Glossary
Back-haul
In a hierarchical telecommunications network the backhaul portion of the network comprises the intermediate links between the core network, or backbone network and the small subnetworks at the "edge" of the entire hierarchical network.
SOURCE: WIKIPEDIA
Backdoor (NIST)
Typically unauthorized hidden software or hardware mechanism used to circumvent security controls.
SOURCE: CNSSI-4009
An undocumented way of gaining access to a computer system. A backdoor is a potential security risk.
SOURCE: SP 800-82
A malicious program that listens for commands on a certain Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port.
SOURCE: GUIDE TO MALWARE INCIDENT PREVENTION AND HANDLING FOR DESKTOPS AND LAPTOPS
Backtracking Resistance (NIST)
Backtracking resistance is provided relative to time T if there is assurance that an adversary who has knowledge of the internal state of the Deterministic Random Bit Generator (DRBG) at some time subsequent to time T would be unable to distinguish between observations of ideal random bitstrings and (previously unseen) bitstrings that were output by the DRBG prior to time T. The complementary assurance is called Prediction Resistance.
SOURCE: SP 800-90A
Bandwidth
Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second
Banner
The information that is displayed to a remote user trying to connect to a service. This may include version information, system information, or a warning about authorized use
Banner Grabbing (NIST)
The process of capturing banner information—such as application type and version—that is transmitted by a remote port when a connection is initiated.
SOURCE: SP 800-115
Baseline (NIST)
Hardware, software, databases, and relevant documentation for an information system at a given point in time.
SOURCE: CNSSI-4009
Baseline Assessment
An interim compliance validation assessment performed by a QSA to determine the PCI Security compliance status.
SOURCE: VERIZON PCI SECURITY
Baseline Configuration (NIST)
A set of specifications for a system, or Configuration Item (CI) within a system, that has been formally reviewed and agreed on at a given point in time, and which can be changed only through change control procedures. The baseline configuration is used as a basis for future builds, releases, and/or changes.
SOURCE: SP 800-128
Baseline Security (NIST)
The minimum security controls required for safeguarding an IT system based on its identified needs for confidentiality, integrity, and/or availability protection.
SOURCE: SP 800-16
Baselining (NIST)
Monitoring resources to determine typical utilization patterns so that significant deviations can be detected.
SOURCE: SP 800-61
Basic Authentication
The simplest web-based authentication scheme that works by sending the username and password with each request
Basic Testing (NIST)
A test methodology that assumes no knowledge of the internal structure and implementation detail of the assessment object. Also known as black box testing.
SOURCE: SP 800-53A
Bastion Host (NIST)
A special-purpose computer on a network specifically designed and configured to withstand attacks.
SOURCE: CNSSI-4009
Behavioral Outcome (NIST)
What an individual who has completed the specific training module is expected to be able to accomplish in terms of IT security-related job performance.
SOURCE: SP 800-16
Benign Environment (NIST)
A non-hostile location protected from external hostile elements by physical, personnel, and procedural security countermeasures.
SOURCE: CNSSI-4009
Best Practice
A proven activity or process that has been successfully used by multiple enterprises.
BillPort System
AZNet’s invoicing tool used to generate monthly invoices, in a Graphical User Interface (GUI) format, for telecommunications services provided to state agencies.
Binding (NIST)
Process of associating two related elements of information.
SOURCE: SP 800-32
An acknowledgement by a trusted third party that associates an entity’s identity with its public key. This may take place through (1) a certification authority’s generation of a public key certificate, (2) a security officer’s verification of an entity’s credentials and placement of the entity’s public key and identifier in a secure database, or (3) an
analogous method.
SOURCE: SP 800-21
Process of associating a specific communications terminal with a specific cryptographic key or associating two related elements of information.
SOURCE: CNSSI-4009
Biometric (NIST)
A physical or behavioral characteristic of a human being.
SOURCE: SP 800-32
A measurable physical characteristic or personal behavioral trait used to recognize the identity, or verify the claimed identity, of an applicant. Facial images, fingerprints, and iris scan samples are all examples of biometrics.
SOURCE: FIPS 201
Biometric Information (NIST)
The stored electronic information pertaining to a biometric. This information can be in terms of raw or compressed pixels or in terms of some characteristic (e.g., patterns.)
