back door - An undocumented way of gaining access to a computer system. After a system is compromised, an attacker may load a program that listens on a port (back door) so that the attacker can enter the system at any time. A back door is also referred to as a trapdoor.
back up - Copy and move data to a medium so that it may be restored if the original data is corrupted or destroyed. A full backup copies all the data from the system to the backup medium. An incremental backup copies only the files that have been modified since the previous backup. A differential backup backs up all files since the last full backup.
baseline - The minimum level of security necessary to support and enforce a security policy.
BC - (Business Continuity) - Actions, processes, and tools for ensuring an organization can continue critical operations during a contingency.=SW-CMM(SoftWare Capability Maturity Model) - Maturity model focused on quality management processes and has five maturity levels that contain several key practices within each maturity level.
Bell-LaPadula model - The model uses a formal state transition model that describes its access controls and how they should perform. When the system must transition from one state to another, the security of the system should never be lowered or compromised. See also multilevel security, simple security property, and star property (*-property).
BIA - (Business Impact Analysis) - A functional analysis in which a team collects data, documents business functions, develops a hierarchy of business functions, and applies a classification scheme to indicate each individual function\'s criticality level.
Biba model - A formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity.
biometrics - When used within computer security, identifies individuals by physiological characteristics, such as a fingerprint, hand geometry, or pattern in the iris.
bit - Most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.
black-box testing - Testing where no internal details of the system implementation are used.
blacklist - A set of known-bad resources such as IP addresses, domain names, or applications.
bluetooth - Bluetooth wireless techology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and it has been integrated into many types of business and consumer devices.
bridges - Layer 2 devices that filter traffic between segments based on Media Access Control (MAC) addresses.
browsing - Searching through storage media looking for specific information without necessarily knowing what format the information is in. A browsing attack is one in which the attacker looks around a computer system either to see what looks interesting or to find specific information.
brute-force attack - An attack that continually tries different inputs to achieve a predefined goal, which can be used to obtain credentials for unauthorized access.
business continuity - Actions, processes, and tools for ensuring an organization can continue critical operations during a contingency.
business impact analysis - A functional analysis in which a team collects data, documents business functions, develops a hierarchy of business functions, and applies a classification scheme to indicate each individual function\\'s criticality level.