Читаем CISSP Practice полностью

It is a designation applied to encrypted data/information and the information systems, the associated areas, circuits, components, and equipment processing of that data and information. It is a separation of electrical and electronic circuits, components, equipment, and systems that handle unencrypted information (RED) in electrical form from those that handle encrypted information (BLACK) in the same form.

Black core

A communications network architecture in which user data traversing a core Internet Protocol (IP) network is end-to-end encrypted at the IP layer.

Blackholing

Blackholing occurs when traffic is sent to routers that drop some or all of the packets. Synonymous with blackhole.

Blacklisting

It is the process of the system invalidating a user ID based on the user’s inappropriate actions. A blacklisted user ID cannot be used to log on to the system, even with the correct authenticator. Blacklisting also applies to (1) blocks placed against IP addresses to prevent inappropriate or unauthorized use of Internet resources, (2) blocks placed on domain names known to attempt brute force attacks, (3) a list of e-mail senders who have previously sent spam to a user, and (4) a list of discrete entities, such as hosts or applications, that have been previously determined to be associated with malicious activity. Placing blacklisting and lifting blacklisting are both security-relevant events. Web content filtering software uses blacklisting to prevent access to undesirable websites. Synonymous with blacklists.

Blended attack

(1) An instance of malware that uses multiple infection or transmission methods. (2) Malicious code that uses multiple methods to spread.

Blinding

Generating network traffic that is likely to trigger many alerts in a short period of time, to conceal alerts triggered by a “real” attack performed simultaneously.

Block

Sequence of binary bits that comprise the input, output, state, and round key. The length of a sequence is the number of bits it contains. Blocks are also interpreted as arrays of bytes. A block size is the number of bits in an input (or output) block of the block cipher.

Block cipher algorithm

(1) A symmetric key cryptographic algorithm that transforms a block of information at a time using a cryptographic key. (2) A family of functions and their inverse functions that is parameterized by a cryptographic key; the functions map bit strings of a fixed length to bit strings of the same length. The length of the input block is the same as the length of the output block. A bit string is an ordered sequence of 0’s and 1’s and a bit is a binary digit of 0 or 1.

Block mirroring

A method to provide backup, redundancy, and failover processes to ensure high-availability systems. Block mirroring is performed on an alternative site preferably separate from the primary site. Whenever a write is made to a block on a primary storage device at the primary site, the same write is made to an alternative storage device at the alternative site, either within the same storage system, or between separate storage systems, at different locations.

Blue team

A group of people responsible for defending an enterprise’s use of information systems by maintaining its security posture against a group of mock attackers (i.e., the red team). The blue team must defend against real or simulated attacks.

Bluetooth

A wireless protocol developed as a cable replacement to allow two equipped devices to communicate with each other (e.g., a fax machine to a mobile telephone) within a short distance such as 30 feet. The Bluetooth system connects desktop computers to peripherals (e.g., printers and fax machines) without wires.

Body of evidence

The set of data that documents the information system's adherence to the security controls applied. When needed, this may be used in a court of law as external evidence.

Bogon addresses

Bogon (bogus) addresses refer to an IP address that is reserved but not yet allocated by the Internet registry. Attackers use these addresses to attack so bogon address filters must be updated constantly.

Boot-sector virus

A virus that plants itself in a system’s boot sector and infects the master boot record (MBR) of a hard drive or the boot sector of a removable media. This boot sector is read as part of the system startup, and thus they are loaded into memory when the computer first boots up. When in memory, a boot-sector virus can infect any hard disk or floppy accessed by the user. With the advent of more modern operating systems and a great reduction in users sharing floppies, there has been a major reduction in this type of virus. These viruses are now relatively uncommon.

Border Gateway Protocol (BGP)

An Internet routing protocol used to pass routing information between different administrative domains.