SOURCE: FIPS 201
Biometric System (NIST)
An automated system capable of:
1) capturing a biometric sample from an end user;
2) extracting biometric data from that sample;
3) comparing the extracted biometric data with data contained in one or more references;
4) deciding how well they match; and
5) indicating whether or not an identification or verification of identity has been achieved.
SOURCE: FIPS 201
Biometrics (NIST)
Measurable physical characteristics or personal behavioral traits used to identify, or verify the claimed identity, of an individual. Facial images, fingerprints, and handwriting samples are all examples of biometrics.
SOURCE: CNSSI-4009
Bit (NIST)
A contraction of the term Binary Digit. The smallest unit of information in a binary system of notation.
SOURCE: CNSSI-4009
A binary digit having a value of 0 or 1.
SOURCE: FIPS 180-4
Bit Error Rate (NIST)
Ratio between the number of bits incorrectly received and the total number of bits transmitted in a telecommunications system.
SOURCE: CNSSI-4009
BLACK (NIST)
Designation applied to encrypted information and the information systems, the associated areas, circuits, components, and equipment processing that information.
SOURCE: CNSSI-4009
Black Box Testing (NIST)
See Basic Testing
Black Core (NIST)
A communication network architecture in which user data traversing a global Internet Protocol (IP) network is end-to-end encrypted at the IP layer. Related to striped core.
SOURCE: CNSSI-4009
Blacklist (NIST)
A list of email senders who have previously sent span to a user.
SOURCE: SP 800-114
A list of discrete entities, such as hosts or applications, that have been previously determined to be associated with malicious activity.
SOURCE: SP 800-94
Blacklisting (NIST)
The process of the system invalidating a user ID based on the user’s inappropriate actions. A blacklisted user ID cannot be used to log on to the system, even with the correct authenticator. Blacklisting and lifting of a blacklisting are both security-relevant events. Blacklisting also applies to blocks placed against IP addresses to prevent inappropriate or unauthorized use of Internet resources.
SOURCE: CNSSI-4009
Blended Attack (NIST)
A hostile action to spread malicious code via multiple methods.
SOURCE: CNSSI-4009
Blinding (NIST)
Generating network traffic that is likely to trigger many alerts in a short period of time, to conceal alerts triggered by a “real” attack performed simultaneously.
SOURCE: SP 800-94
Block (NIST)
Sequence of binary bits that comprise the input, output, State, and Round Key. The length of a sequence is the number of bits it contains. Blocks are also interpreted as arrays of bytes.
SOURCE: FIPS 197
Block Cipher (NIST)
A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. For a block cipher algorithm, the length of the input block is the same as the length of the output block.
SOURCE: SP 800-90
Block Cipher Algorithm (NIST)
A family of functions and their inverses that is parameterized by a cryptographic key; the function maps bit strings of a fixed length to bit strings of the same length.
SOURCE: SP 800-67
Blog
A discussion or informational site published on the World Wide Web and consisting of discrete entries ("posts") typically displayed in reverse chronological order (the most recent post appears first). Blogs may be the work of a single individual, occasionally of a small group, and covering a single subject, or may include posts written by large numbers of authors and professionally edited.
SOURCE: WIKIPEDIA
Blue ITSOC
Specific service codes that were used by the Arizona Telecommunications System (ATS) for billing communications services. These codes were retained by AZNet for use during the agency transition phase to bill for certain services that at the time of agency transition mapped into bundled services.
Body of Evidence (BoE) (NIST)
The set of data that documents the information system’s adherence to the security controls applied. The BoE will include a Requirements Verification Traceability Matrix (RVTM) delineating where the selected security controls are met and evidence to that
fact can be found. The BoE content required by an Authorizing Official will be adjusted according to the impact levels selected.
SOURCE: CNSSI-4009
Border Gateway Protocol (BGP)
A standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet. The protocol is often classified as a path vector protocol, but is sometimes also classed as a distance vector routing protocol. The Border Gateway Protocol does not use Interior Gateway Protocol (IGP) metrics, but makes routing decisions based on paths, network policies and/or rule-sets configured by a network administrator. The Border Gateway Protocol plays a key role in the overall operation of the Internet and is involved in making core routing decisions. |
Boundary (NIST)
Monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communication, through the use of boundary protection devices (e.g., proxies, gateways, routers, firewalls, guards, encrypted tunnels).
