Glossary of Cyber Security Terms

Essential Vocabulary for Navigating the World of Cyber Security

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

D

Daemon

An unsung hero of system tasks, a daemon is a software program operating in the background of Unix-like systems. Performing pivotal functions, daemons often spring into action from the moment a system boots up.

Darknet

Consider this the enigmatic underbelly of the Internet, a private network where connections materialize only amidst trusted peers utilizing unconventional protocols and ports. Often synonymous with anonymity, and unfortunately, nefarious activities, due to its penchant for privacy.

Data Aggregation

Imagine a vast assortment of data from varied sources coming together in a cohesive, summarized package. Data aggregation provides a comprehensive, bird's eye view of various records, offering invaluable insights for data analysis.

Data Custodian

In the data realm, a custodian is akin to a responsible guardian, tasked with utilizing or manipulating data temporarily, thereby assuming momentary stewardship over it.

Data Encryption Standard (DES)

A popular method for data encryption, DES employs a private (or secret) key, boasting a staggering number of potential encryption keys, each more cryptic than the last.

Data Loss Prevention (DLP)

The security protocol for ensuring that critical or sensitive information doesn't stray beyond the corporate network. Also associated with software solutions that empower network administrators to control user data transfer.

Data Mining

This is the powerful shovel used to delve into existing information, unearthing novel business opportunities or strategies with each dig.

Data Owner

In data terms, an owner is the authoritative entity with the mantle of responsibility for the data, holding the keys to the data kingdom.

Data Warehousing

Think of it as a grand data unification process, integrating multiple, independent databases into a single, comprehensive repository.

Datagram

A self-sufficient data packet, packed with all the details it needs to navigate from source to destination computer, independent of previous exchanges or the transporting network's help.

Deauthentication Attack

An aggressive disruption of the connection between a user and a Wi-Fi network, this attack bombards the victim or access point with a storm of deauthentication packets.

Decapsulation

A layer-by-layer unveiling process in which headers are stripped off at each layer and the remaining packet is passed up to the next layer in the protocol stack.

Decryption

The reverse-engineering process of transforming encrypted data back into its original, readable form.

Deepfake

A perfect blend of AI and creative editing to generate or alter video and audio content, resulting in convincing yet fabricated renditions of someone saying or doing something they didn't.

Defacement

A digital graffiti act of modifying a website's content, leaving it vandalized and often embarrassing to the website owner.

Defense In-Depth

A strategic security approach using multiple defensive layers to cushion against the failure of a single security component, offering a multi-tiered security fortress.

Demilitarized Zone (DMZ)

In cybersecurity terms, this is a network buffer zone sandwiched between an organization's internal network and an external one, typically the Internet.

Denial of Service

A type of cyber onslaught that targets a machine or network resource, aiming to render it inaccessible to its intended users.

Dictionary Attack

A systematic, brute-force cyber attack that attempts to crack a password by cycling through all the phrases or words in a dictionary.

Diffie-Hellman

A crucial key agreement protocol, allowing two parties to establish a shared secret over an unsecured channel, forging a secure connection amidst insecurity.

Digest Authentication

A secure method of authentication that allows a web client to prove their password possession, securely safeguarding against potential eavesdroppers.

Digital Certificate

A digital passport, this electronic document serves to prove the ownership of a public key.

Digital Envelope

A digital envelope contains an encrypted message bundled securely with an encrypted session key.

Digital Signature

A sophisticated mathematical technique utilized to authenticate the integrity and authenticity of a message, software, or digital document.

Digital Signature Algorithm (DSA)

An asymmetric encryption system designed to deliver authentication, integrity, and non-repudiation through digital signatures.

Digital Signature Standard (DSS)

The U.S. Government's official stamp of approval for the Digital Signature Algorithm (DSA).

Disassembly

The digital archaeology of converting a binary program back into its original source code.

Disaster Recovery Plan (DRP)

A tactical blueprint for tackling disruptions and disasters, the DRP is geared towards quick recovery and the uninterrupted continuation of IT services.

Discretionary Access Control (DAC)

An access policy shaped by the resource's owner, governing access based on the user's identity or the group they belong to.

Disruption

Any event that interrupts or impairs the smooth operation of system services and functions.

Distance Vector

A type of routing protocol that employs algorithms to find the optimal path for data transmission.

Distributed Scans

Scanning using multiple source addresses to gather information, often utilized in cybersecurity to uncover network vulnerabilities.

DLL Injection

A technique for executing code within another process's address space by compelling it to load a dynamic-link library, often misused to execute malware or exploit software.

DNS Spoofing

A cunning computer security hack where the data in a Domain Name System server is substituted, rerouting internet traffic to the attacker's computer.

Domain

In network terms, a domain is a knowledge sphere or a set of network addresses identified by a name.

Domain Hijacking

A domain takeover attack where the attacker obstructs access to the domain's DNS server and then replaces it with their own server.

Domain Name

A unique name that identifies one or more IP addresses, such as "www.sans.org", which identifies an Internet address for "sans.org" and a specific host server named "www".

Domain Name System (DNS)

The Internet's own directory, the DNS translates Internet domain names into IP addresses.

Drive-by Download

An unintentional software download from the Internet, often unbeknownst to the user.

Due Care

A legal principle referring to the efforts made by a reasonable party to prevent harm to oneself or others.

Due Diligence

The requisite care and attention required to avoid harm to oneself or others.

DumpSec

A powerful security tool that unloads a wealth of information about a system's users, file system, registry, permissions, password policy, and services.

Dumpster Diving

The practice of rummaging through discarded material, such as trash, to unearth useful information, including corporate or personal data.

Dynamic Link Library

A compilation of small programs or dynamic-link libraries, any of which can be summoned when required by a larger program running on the computer.

Dynamic Routing Protocol

A type of network protocol allowing routers to engage in information exchange about the best paths between networks and reporting any network downtimes.