CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [292]
differential backup A type of backup that includes only new files or files that have changed since the last full backup. Differential backups differ from incremental backups in that they don’t clear the archive bit upon their completion.
Diffie-Hellman An asymmetric standard for exchanging keys. This cryptographic algorithm is used primarily to send secret keys across public networks. The process isn’t used to encrypt or decrypt messages; it’s used merely for the transmission of keys in a secure manner.
digital signature An asymmetrically encrypted signature whose sole purpose is to authenticate the sender.
directory A network database that contains a listing of all network resources, such as users, printers, groups, and so on.
directory service A network service that provides access to a central database of information, which contains detailed information about the resources available on a network.
direct-sequence (DS) A method of communication between wireless receivers.
direct-sequence spread spectrum (DSSS) A communications technology that is used to communicate in the 802.11 standard.
disaster recovery The act of recovering data following a disaster that has destroyed it.
disaster recovery plan A plan outlining the procedure by which data is recovered after a disaster.
Discretionary Access Control (DAC) A method of restricting access to objects based on the identity of the subjects or the groups to which they belong.
disk mirroring Technology that keeps identical copies of data on two disks to prevent the loss of data if one disk faults.
disk striping Technology that enables writing data to multiple disks simultaneously in small portions called stripes. These stripes maximize use by having all the read/write heads working constantly. Different data is stored on each disk and isn’t automatically duplicated (this means disk striping in and of itself doesn’t provide fault tolerance).
disk striping with parity A fault-tolerance solution of writing data across a number of disks and recording the parity on another. In the event any one disk fails, the data on it can be re-created by looking at the remaining data and computing parity to figure out the missing data.
distributed denial of service (DDoS) attack A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public. See denial of service (DoS) attack.
DMZ See demilitarized zone (DMZ).
DNS See Domain Name Service (DNS).
DNS server Any server that performs address resolution from a DNS fully qualified domain name (FQDN) to an IP address. See also Domain Name Service (DNS), Internet Protocol (IP).
DNS zone An area in the DNS hierarchy that is managed as a single unit. See also Domain Name Service (DNS).
DoD Networking Model A four-layer conceptual model describing how communications should take place between computer systems. The four layers are Process/Application, Host-to-Host, Internet, and Network Access.
domain Within the Internet, a group of computers with shared traits and a common IP address set. A domain can also be a group of networked Windows computers that share a single SAM database. See also Security Accounts Manager (SAM).
Domain Name Service (DNS) The network service used in TCP/IP networks that translates hostnames to IP addresses. See also Transmission Control Protocol/Internet Protocol (TCP/IP).
DoS attack See denial of service (DoS) attack.
DS See direct-sequence (DS).
dual-homed host A host that resides on more than one network and possesses more than one physical network card.
dumb terminal A keyboard and monitor that send keystrokes to a central processing computer (typically a mainframe or minicomputer) that returns screen displays to the monitor. The unit has no processing power of its own, hence the moniker “dumb.”
Dumpster diving Looking