SOURCE: SP 800-53; CNSSI-4009
Boundary Protection (NIST)
Monitoring and control of communications at the external boundary of an information system to prevent and detect malicious and other unauthorized communication, through the use of boundary protection devices (e.g., proxies, gateways, routers, firewalls, guards, encrypted tunnels).
SOURCE: SP 800-53; CNSSI-4009
Boundary Protection Device (NIST)
A device with appropriate mechanisms that: (i) facilitates the adjudication of different interconnected system security policies (e.g., controlling the flow of information into or out of an interconnected system); and/or (ii) provides information system boundary protection.
SOURCE: SP 800-53
A device with appropriate mechanisms that facilitates the adjudication of different security policies for interconnected systems.
SOURCE: CNSSI-4009
Boundary Router
A router that performs packet filtering at the edge of a network to block certain attacks, filter unwanted protocols, and perform simple access control.
Breach
An impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information. An impermissible use or disclosure of protected health information is presumed to be a breach unless the covered entity or business associate, as applicable, demonstrates that there is a low probability that the protected health information has been compromised based on a risk assessment of at least the following factors:
1. The nature and extent of the protected health information involved, including the types of identifiers and the likelihood of re-identification;
2. The unauthorized person who used the protected health information or to whom the disclosure was made;
3. Whether the protected health information was actually acquired or viewed; and
4. The extent to which the risk to the protected health information has been mitigated.
SOURCE: HIPAA (45 CFR §§ 164.400-414)
Bridge
A product that connects a local area network (LAN) to another local area network that uses the same protocol (for example, Ethernet or token ring).
Browser
A client computer program that can retrieve and display information from servers on the World Wide Web
Browsing (NIST)
Act of searching through information system storage or active content to locate or acquire information, without necessarily knowing the existence or format of information being sought.
SOURCE: CNSSI-4009
Brute Force
A cryptanalysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, one-by-one
Brute Force Password Attack (NIST)
A method of accessing an obstructed device through attempting multiple combinations of numeric and/or alphanumeric passwords.
SOURCE: SP 800-72
BU CIO
Chief Information Officer overseeing all IT assets and personnel in a BU.
BU Director
Chief Executive overseeing a BU.
BU ISO
Individual assigned responsibility for maintaining the appropriate operational security posture for an information system or program
Budget Unit (BU)
A department, commission, board, institution or other agency of the state receiving, expending or disbursing state funds or incurring obligations of the state including the Arizona board of regents but excluding the universities under the jurisdiction of the Arizona board of regents, the community college districts and the legislative or judicial branches.
SOURCE: A.R.S 18-101-1
Buffer Overflow (NIST)
A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.
SOURCE: SP 800-28; CNSSI-4009
Bulk Encryption (NIST)
Simultaneous encryption of all channels of a multichannel telecommunications link.
SOURCE: CNSSI-4009
Business Continuity Plan (BCP) (NIST)
The documentation of a predetermined set of instructions or procedures that describe how an organization’s mission/business processes will be sustained during and after a significant disruption.
SOURCE: SP 800-34; CNSSI-4009
Business Impact Analysis (BIA) (NIST)
An analysis of an information system’s requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption.
SOURCE: SP 800-34
An analysis of an enterprise’s requirements, processes, and interdependencies used to characterize information system contingency requirements and priorities in the event of a significant disruption.
SOURCE: CNSSI-4009
Business Intelligence
The process of analyzing data and producing reports, data extracts, charts, dashboards and similar output, referred to generically as BI Reports.
The usability of BI Reports is dependent upon many factors including accuracy, timeliness, availability, change management, service level compliance and the underlying data.
The dependency upon underlying data (BI Source Data) includes factors such as its fitness for use, accuracy, timeliness, completeness, security, stability and stewardship and transparent communication to consumers of BI Reports when any of these is compromised.
Business Risk
A probable situation with uncertain frequency and magnitude of loss (or gain).
Byte
A fundamental unit of computer storage; the smallest addressable unit in a computer's architecture. Usually holds one character of information and usually means eight bits.