D Flashcards
Data classification
The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification. Levels of sensitivity of data are assigned according to predefined categories as data are created, amended, enhanced, stored or transmitted. The classification level is an indication of the value or importance of the data to the enterprise.
Data custodian
The individual(s) and department(s) responsible for the storage and safeguarding of computerized data.
Data integrity
The degree to which a collection of data is complete, consistent and accurate
Data leakage
Unauthorized transmission of data from an organization either electronically or physically
Data loss prevention
Detecting and addressing data breaches, exfiltration or unwanted destruction of data
Data mining
Generally, the use of computers to analyze large data sets to look for patterns that assist people in making business decisions
Data normalization
A structured process for organizing data into tables in such a way that it preserves the relationships among the data.
Data owner
The individual(s) who has responsibility for the integrity, accurate reporting and use of computerized data
Data warehouse
A generic term for a system that stores, retrieves and manages large volumes of data.
Decentralization
The process of distributing computer processing to different locations within an enterprise
Decryption key
A digital piece of information used to recover plaintext from the corresponding ciphertext by decryption
Defense in depth
The practice of layering defenses to provide added protection. Defense in depth increases security by raising the effort needed in an attack. This strategy places multiple barriers between an attacker and enterprise
computing and information resources.
Degauss
The application of variable levels of alternating current for the purpose of demagnetizing magnetic recording media.
Demilitarized zone (DMZ)
A small, isolated network that serves as a buffer zone between trusted and untrusted networks
Denial-of-service attack (DoS)
An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rate
Digital certificate
Electronic credentials that permit an entity to exchange information securely via the Internet using the public key infrastructure (PKI)
Digital code signing
The process of digitally signing computer code to ensure its integrity.
Disaster declaration
The communication to appropriate internal and external parties that the disaster recovery plan (DRP) is being put into operation.
Disaster notification fee
The fee that the recovery site vendor charges when the customer notifies them that a disaster has occurred and the recovery site is required.
Disaster recovery plan (DRP) desk checking
Typically a read-through of a disaster recovery plan (DRP) without any real actions taking place.
Disaster recovery plan (DRP) walk-through
Generally a robust test of the recovery plan requiring that some recovery activities take place and are tested. A disaster scenario is often given and the recovery teams talk through the steps that they would need to take to recover. As many aspects of the plan as possible should be tested.
Disaster recovery plan (DRP)
A set of human, physical, technical and procedural resources to recover, within a defined time and cost, an activity interrupted by an emergency or disaster
Disaster recovery
Activities and programs designed to return the enterprise to an acceptable condition. The ability to respond to an interruption in services by implementing a disaster recovery plan (DRP) to restore an enterprise’s critical business functions.
Discretionary access control (DAC)
Logical access control filters that may be configured or modified by the users or data owners
Disk mirroring
The practice of duplicating data in separate volumes on two hard disks to make storage more fault tolerant. Mirroring provides data protection in the case of disk failure because data are constantly updated to both disks.
Distributed denial-of-service attack (DDoS)
A denial-of-service (DoS) assault from multiple sources.
Dual control
A procedure that uses two or more entities (usually persons) operating in concert to protect a system resource so that no single entity acting alone can access that resource.
Due care
The level of care expected from a reasonable person of similar competency under similar conditions
Due diligence
The performance of those actions that are generally regarded as prudent, responsible and necessary to conduct
a thorough and objective investigation, review and/or analysis
Dynamic Host Configuration Protocol (DHCP)
A protocol used by networked computers (clients) to obtain IP addresses and other parameters such as the default gateway, subnet mask and IP addresses of domain name system (DNS) servers from a DHCP server.