B

An opening left in a program application (usually by the developer) that allows additional access to data. Typically these are created for debugging purposes and are not documented. Before the product ships, the back doors are closed; when they are not closed, security loopholes exist.

An illicit server program that can be used to gain access to Windows NT/ 2000 servers and take control.

A documented plan governing backup situations.

A written policy detailing the frequency of backups and the location of storage media.

Copies of data made to removable media.

The Bell La-Padula model was designed for the military to address the storage and protection of classified information. The model is specifically designed to prevent unauthorized access to classified information. The model prevents the user from accessing information that has a higher security rating than they are authorized to access. The model also prevents information from being written to a lower level of security.

A set of rules governing basic operations.

The Biba model is similar in concept to the Bell La-Padula model, but it is more concerned with information integrity, an area that the Bell La-Padula model does not address. In this model, there is no write up, or read down. In short, if you are assigned access to Top Secret information, you cannot read secret information nor write to any level higher than the level to which you are authorized. This keeps higher-level information pure by preventing less reliable information from being intermixed with it.

See Border Gateway Protocol.

See Business Impact Analysis.

The science of identifying a person by using one or more of their features. This can be a thumbprint, a retina scan, or any other biological trait.

Devices that can authenticate an individual based upon a physical characteristic.

A probability method of finding similar keys in MD5.

A type of symmetric block cipher created by Bruce Schneier.

Also known as the Master Boot Record (MBR). This is the first sector of the hard disk, where the program that boots the operating system resides. It is a popular target for viruses.

A protocol predominantly used by ISPs that allows routers to share information about routes with each other.

Routers that are used to translate from LAN framing to WAN framing.

A type of attack that relies purely on trial and error.

A type of DoS attack that occurs when more data is put into a buffer than it can hold, thereby overflowing it, as the name implies.

A contingency plan that will allow a business to keep running in the event of a disruption to vital resources.

A study of the impact that could be possible if a disruption to a business's vital resources were to occur.