D - GLOSSARY

Question 1

Damage evaluation

Answer 1

The determination of the extent of damage that is necessary to provide for an estimation of the recovery time frame and the potential loss to the organization

Question 2

Data classification

Answer 2

The assignment of a level of sensitivity to data (or information) that results in the specification of controls for each level of classification.
Levels of sensitivity of data are assigned according to predefined
categories as data are created, amended, enhanced, stored or transmitted.
The classification level is an indication of the value or importance of the
data to the organization.

Question 3

Data custodian

Answer 3

The individual(s) and/or department(s) responsible for the storage and safeguarding of computerized data

Question 4

Data Encryption Standard (DES)

Answer 4

An algorithm for encoding binary data. It is a secret key cryptosystem published by the National Bureau of Standards (NBS), the predecessor of the US National Institute of Standards and Technology (NIST). DES and
its variants have been replaced by the Advanced Encryption Standard (AES).

Question 5

Data integrity

Answer 5

The property that data meet with a priority expectation of quality and that the data can be relied on

Question 6

Data leakage

Answer 6

Siphoning out or leaking information by dumping computer files or stealing computer reports and tapes

Question 7

Data leak protection (DLP)

Answer 7

A suite of technologies and associated processes that locate, monitor and protect sensitive information from unauthorized disclosure

Question 8

Data mining

Answer 8

A technique used to analyze existing information, usually with the intention of pursuing new avenues to pursue business

Question 9

Data normalization

Answer 9

A structured process for organizing data into tables in such a way that it preserves the relationships among the data

Question 10

Data owner

Answer 10

The individual(s), normally a manager or director, who has responsibility for the integrity, accurate reporting and use of computerized data

Question 11

Data warehouse

Answer 11

A generic term for a system that stores, retrieves and manages large volumes of data. Data warehouse software often includes sophisticated comparison and hashing techniques for fast searches, as well as advanced filtering.

Question 12

Decentralization

Answer 12

The process of distributing computer processing to different locations within an organization

Question 13

Decryption key

Answer 13

A digital piece of information used to recover plaintext from the corresponding ciphertext by decryption

Question 14

Defense in depth

Answer 14

The practice of layering defenses to provide added protection. Defense in depth increases security by raising the effort needed in an attack. This
strategy places multiple barriers between an attacker and an organization’s computing and information resources.

Question 15

Degauss

Answer 15

The application of variable levels of alternating current for the purpose of demagnetizing magnetic recording media. The process involves increasing the alternating current field gradually from zero to some maximum value and back to zero, leaving a very low residue of magnetic induction on the media. Degauss loosely means: to erase.

Question 16

Demilitarized zone (DMZ)

Answer 16

A screened (firewalled) network segment that acts as a buffer zone between a trusted and untrusted network. A DMZ is typically used to house systems such as web servers that must be accessible from both internal networks and the Internet.

Question 17

Denial-of-service (DoS) attack

Answer 17

An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rate

Question 18

Digital certificate

Answer 18

A process to authenticate (or certify) a party’s digital signature; carried out by trusted third parties

Question 19

Digital code signing

Answer 19

The process of digitally signing computer code to ensure its integrity

Question 20

Disaster declaration

Answer 20

The communication to appropriate internal and external parties that the disaster recovery plan is being put into operation

Question 21

Disaster notification fee

Answer 21

The fee the recovery site vendor charges when the customer notifies them that a disaster has occurred and the recovery site is required.
The fee is implemented to discourage false disaster notifications.

Question 22

Disaster recovery plan (DRP)

Answer 22

A set of human, physical, technical and procedural resources to recover, within a defined time and cost, an activity interrupted by an emergency or disaster

Question 23

Disaster recovery plan desk checking

Answer 23

Typically a read-through of a disaster recovery plan without any real actions taking place. Generally involves a reading of the plan, discussion of the action items and definition of any gaps that might be identified.

Question 24

Disaster recovery plan walk-through

Answer 24

Generally a robust test of the recovery plan requiring that some recovery activities take place and are tested. A disaster scenario is often given and
the recovery teams talk through the steps they would need to take to recover. As many aspects of the plan should be tested as possible.

Question 25

Discretionary access control (DAC)

Answer 25

A means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the
sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject.

Question 26

Disk mirroring

Answer 26

The practice of duplicating data in separate volumes on two hard disks to make storage more fault tolerant. Mirroring provides data protection in the case of disk failure because data are constantly updated to both disks.

Question 27

Distributed denial-of-service (DDoS) attack

Answer 27

A denial-of-service (DoS) assault from multiple sources

Question 28

Domain name system (DNS)

Answer 28

A hierarchical database that is distributed across the Internet that allows names to be resolved into IP addresses (and vice versa) to locate services
such as web and email servers

Question 29

Dual control

Answer 29

A procedure that uses two or more entities (usually persons) operating in concert to protect a system resource so that no single entity acting alone
can access that resource

Question 30

Due care

Answer 30

The level of care expected from a reasonable person of similar competency under similar conditions

Question 31

Due diligence

Answer 31

The performance of those actions that are generally regarded as prudent, responsible and necessary to conduct a thorough and objective investigation, review and/or analysis

Question 32

Dynamic Host Configuration Protocol (DHCP)

Answer 32

A protocol used by networked computers (clients) to obtain IP addresses and other parameters such as the default gateway, subnet mask and IP addresses of domain name system (DNS) servers from a DHCP server. The DHCP server ensures that all IP addresses are unique (e.g., no IP address is assigned to a second client while the first client’s assignment is valid [its
lease has not expired]). Thus, IP address pool management is done by the server and not by a human network administrator.