Definitions[]
Blacklisting (also referred to as a policy of allow all, deny by exception) is
“ | [t]he process used to identify: (i) software programs that are not authorized to execute on an information system; or (ii) prohibited Universal Resource Locators (URL)/websites.[1] | ” |
“ | [t]he process of the system invalidating a user ID based on the user's inappropriate actions. A blacklisted user ID cannot be used to log on to the system, even with the correct authenticator.[2] | ” |
“ | blocks placed against IP addresses to prevent inappropriate or unauthorized use of Internet resources.[3] | ” |
Overview[]
Blacklisting and lifting of a blacklisting are both security-relevant events.
References[]
- ↑ NIST Special Publication 800-53, App. B, Glossary.
- ↑ CNSSI 4009.
- ↑ Id.