Glossary B
Backdoor

Backdoor

An undocumented way of gaining access to computer system. A backdoor is a potential security risk. See CNSSI 4009-2015 (NIST SP 800-82 Rev. 1) and NIST SP ...

Read More

backup

Backup

A copy of files and programs made to facilitate recovery if necessary.See NIST SP 800-34 Rev. 1 under Backup and NISTIR 7621 Rev. 1 under Backup (NIST SP ...

Read More

Telnet

Banner Grabbing

The process of capturing banner information—such as application type and version— that is transmitted by a remote port when a connection is initiated. See NIST SP 800-115 for ...

Read More

Bare Metal Virtualization

Bare Metal Virtualization

A form of full virtualization where the hypervisor runs directly on the underlying hardware, without a host operating system. See NIST SP 800-125 under Bare metal virtualization for more information. 

Read More

Baseline

Baseline

Hardware, software, and relevant documentation for an information system at a given point in time. See CNSSI 4009-2015 for more information. Hardware, software, databases, and relevant documentation for an ...

Read More

Baseline-Configuration

Baseline Configuration

A documented set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on at ...

Read More

Baselining

Baselining

Monitoring resources to determine typical utilization patterns so that significant deviations can be detected.  See NIST SP 800-61 Rev. 2 for more information. 

Read More

Bastion-host

Bastion Host

A special purposecomputer on a network where the computer is specifically designed and configuredto withstand attacks.See CNSSI 4009-2015 for more information.

Read More

Bios

BIOS

In this publication, refers collectively to boot firmware based on the conventional BIOS, Extensible Firmware Interface (EFI), and the Unified Extensible Firmware Interface (UEFI). See NIST SP ...

Read More

Biometric

Biometric

Measurable physical characteristics or personal behavioral traits used to identify, or verify the claimed identity of, an individual. Facial images, fingerprints, and handwriting samples are ...

Read More

Black Box Testing

Black Box Testing

A method of software testing that examines the functionality of an application without peering into its internal structures or workings. This method of test can ...

Read More

Blacklist

Blacklist

A list of discrete entities, such as hosts or applications that have been previously determined to be associated with malicious activity. Also known as dirty ...

Read More

Blacklisting

Blacklisting

The process used to identify: (i) software programs that are not authorized to execute on an information system; or (ii) prohibited Universal Resource Locators (URL)/websites.See ...

Read More

Boundary Protection

Boundary Protection

Monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communications, through the use ...

Read More

Broadcast

Broadcast

Transmission to all devices in a network without any acknowledgment by the receivers. See  NIST SP 800-82 Rev. 2 (IEC/PAS 62410) for more information. 

Read More

Bluetooth

Bluetooth

A wireless protocol that allows two Bluetooth enabled devices to communicate with each other within a short distance (e.g., 30 ft.).See  NIST SP 800-72 for ...

Read More

Brute Force Password Attack

Brute Force Password Attack

A method of accessing an obstructed device through attempting multiple combinations of numeric/alphanumeric passwords. See NIST SP 800-72 and NIST SP 800-101 Rev. 1 for more information. 

Read More

Buffer Overflow

Buffer Overflow

A condition at an interface under which more input can be placedinto a buffer or data holding area than the capacity allocated, overwritingother information. Adversaries ...

Read More

Buffer Overflow Attack

Buffer Overflow Attack

A method of overloading a predefined amount of space in a buffer, which can potentially overwrite and corrupt memory in data.  See NIST SP 800-72 for more information. A ...

Read More