Glossary

Web sites that are not indexed by search engines and are only accessible through special networks such as The Onion Router (ToR). Often, the dark web is used by website operators who want to remain anonymous. The ‘dark web’ is a subset of the ‘deep web’.

The basic element that can be processed or produced by a computer to convey information.

Data that resides on media or a system.

The unauthorised movement or disclosure of sensitive private or business information.

A large amount of data transferred from one system or location to another.

Data that is being communicated across a communication medium.

Data protection is the process of safeguarding important information from corruption, compromise or loss.

A location in which data is stored, managed and made available to users.

Measures used to protect the confidentiality, integrity and availability of data.

The accidental or deliberate exposure of data into an uncontrolled or unauthorised environment, or to people without a need-to-know.

Database management system

Distributed control system

A process whereby requirements for the protection of data are removed and an administrative decision is made to formally authorise its release into the public domain.

The decoding of encrypted messages.

The part of the internet that is not indexed by search engines. Includes websites that are password-protected and paywalled, as well as encrypted networks, and databases.

Where a device needs a username and/or password to log in, a default password is usually provided that allows the device to be accessed during its initial setup, or after resetting it to factory defaults.

The implementation of multiple layers of controls in a system to provide redundancy in the event a control fails or a vulnerability is exploited.

An electrical device or permanent magnet assembly which generates a magnetic force for the purpose of degaussing magnetic storage devices.

A process for reducing the magnetisation of a magnetic storage device to zero by applying a reverse magnetic force, rendering any previously stored data unreadable.

A small network with one or more servers that is kept separate from the core network, typically on the outside of the firewall or as a separate network protected by the firewall. Demilitarised zones usually provide data to less trusted networks, such as the internet.

When legitimate users are denied access to computer services (or resources), usually by overloading the service with requests.

An attempt by malicious actors to prevent legitimate access to online services (typically a website), for example, by consuming the amount of available bandwidth or the processing capacity of the server hosting the online service.

Software that can be used on a system to restrict access to communications ports. Device access control software can block all access to a communications port or allow access based on device types, manufacturer’s identification or even unique device identifiers.

Diffie-Hellman

Where attackers use ‘password dictionaries’ or long lists of the most commonly-used passwords and character combinations against a password in order to guess it and break into a system.

An electronic document used to identify an individual, a system, a server, a company, or some other entity, and to associate a public key with the entity. A digital certificate is issued by a certification authority and is digitally signed by that authority.

The unique set of traceable activities, actions, contributions and communications that are manifested on the internet or on digital devices.

The coordinated and ongoing set of processes and activities that ensure long-term, error-free storage of digital information, with means for retrieval and interpretation, for the entire time span the information is required.

A cryptographic process that allows the proof of the source (with non-repudiation) and the verification of the integrity of that data.

A device that allows data to flow in only one direction.

A set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity.

A distributed form of denial-of-service attack.

Direct Memory Access

In the internet, a part of a naming hierarchy which consists of a sequence of names (labels) separated by periods (dots).

Note: There are multiple other technical and communications-related definitions for ‘domain’.

The naming system that translates domain names into IP addresses.

An email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorised use, commonly known as email spoofing.

A system for authenticating emails that works with modern Message Transfer Agent systems. This resource was created to help fight spam, and uses a digital signature to help email recipients determine whether an email is legitimate.

A type of Trojan that downloads other malware onto a computer. The downloader needs to connect to the internet to download the files.

Obtaining and publishing private or personally identifiable information about an individual over the internet. Information can be obtained through a range of methods including network compromise, social engineering, data breaches, or research.

The unintentional download of malicious code to a computer or mobile device that leaves the user open to an attack. The user does not have to click on anything, download or open a malicious email attachment to have their computer or device infected.

Software that interfaces a hardware device with an operating system.

A type of Trojan that installs other malware files onto a computer or device. The other malware is included within the Trojan file, and does not require connection to the internet.

Digital Signature Algorithm

IT equipment that implements Internet Protocol version 4 and Internet Protocol version 6 protocol stacks.