B-C

A hole in the security of a computer system deliberately left in place by designers or maintainers. Synonymous with trap door. A hidden software or hardware mechanism used to circumvent security controls. A breach created intentionally for the purpose of collecting, altering, or destroying data.

Bandwidth is the sum of all the data transferred from and to your Web site, including e-mail, Web pages, and images. See “Monthly Traffic.”

The collection of memory chips or modules that make up a block of memory. This can be 1, 2 or 4 chips. Memory in a PC must always be added or removed in full-bank increments.

A detailed background document that describes the PSYOP-relevant vulnerabilities, characteristics, insights, and opportunities that are known about a specific country susceptible to exploitation.

The process whereby the commander develops a clear understanding of the current state with relation to the enemy and environment, envisions a desired end-state that represents mission accomplishment, and then subsequently visualizes the sequence of activity that moves the commander’s force from its current state to the end-state.

The field of military operations circumscribed by the aggregate of all spatial (geographic range, altitude) and virtual (communicational connectivity) dimensions in which those operations are realized. This is a generic term connoting no limitation to the geographical constraints suggested by the term “battlefield.” Components are determined by the maximum capabilities of friendly and enemy forces to acquire and dominate each other by fires and maneuver and in the electromagnetic spectrum.

Access that an unauthorized user gets, typically by tapping the terminal of a legitimate user that is inactive at the time.

The part of the operating system that provides the lowest level interface to peripheral devices. The BIOS is stored in the ROM on the computer’s motherboard.

Binary Large Object, used to describe any random large block of bits, usually a picture or sound file; can be stored in a database but normally not interpretable by a database program. Can be used as a mild hacker threat (mailbomb) when mailed. Can also be used to hide malicious logic code.

Gadgets created by crackers and phone hackers (“phreakers”) to break into the telephone system and make calls bypassing normal controls and/or billing procedures.

Battle(-space) Management Command, Control, Communications, and Intelligence. Briefly stated, the overall label for those components and processes comprising the “nervous system” of a modern military force in a theater of operations. The planning, tasking, and control of the execution of missions through an architecture of sensors, communications, automation, and intelligence support.

To start up your computer. Because the computer gets itself up and going from an inert state, it could be said to lift itself up “by its own bootstraps”—this is where the term ‘boot’ originates.

The magnetic disk (usually a hard disk) from which an operating system kernel is loaded (or “bootstrapped”). MS-DOS and Microsoft ® Windows® can be configured (in the BIOS) to try to boot off either floppy disk or hard disk, in either order (and on some modern systems even from CD or other removable media). A special floppy boot disk (often called a “System Rescue Disk”) can be created, which will allow your computer to boot even if it cannot boot from the hard disk.

Once the BIOS determines which disk to boot from, it loads the first sector of that disk into memory and executes it. Besides this loader program, the Boot Record contains the partition table for that disk. If the Boot Record is damaged, it can be a very serious situation!

To load and initialize the operating system on a computer. Often abbreviated to boot.

Web-based message forum where visitors can read, post, and reply to messages or questions left by other visitors.

A set of conductors (wires or connectors in an integrated circuit) connecting the various functional units in a computer. There are busses both within the CPU and connecting it to external memory and peripheral devices. The bus width (i.e., the number of parallel connectors) is one factor limiting a computer’s performance.

Acronym for command and control.

Sometimes written “C2-attack.” Abbreviation for command-and-control attack. Any action against any element of the enemy’s command and control system.

Abbreviation for command-and-control protect.

Presumed synonym for command-and-control counterwar.

Acronym for command-and-control warfare.

Acronym for command, control, and communications.

Acronym for command, control, communications, and intelligence.

Acronym for command, control, communications, computers, and intelligence.

Acronym for command, control, communications, computer intelligence, surveillance, and reconnaissance.

A circuit board that is usually designed to plug into a connector or slot. See also adapter.

(Internet Browser)—The files and graphics saved locally from Web sites you have previously visited.

A term commonly encountered that connotes a component or feature of a given system (an adversary’s deployed instrumentality) that is critical to either (a) the viability of that given system and/or (b) the viability of the supersystem within which that given system is a participating component.

Acronym for computer emergency response team. Supports others in enhancing the security of their computing systems; develops standardized set of responses to security problems; provides a central point of contact for information about security incidents; and assists in collecting and disseminating information on issues related to computer security, including information on configuration, management, and bug fixes for systems.

