Glossary D
- DSIG
- Disposal
- Disruption
- Disclosure
- DH
- Default Classification
- Decryption
- Demilitarize
- Decrypt
- Decode
- DAC
- Data Aggregation
- Data Confidentiality
- Data Encryption Standard
- Data Governance
- Data Integrity
- Data Link Layer
- Data Loss
- Data Loss Prevention
- Database
- DATO
- DDoS
- Decipher
- Dedicated Proxy Server
- Defense-in-Breadth
- Defense-in-Depth
- Degauss
- Deleted File
- Demilitarized Zone (DMZ)
- Deprecated
- DES
- Destroy
- Deterministic Algorithm
- DRBG
- Development Life Cycle
- Denial of Service ...
- Deny by Default
- DNS
- DNSSEC

Disruption
An unplanned event that causes the general system or major application to be inoperable for an unacceptable length of time (e.g., minor or extended power ...
Disclosure
Divulging of, or provision of access to, data.See NISTIR 8053 from ISO/TS 25237:2008 for more information.
Default Classification
Classification reflecting the highest classification being processed in an information system. Default classification is included in the caution statement affixed to an object.See CNSSI 4009-2015 for ...
Decryption
The process of transforming ciphertext into plaintext using a cryptographic algorithm and key.See NIST SP 800-56B Rev. 1 for more information.The process of changing ciphertext ...
Demilitarize
The process of preparing National Security System equipment for disposal by extracting all CCI, classified, or CRYPTO-marked components for their secure destruction, as well as ...
Data Aggregation
Compilation of individual data systems and data that could result in the totality of the information being classified, or classified at a higher level, ...
Data Confidentiality
Data Confidentiality deals with protecting against the disclosure of information by ensuring that the data is limited to those authorized or by representing the data in such ...
Data Encryption Standard
The symmetric encryption algorithm defined by the Data Encryption Standard (FIPS 46-2). See NIST SP 800-15 under DES for more information. Data Encryption Standard specified in FIPS 46-3. See NIST ...
Data Governance
A set of processes that ensures that data assets are formally managed throughout the enterprise. A data governance model establishes authority and management and decision making parameters ...
Data Integrity
A property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored. In this Recommendation, the statement ...
Data Link Layer
Layer of the TCP/IP protocol stack that handles communications on the physical network components such as Ethernet. See NIST SP 800-113 for more information
Data Loss Prevention
A systems ability to identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. ...
Dedicated Proxy Server
A form of proxy server that has much more limited firewalling capabilities than an application-proxy gateway.See NIST SP 800-41 Rev. 1 for more information.
Defense-in-Breadth
A planned, systematicset of multidisciplinary activities that seek to identify, manage, and reducerisk of exploitable vulnerabilities at every stage of the system, network, orsub-component life ...
Defense-in-Depth
The application of multiple countermeasures in a layered or stepwise manner to achieve security objectives. The methodology involves layering heterogeneous security technologies in the common ...
Deleted File
A file that has been logically, but not necessarily physically, erased from the operating system, perhaps to eliminate potentially incriminating evidence. Deleting files does not ...
Demilitarized Zone (DMZ)
Perimeter network segment that is logically between internal and external networks. Its purpose is to enforce the internal network’s Information Assurance (IA) policy for external ...
Deprecated
Means that the use of the algorithm and key length is allowed, but the user must accept some risk. The term is used when discussing the key lengths ...
Deterministic Algorithm
An algorithm that, given the same inputs, always produces the same outputs. See NIST SP 800-90A Rev. 1 for more information.
Development Life Cycle
(SDLC)The scope of activities associated with a system, encompassing the system’s initiation, development and acquisition, implementation, operation and maintenance, and ultimately its disposal that instigates ...
Denial of Service (DoS)
The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the ...