analysis (BIA).

Biba model A model similar in concept to the Bell La-Padula model but more concerned with information integrity (an area the Bell La-Padula model doesn’t address). In this model, there is no write up or read down. If you’re assigned access to top-secret information, you can’t read secret information or write to any level higher than the level to which you’re authorized. This model keeps higher-level information pure by preventing less-reliable information from being intermixed with it.

biometric device A device that can authenticate an individual based on a physical characteristic.

biometrics The science of identifying a person by using one or more of their features. The feature can be a thumbprint, a retinal scan, or any other biological trait.

BIOS The basic input/output system for an IBM-based PC. It is the firmware that allows the computer to boot.

birthday attack A probability method of finding collision in hash functions.

Blowfish A type of symmetric block cipher created by Bruce Schneier.

boot sector Also known as the Master Boot Record (MBR). The first sector of the hard disk, where the program that boots the operating system resides. It’s a popular target for viruses.

Border Gateway Protocol (BGP) An ISP protocol that allows routers to share information about routes with each other.

border router A router used to translate from LAN framing to WAN framing.

bot An automated software program that collects information on the Web. For example, the Googlebot collects website information for the Google index. Bots can be used for malicious purposes as well.

brute force attack A type of attack that relies purely on trial and error.

buffer overflow attack A type of denial of service (DoS) attack that occurs when more data is put into a buffer than it can hold, thereby overflowing it (as the name implies).

Business Continuity Planning (BCP)