CGI stands for “common gateway interface.” It’s simply a way for your visitor’s computer to communicate with programs, such as shopping-cart scripts, on your server. The CGI-BIN is a special directory where you store executable programs, such as shopping-cart scripts and counters, on the server. If you don’t have access to a CGI-bin directory, you can’t run programs (scripts) on your Web site.

Allows you to custom-build e-mail results from a Web page form, much like a mail merge letter.

Acronym for critical infrastructure protection.

To click an item means to point to it with the screen pointer, and then press quickly and release the left mouse button at once.

Windows allocates space to files in units called “clusters.” Each cluster contains from 1 to 64 sectors, depending on the type and size of the disk. A cluster is the smallest unit of disk space that can be allocated for use by files.

A part of the motherboard that maintains system variables in static RAM. It also supplies a real-time clock that keeps track of the date, day and time. CMOS Setup is typically accessible by entering a specific sequence of keystrokes during the POST at system start-up.

Starting or restarting a computer by turning on the power supply. See also warm boot.

Computer evidence is quite unique when compared to other forms of “documentary evidence.” Unlike paper documentation, computer evidence is fragile and a copy of a document stored in a computer file is identical to the original. The legal ‘best evidence’ rules change when it comes to the processing of computer evidence. Another unique aspect of computer evidence is the potential for unauthorized copies to be made of important computer files without leaving behind a trace that the copy was made. This situation creates problems concerning the investigation of the theft of trade secrets (client lists, research materials, computer-aided design files, formulas, and proprietary software).

Computer Forensics deals with the preservation, identification, extraction, and documentation of computer evidence. The field is relatively new to the private sector but it has been the mainstay of technology-related investigations and intelligence gathering in law enforcement and military agencies since the mid-1980s. Like any other forensic science, computer forensics involves the use of sophisticated technology tools and procedures, which must be followed to guarantee the accuracy of the preservation of evidence and the accuracy of results concerning computer-evidence processing. Typically, computer forensic tools exist in the form of computer software.

Computer forensic specialists guarantee accuracy of evidence-processing results through the use of time-tested evidence-processing procedures and through the use of multiple software tools, developed by separate and independent developers. The use of different tools that have been developed independently to validate results is important to avoid inaccuracies introduced by potential software design flaws and software bugs. It is a serious mistake for a computer forensics specialist to put “all of their eggs in one basket” by using just one tool to preserve, identify, extract, and validate the computer evidence. Cross-validation through the use of multiple tools and techniques is standard in all forensic sciences. When this procedure is not used, it creates advantages for defense lawyers who may challenge the accuracy of the software tool used and thus the integrity of the results. Validation through the user of multiple software tools, computer specialists, and procedures eliminates the potential for errors and the destruction of evidence.

Computer investigations rely on evidence stored as data and the timeline of dates and times that files were created, modified, and/or last accessed by the computer user. Timelines of activity can be especially helpful when multiple computers and individuals are involved in the commission of a crime. The computer forensics investigator should always consider timelines of computer usage in all computer-related investigations. The same is true in computer security reviews concerning potential access to sensitive and/or trade secret information stored in the form of computer files.

Also called a “context-sensitive menu,” or a “shortcut menu,” a context menu includes the commands that are commonly associated with an object on the screen. To activate an itme’s context menu, point to it with the screen pointer, then press and release the right mouse button once.

(Internet Browser)—Holds information on the times and dates you have visited Web sites. Other information can also be saved to your hard disk in these text files, including information about on-line purchases, validation information about you for members-only Web sites, and more.

Stands for central processing unit, a programmable logic device that performs all the instruction, logic, and mathematical processing in a computer.

A sudden, usually drastic failure. Can be said of the operating system or a particular program when there is a software failure. Also, a disk drive can crash because of hardware failure.

Two files that both refer to the same data.

By placing a file in your main directory called missing.html, you will be able to provide a customized page to any browser that requests a file that does not exist on your server. You can use it to steer visitors to your front page, so you don’t lose them if they click on a bad link somewhere.

Used for secure processing of credit-card transactions. It actually takes the payment information and sends it via the banking gateways to obtain real-time approvals for credit cards and checks.