D
DAA (Designated Approving Authority), 241
DAC (discretionary access control), 63–64, BC8
D-A-D (disclosure, alteration, destruction), 125
data access controls, 63–67
data aggregation, 250–251
data bus, 226
data classification, 127–129
data communications equipment (DCE), 80
data compression, 98
data dictionary, 160, BC8
data encryption, 98
Data Encryption Standard (DES), 199–201, BC9
data export, in MAC, 65
data hiding, 171
data import, in MAC, 65
Data Link Connection Identifiers (DLCI), 89
Data Link Layer (Layer 2), OSI model, 81–92
data mining, 160–161
data network. See network
data ownership, with DAC, 63
data processing continuity planning, 290–291
data representation, 98
Data Terminal Equipment (DTE), 80, 92
data warehouse, 160–161, BC8
database, 158–161
database management system (DBMS), BC8
DCE (data communications equipment), 80
DDOS (Distributed Denial of Service), 177
decentralized access controls, 61
decision support, 160
Decode Unit, 224
decryption, BC8
dedicated mode, 230
defense in depth, 125, 170–171, BC9
Defense Information Technology Security Certification and Accreditation Process (DITSCAP), 242, BC9
delegation, 157
demonstrative evidence, 324, BC9
Denial of Service (DoS) attack, 115, 177, BC9
DES (Data Encryption Standard), 199–201, BC9
design of system, 165
design review of system, 165
Designated Approving Authority (DAA), 241
detective controls, 259, BC9
deterrent controls, BC9
development process. See software development life cycle; systems development life cycle
Diameter protocol, 60, 111, BC9
dictionary attack, 62, 177–178, BC9
Diffie-Hellman algorithm, 206–207, BC9
digest, message, 208–210
digital certificate, BC9
digital signaling, 78
Digital Signature Standard (DSS), 208, BC10
Digital Subscriber Line (xDSL), 88, BC30
digital watermarking, 198
direct addressing, 228
direct evidence, 324, BC9
Directive 95/46/EC on the protection of personal data, 322
Disaster Recovery Institute International (DRII), 378
Disaster Recovery Planning. See DRP
disasters, types of, 278–279
disclosure, alteration, destruction (D-A-D), 125
discretionary access control (DAC), 63–64, BC8
discretionary security property, 233
disk mirroring (RAID Level 1), BC9
disk striping (RAID Level 0), BC9
disk striping with parity (RAID Level 5), BC9
distributed application, 154–156, BC9
Distributed Denial of Service (DDOS), 177
DITSCAP (Defense Information Technology Security Certification and Accreditation Process), 242, BC9
DLCI (Data Link Connection Identifiers), 89
documentary evidence, 324, BC10
dogs, 347
domains, 10, 19–24, BC10. See also specific domains
DoS (Denial of Service) attack, 115, 177, BC9
DRAM (Dynamic RAM), 227
DRII (Disaster Recovery Institute International), 378
DRP (Disaster Recovery Planning). See also Business Continuity and Disaster Recovery Planning domain
compared to BCP (Business Continuity Planning), 279–280
emergency response for, 296–297
external communications for, 297
personnel notification, 297
personnel safety for, 298
physical security for, 298
plan for, developing, 296–297
plan for, testing, 298–299
prevention included in, 298
resources for, 299
World Trade Center attacks, changing future planning for, 279
DSS (Digital Signature Standard), 208, BC10
DTE (Data Terminal Equipment), 80, 92
dual-homed gateway, 103–104
due care, 305, BC10
due diligence, 305, BC10
dumb card, 347
dumpster diving, 269, BC10
dynamic password, 53, BC10
Dynamic RAM (DRAM), 227
EAN: 2147483647
Pages: 242