D

Question 1

data at rest

Answer 1

Data that resides in external or auxiliary storage devices such as hard disk drives, solid-state drives, or DVDs.

Question 2

data classification

Answer 2

Assignments to data that indicate the level of availability, integrity, and confidentiality that is required for each type of information.

Question 3

data custodian

Answer 3

An individual who is responsible for the maintenance and protection of the data. This role is usually filled by the IT department (usually the network administrator). The duties include performing regular backups of the data; implementing security mechanisms; periodically validating the integrity of the data; restoring data from backup media; and fulfilling the requirements specified in the company’s security policy, standards, and guidelines that pertain to information security and data protection.

Question 4

Data Encryption Standard (DES)

Answer 4

Symmetric key encryption algorithm that was adopted by the government as a federal standard for protecting sensitive unclassified information. DES was later replaced with Advanced Encryption Standard (AES).

Question 5

data in transit (or data in motion)

Answer 5

Data that is moving between computing nodes over a data network such as the Internet.

Question 6

data in use

Answer 6

Data that temporarily resides in primary storage such as registers, caches, or RAM while the CPU is using it.

Question 7

data leak prevention (DLP)

Answer 7

The actions that organizations take to prevent unauthorized external parties from gaining access to sensitive data.

Question 8

data mining

Answer 8

The analysis of the data held in data warehouses in order to produce new and useful information.

Question 9

data remanence

Answer 9

A measure of the magnetic flux density remaining after removal of the applied magnetic force, which is used to erase data. Refers to any data remaining on magnetic storage media.

Question 10

data warehousing

Answer 10

The process of combining data from multiple databases or data sources into a large data store for the purpose of providing more extensive information retrieval and data analysis.

Question 11

database shadowing

Answer 11

A mirroring technology used in databases, in which information is written to at least two hard drives for the purpose of redundancy.

Question 12

declassification

Answer 12

An administrative decision or procedure to remove or reduce the security classification information.

Question 13

dedicated security mode

Answer 13

The mode in which a system operates if all users have the clearance or authorization to access, and the need to know about, all data processed within the system. All users have been given formal access approval for all information on the system and have signed nondisclosure agreements pertaining to this information.

Question 14

degauss

Answer 14

Process that demagnetizes magnetic media so that a very low residue of magnetic induction is left on the media. Used to effectively erase data from media.

Question 15

Delphi technique

Answer 15

A group decision method used to ensure that each member of a group gives an honest and anonymous opinion pertaining to the company’s risks.

Question 16

denial of service (DoS)

Answer 16

Any action, or series of actions, that prevents a system, or its resources, from functioning in accordance with its intended purpose.

Question 17

DevOps

Answer 17

The practice of incorporating developers and members of operations and quality assurance (QA) staff into software development projects to align their incentives and enable frequent, efficient, and reliable releases of software products.

Question 18

dial-up

Answer 18

The service whereby a computer terminal can use telephone lines, usually via a modem, to initiate and continue communication with another computer system.

Question 19

dictionary attack

Answer 19

A form of attack in which an attacker uses a large set of likely combinations to guess a secret, usually a password.

Question 20

digital signature

Answer 20

An electronic signature based upon cryptographic methods of originator authentication, computed by using a set of rules and a set of parameters such that the identity of the signer and the integrity of the data can be verified.

Question 21

disaster recovery plan

Answer 21

A plan developed to help a company recover from a disaster. It provides procedures for emergency response, extended backup operations, and post-disaster recovery when an organization suffers a loss of computer processing capability or resources and physical facilities.

Question 22

discretionary access control (DAC)

Answer 22

An access control model and policy that restricts access to objects based on the identity of the subjects and the groups to which those subjects belong. The data owner has the discretion of allowing or denying others access to the resources it owns.

Question 23

Distributed Network Protocol 3 (DNP3)

Answer 23

A communications protocol designed for use in SCADA systems, particularly those within the power sector, that does not include routing functionality.

Question 24

domain

Answer 24

The set of objects that a subject is allowed to access. Within this domain, all subjects and objects share a common security policy, procedures, and rules, and they are managed by the same management system.

Question 25

due care

Answer 25

Steps taken to show that a company has taken responsibility for the activities that occur within the corporation and has taken the necessary steps to help protect the company, its resources, and employees.

Question 26

due diligence

Answer 26

The process of systematically evaluating information to identify vulnerabilities, threats, and issues relating to an organization’s overall risk.