Glossary- D Flashcards
damage assessment
The process of examining assets after a disaster to determine the extent of damage.
data acquisition
The act of obtaining data for later use in a forensic investigation.
data classification policy
Policy that defines sensitivity levels and handling proce-
dures for information.
data control language
A procedural language used to control access to a database.
data definition language (DDL)
A procedural language used to describe the struc- ture of data contained in a database.
data dictionary (DD)
A set of data in a database management system that describes the structure of databases stored there.
data file controls
Controls that ensure the security and integrity of data files and their contents.
data flow architecture
The part of network architecture that is closely related to ap- plication and data architecture. See also data flow diagram.
data flow diagram
A diagram that illustrates the flow of data within and between systems.
data link
Layer 2 of the OSI network model. See also OSI network model.
data management utility
A type of utility software used to manipulate, list, trans-
form, query, compare, encrypt, decrypt, import, or export data. See also utility software.
data manipulation language (DML)
A procedural language used to insert, delete,
and modify data in a database.
data-oriented system development (DOSD)
A software development life cycle pro- cess that starts with a design of data and interfaces to databases and then moves on to program design.
data restore
The process of copying data from backup media to a target system for the purpose of restoring lost or damaged data.
database management system (DBMS)
A software program that facilitates the storage and retrieval of potentially large amounts of structured or unstructured information.
database
A collection of structured or unstructured information.
database server
A server that contains and facilitates access to one or more databases.
debugging
The activity of searching for the cause of malfunctions in programs or systems.
decryption
The process of transforming ciphertext into plaintext so that a recipient can read it.
default gateway
A station on a network (usually a router) that is used to forward mes- sages to stations on distant networks.
default password
A password associated with a user account or system account that retains its factory default setting.
deluge
A fire sprinkler system that has dry pipes and all of the sprinkler heads are open. When the system is operated (for instance, when an alarm is triggered), water flows into the pipes and out of all of the sprinkler heads. See also fire sprinkler system.
denial of service (DoS)
An attack on a computer or network with the intention of causing disruption or malfunction of the target.
desktop computer
A computer used by an individual end user and located at the user’s workspace.
detection risk
The risk that an IS auditor will overlook errors or exceptions during an audit.
detective control
A control that is used to detect events.
deterrent control
A control that is designed to deter people from performing un-
wanted activities.
development
The process where software code is created.
diameter
An authentication standard that is the successor to RADIUS. See also RADIUS.
Diffie-Hellman
A popular key exchange algorithm. See also key exchange.
digital certificate
An electronic document that contains an identity that is signed with the public key of a certificate authority (CA).
digital envelope
A method that uses two layers of encryption. A symmetric key is used to encrypt a message; then a public or private key is used to encrypt the sym- metric key.
digital private branch exchange (DPBX)
A private branch exchange (PBX) that sup- ports digital technologies such as Voice over IP (VoIP) and Session Initiation Protocol (SIP). See also private branch exchange (PBX), Voice over IP (VoIP), and Session Initiation Protocol (SIP).
digital rights management (DRM)
Any technology used to control the distribution and use of electronic content.
digital signature
The result of encrypting the hash of a message with the originator’s private encryption key, used to prove the authenticity and integrity of a message.
digital subscriber line (DSL)
A common carrier standard for transporting data from the Internet to homes and businesses.
directory
A structure in a file system that is used to store files and, optionally, other directories. See also file system.
directory system (DS)
See data dictionary.
disaster
An unexpected and unplanned event that results in the disruption of busi-
ness operations.
disaster declaration criteria
The conditions that must be present to declare a disaster, triggering response and recovery operations.
disaster declaration procedure
Instructions to determine whether to declare a disas- ter and trigger response and recovery operations. See also disaster declaration criteria.
disaster recovery and business continuity requirements
Formal statements that de- scribe required recoverability and continuity characteristics that a system must support.
disaster recovery plan
The activities required to restore critical IT systems and other critical assets, whether in alternate or primary locations. See also response document.
disaster recovery planning (DRP)
Activities related to the assessment, salvage, repair, and restoration of facilities and assets.
discovery sampling
A sampling technique where at least one exception is sought in a population. See also sampling.
discretionary access control (DAC)
An access model where the owner of an object is able to determine how and by whom the object may be accessed. The discretion of the owner determines permitted accesses by subjects.
disk array
A chassis in which several hard disks can be installed and connected to a server. The individual disk drives can be “hot swapped” in the chassis while the array is still operating.
disk management system (DMS)
An information system that is used to manage disk media, usually for the purpose of performing information backup. See also backup.
distributed denial of service (DDoS)
A denial of service (DoS) attack that originates from many computers. See also denial of service (DoS).
document review
A review of some or all disaster recovery and business continuity plans, procedures, and other documentation. Individuals typically review these docu- ments on their own, at their own pace, but within whatever time constraints or dead- lines that may have been established.
documentation
The inclusive term that describes charters, processes, procedures, standards, requirements, and other written documents.
domain name service (DNS)
A TCP/IP application layer protocol used to translate domain names (such as www.isecbooks.com) into IP addresses.
dropout
A momentary loss of power that lasts from a few milliseconds to a few seconds.
dry pipe
A fire sprinkler system used where ambient temperatures often drop below freezing. In this type of system, pipes are filled with compressed air. When sufficient heat causes one of the sprinkler head fuses to break, a control valve releases water into the piping. See also fire sprinkler system.
dual power feeds
The use of two physically separate electric power feeds into a facility.
dynamic host configuration protocol (DHCP)
A TCP/IP application layer protocol used to assign an IP address, subnet mask, default gateway, IP address of DNS servers, and other information to a workstation that has joined the network.
dynamic random access memory (DRAM)
The most common form of semiconduc- tor memory, where data is stored in capacitors that require periodic refreshing.
