Glossary: D -TEISS® : Cracking Cyber Security

Glossary / Glossary: D

Glossary: D

1-10 a b c d e f g h i j k l m n o p q r s t u v w x y z

Dark Net A part of the internet where transactions and information sharing is anonymous because IP addresses (qv) are not publicly shared, allowing users to communicate in private; the dark net is often used for criminal purposes although there are many legitimate users too
Data Unorganised symbols (typically words and numbers) that have no meaning on their own. Data might be a list of class computer science test scores. See also Information, Knowledge, Wisdom
Data breach An event where sensitive data is disclosed, accidently or deliberately, to an unauthorised individual
Data integrity The state of data when it is complete, accurate and up to date, and has not been modified inappropriately
Data leakage See Data breach
Data Loss Prevention (DLP) The use of software to prevent or reduce the loss of data and information from IT systems
Data theft The deliberate theft (by copying or taking) of data or information, such as the credit card details of customers, for criminal purposes
DDoS See Distributed Denial of Service
Deep Net The part of the internet that is not commonly “crawled” i.e. read and recorded by popular search engines
Degauss To wipe a hard disk clean of data by de-magnetising it
Denial of service (DoS) A malicious attempt to make a website or other online service unavailable to users by interrupting the services of a computer connected to the Internet, often by bombarding it with requests from another computer so that it becomes overloaded
Dictionary attack A password-cracking attack that tries all of the phrases or words in a dictionary. See also Brute Force Attack and Hybrid Attack.
Digital certificate The electronic equivalent of an ID card that establishes your cre­dentials when transacting on the internet. As well as your identity it contains a serial number, expiration dates, a copy of your public key (qv) together with the digital signature of issuing authority as verification
Digital forensics The recovery and interpretation of relevant and integrious (qv) data after a cyber security breach, as a method of understanding why the breach happened or as a way of repairing data or IT systems. See also  Forensics
Digital signature A unique string of characters used to validate the authenticity of a message or document, or the identity of the person sending the message or document
Disaster Recovery Plan (DRP) An organisation’s documented set of procedures for recovering from a disaster; the disaster could be solely related to IT security or could be a wider disaster (such as an earthquake) that would most likely contain some implications for IT security
Distributed Denial of Service (DDoS) A Denial of Service (qv) attack that uses a botnet (qv) to make the attack harder to combat as it is launched from many computers at the same time
DLP See Data loss prevention
DNS Domain Name System. The way that Internet domain names are organised to allow websites to be located by other computers. A website’s domain name is easier to remember than its IP (qv) ad-dress (qv)
DNS cache poisoning A form of hacking that involves corrupting the DNS (qv) information held by a DNS server, a computer that directs traffic to websites, causing the DNS server to return an incorrect IP address to the computer that is looking for a website and resulting in that computer being directed to the wrong website, one that is prob­ably malicious
DNS hijacking See Domain hijacking
Domain hijacking An attack in which an attacker takes over a domain by first blocking access to the domain’s DNS (qv) server and then putting his own server up in its place.
Domain Name System See DNS
Domain shadowing The process of breaking into a web domain, building unauthorised and malicious sub-domains, and then directing people to those sub-domains for criminal purposes
Dongle A token (qv) used to identify a user as being authorised to access an IT system or information on it
Dormant code Malicious software that is designed to lie dormant until a par­ticular time, event or command triggers it; its dormancy makes it harder for anti-virus (qv) software to detect
DoS See Denial of Service
Drive by download attack An attack that involves the delivery of malicious software to a computer simply by that computer visiting a particular infected website, i.e. without the user taking any action such as clicking on a link or downloading a document
Drive-by pharming Tampering with wi-fi access points so that people using them are sent to fraudulent websites rather than the ones they are expect­ing. See also Pharming
DropBox A popular cloud computing (qv) service that allows people to store documents “in the cloud” and share them with other people
DRP See Disaster Recovery Plan
Dumpster diving An American term for recovering information from dustbins with the intention of using it for purposes such as corporate spying, social engineering (qv) or identity theft

Most Popular