vocabularyD Flashcards
D
The 3DES decryption algorithm.
DAC
Discretionary Access Control is an identity-based access control. This means that the user must be authenticated as a specific user, and, based on those privileges, can specify who else can access that object. DAC gives the owner the ability to specify access restrictions.
Data
Specially formatted, binary machine-readable information. Data can exist as numbers, text, bits, or bytes.
Data-link Layer
The layer of the ISO/OSI reference model that handles the actual data packet transfer and physically gives it to the interface. This layer handles physical addressing, error handling, and flow control.
Data Classification
The process of identifying data and putting it into a specific category to determine importance. It identifies the value of data, satisfies the legal or regulatory criteria, and aids in choosing appropriate controls.
Data Hiding
An object-oriented programming technique where the only access to data is through carefully designed methods.
Data Mining
The process of moving through different data repositories and fetching summary data.
Data Warehouse
A repository of information from multiple databases in which the schema or data layout is set up in a very generic way to provide easy access from data piece to data piece without going through a hierarchical structure.
Database
A collection of information organized in rows and columns. The information can be analyzed once it has been organized.
DBMS
Database management system is a class of software made up of different architectures that are dependent upon the required task. The DBMS acts as an interface between the database and the user.
DDoS
Distributed denial of service is many compromised systems attacking a single target causing DoS for other users.
DDoS Attack
Distributed denial of service is many compromised systems attacking a single target causing DoS for other users.
Decentralized Authentication
An authentication type in which administrative access is handled closer to the objects that are being controlled, such as multiple machines with information like a security domain.
DES
Data Encryption Standard is a symmetric cryptographic algorithm standard published in 1977 and adopted by the US Government as standard for all data communications. DES uses 64-bit blocks and a 56-bit key to test key validity.
Dial-up
A technology that uses a public telephone network to connect to a system rather than a dedicated private network.
Dictionary Attack
A selective attack where a dictionary of common words, identification credentials, or frequently used user IDs are submitted to the authentication device.
Differential Backup
A backup type similar to an incremental backup, but with a larger given time span every time a backup is cut.
Diffie-Hellman Exchange
A key distribution algorithm that is used to calculate and exchange values that result in each party possessing the same key that may be used for secret key encryption.
Digital Certificate
A copy of a persons public key that is endorsed by a trusted third party.
Digital Signature
A process used to verify the authenticity of a message or user by matching digests.
Distributed Environment
An environment in which application components execute on multiple machines.
DITSCAP
The Defense Information Technology Security Certification and Accreditation Process is a standard for certification and accreditation of computer systems generally pertaining to the US Department of Defense.
DMZ
A demilitarized zone is an area that exists between two networks that do not trust each other.
Domain
A group of computers on a network that share a Security Accounts Manager database and security policies.
DoS
A denial of service attack disables the services of a resource that a user or organization would typically expect to have.
DoS Attack
A Denial of Service attack attempts to stop a network by flooding it with useless traffic. A DoS system is used as a master to communicate with, and host hacking tools from the Internet allowing the hacker to send out attacks using a single command.
DoS Attack
A denial of service attack disables the services of a resource that a user or organization would typically expect to have.
DRP
Disaster recovery plan is used for restoring critical business functions after a disaster to the point it was prior to the disaster. The plan specifically covers disasters not addressed in the BCP.
DSA
Digital Signature Algorithm is an asymmetric algorithm used to authenticate digital signatures with a variable length key size from 512 to 1024 bits. DSA works with SHA-1 digests.
DSL
Digital Subscriber Line is a technology type that uses existing twisted pairs to provide high-speed connections.
DSS
Digital Signature Standard is the documentation or standard that was set forth by NIST for all cryptography uses with respect to government entities. It specifies that DSA is used for digital signatures and SHA-1 is used for hashing functions.
Dual-Homed Host
A firewall architecture that is similar to a screened-host, but the bastion host contains two NICs. One NIC is connected to the trusted network and the other is connected to the untrusted network. A router is placed between the bastion host and each network allowing the bastion host to filter messages between networks.
Due Care
Showing reasonable care to protect the assets of an organization.
Due Care
Showing that reasonable care is used to protect the assets of an organization.
Due Diligence
The act of taking sufficient steps to ensure the standards of due care are perpetually being upheld.
Dumpster Diving
Extracting useful information from discarded trash.