- Bot Short for robot, in a digital context, refers to an automated program designed to perform specific tasks without human intervention. These tasks can range from benign activities, such as web crawling for search engines, to malicious uses, such as launching distributed denial-of-service attacks (DDoS), spreading spam, or perpetrating click fraud. Because of their potential for misuse, it's crucial to monitor network activities for unusual patterns that may suggest the presence of malicious bots.
- Botnet A network of infected computers that are controlled by a single entity, often without the knowledge of the computers' owners. Botnets are typically used to perform distributed denial of service (DDoS) attacks, in which the botnet is used to flood a target website or network with traffic, overwhelming its resources and rendering it inaccessible. Examples of botnets include the Mirai botnet, which was used in several high-profile DDoS attacks, and the Storm botnet, which was one of the largest botnets in history.
- Boundary In the context of system security, a boundary refers to the defined barrier between different security domains, helping to manage and restrict the flow of information. This could be physical, such as the walls of a secured server room, or logical, such as a firewall or other security device that filters network traffic. Properly managed boundaries are crucial in limiting potential attack vectors and containing any damage if a breach does occur. A system's boundary protection mechanisms should be defined based on the sensitivity of the information it handles and the potential threats it faces.
- Bounds Checking The practice of verifying that the data being operated on falls within the expected parameters or 'bounds.' For instance, in a data array, it would mean ensuring an index does not exceed the size of the array. This prevents errors, crashes, and security vulnerabilities like buffer overflow attacks, where an attacker can exploit an out-of-bounds write to inject malicious code or manipulate the system's operation.
- Breach Attack Simulations (BAS) These are controlled tests carried out to mimic the tactics and techniques of real-world attackers to assess the effectiveness of an organization's security posture. By emulating the actions of potential threats in a safe environment, BAS allows organizations to identify potential vulnerabilities, test their response procedures, and understand where improvements might be needed before an actual attack occurs. This proactive approach is a key part of maintaining a robust defense against increasingly sophisticated threats.
- Breach reporting The process of informing individuals and authorities about a security breach or potential security threat. It is used in the event of a data breach to alert affected individuals and organizations and to determine the cause and prevent further incidents. Examples - A healthcare organization reporting a breach to patients and the government, a financial institution reporting a breach to customers and regulatory bodies.
- Brewer–Nash (BN) model Also known as the "Cinderella" or "Chinese Wall" model, Brewer–Nash is a security model designed to prevent conflicts of interest by limiting access to sensitive information. This model ensures that once a user has accessed specific sensitive data, they are prevented from accessing other related information that could lead to a conflict of interest or unethical action. It's dynamically based on the user's data access history and is especially applicable in industries where proprietary or confidential information must be strictly controlled, such as finance or law.
- Bricking An event or action that renders a device unusable, often as a result of a firmware update or software alteration gone wrong. In this state, the device is as useful as a 'brick.' This term can also refer to a deliberate act of sabotage or a potential outcome of a severe malware attack. It emphasizes the importance of proper update procedures, reliable software sourcing, and robust security measures to protect against such threats.
- Bridge A network device that connects two different network segments, allowing them to communicate and share data. It is used in network architecture to increase connectivity and improve performance. Examples include a wireless bridge, a network bridge, or a virtual bridge.
- Broadband over Power Line (BPL) A method of data transmission that utilizes the existing electrical power distribution infrastructure to provide broadband internet connectivity. BPL is an alternative means of internet access that can be particularly useful in areas lacking conventional telecommunications infrastructure.
Share our FREE glossary with your friends and study buddies.
Disclaimer: The glossary is for informational purposes only, we are not liable for any errors or omissions, if you find errors please contact us.