D
Data Aggregation: Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.
Data at Rest: Data not currently being accessed.
Data Breach: The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
Data Controller: A person that determines the procedure and purpose for processing
Data Custodian: Anyone or anything that’s responsible for the safe handling,
Data Exfiltration: Unauthorized transmission of data from a system
Data in Transit: Data traveling from one point to another.
Data in Use: Data being accessed by one or more users.
Data Integrity: The property that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner.
Data Leakage: See data breach.
Data Loss Prevention: A set of procedures and mechanisms to stop sensitive data from leaving a security boundary.
Data Loss: The result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorized party.
Data Mining: The process or techniques used to analyze large sets of existing information to discover previously unrevealed patterns or correlations.
Data Owner: The person who decides who can access, edit, use, or destroy their
Data Packet: A basic unit of information that travels from one device to another within a network
Data Point: A specific piece of information
Data Processor: A person that is responsible for processing data on behalf of the data
Data Protection Officer (DPO): An individual that is responsible for monitoring the
Data Spill: See data breach.
Data Theft: The deliberate or intentional act of stealing of information.
Data Type: A category for a particular type of data item
Data: Information that is translated, processed, or stored by a computer
Database: An organized collection of information or data.
Date and Time Data: Data representing a date and/or time.
Debugger: A software tool that helps to locate the source of an error and assess its
Debugging: The practice of identifying and fixing errors in code
Decipher: To convert enciphered text to plain text by means of a cryptographic system.
Decryption: Decryption is the process of transforming an encrypted message into its original plaintext.
Defacement: Defacement is the method of modifying the content of a website in such a way that it becomes “vandalized” or embarrassing to the website owner.
Defense In-Depth Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.
Demilitarized Zone (DMZ): In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a subnetwork) that sits between an organization’s internal network and an external network, usually the Internet. DMZ’s help to enable the layered security model in that they provide subnetwork segmentation based on security requirements or policy. DMZ’s provide either a transit mechanism from a secure source to an insecure destination or from an insecure source to a more secure destination. In some cases, a screened subnet which is used for servers accessible from the outside is referred to as a DMZ.
Denial of Service (DoS) Attack: An attack that targets a network or server and floods it with network traffic.
Denial of Service (DoS): The prevention of authorized access to a system resource or the delaying of system operations and functions.
Detect: A NIST core function related to identifying potential security incidents and
Detection: The prompt discovery of security events
Dictionary Data: Data that consists of one or more key-value pairs
Digital Certificate: A file that verifies the identity of a public key holder
Digital Forensics: The practice of collecting and analyzing data to determine what has happened after an attack.
Digital Signature: A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn’t changed since transmission.
Directory: A file that organizes where other files are stored
Disaster Recovery Plan (DRP): A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.
Disruption: A circumstance or event that interrupts or prevents the correct operation of system services and functions.
Distributed Denial of Service (DDoS): A denial of service technique that uses numerous systems to perform the attack simultaneously.
Distributions: The different versions of Linux.
Documentation: Any form of recorded content that is used for a specific purpose
Domain Hijacking: Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain’s DNS server and then putting his own server up in its place.
Domain Name System (DNS): The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember “handle” for an Internet address.
Domain Name: A domain name locates an organization or other entity on the Internet. For example, the domain name “www.sans.org” locates an Internet address for “sans.org” at Internet point 199.0.0.2 and a particular host server named “www”. The “org” part of the domain name reflects the purpose of the organization or entity (in this example, “organization”) and is called the top-level domain name. The “sans” part of the domain name defines the organization or entity and together with the top-level is called the second-level domain name.
Domain: A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. In the Internet’s domain name system, a domain is a name with which name server records are associated that describe sub-domains or host. In Windows NT and Windows 2000, a domain is a set of network resources (applications, printers, and so forth) for a group of users. The user need only to log in to the domain to gain access to the resources, which may be located on a number of different servers in the network.
DOM-based XSS Attack: An instance when malicious script exists in the webpage a
Dropper: A type of malware that comes packed with malicious code which is delivered
Due Diligence: Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additional deploy a means to detect them if they occur.
DumpSec: DumpSec is a security tool that dumps a variety of information about a system’s users, file system, registry, permissions, password policy, and services.
Dumpster Diving: Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.
Dynamic Link Library: A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. The small program that lets the larger program communicate with a specific device such as a printer or scanner is often packaged as a DLL program (usually referred to as a DLL file).
Dynamic Routing Protocol: Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbor routers, is usually called a routing daemon. The routing daemon updates the kernel’s routing table with information it receives from neighbor routers.
