The dark web is made up of sites that are not indexed by search engines and are only accessible through specialty networks such as The Onion Router (ToR). Often, the dark web is used by website operators who want to remain anonymous. The ‘Dark Web’ is a subset of the ‘Deep Web’.
D
Dark web
Data
The basic element that can be processed or produced by a computer to convey information.
Data at rest
Information that resides on media or a system.
Data breach
The unauthorised movement or disclosure of sensitive private or business information.
Data dump
A large amount of data transferred from one system or location to another.
Data Encryption Algorithm
Data encryption algorithms are the algorithms that are used to encrypt and decrypt data. This algorithm type is used for encrypting data to encrypt and decrypt various parts of the message, including the body content and the signature.
Data in transit
Information that is being communicated across a communication medium.
Data protection
Data protection is the process of safeguarding important information from corruption, compromise or loss.
Data spill
The accidental or deliberate exposure of information into an uncontrolled or unauthorised environment, or to people without a need-to-know.
DBMS
Database management system
DCS
Distributed control system
DDoS
Distributed Denial-of-Service
DEA
Data Encryption Algorithm
Declassification
A process whereby information is reduced to an OFFICIAL level and an administrative decision is made to formally authorise its release into the public domain.
Decrypting RSA With obsolete and weakened encryption
A cross-protocol security bug that attacks servers supporting modern SSLv3/TLS protocol suites by using their support for the obsolete, insecure, SSL v2 protocol to leverage an attack on connections using up-to-date protocols that would otherwise be secure.
Decryption
The decoding of encrypted messages.
Deep web
The part of the internet that is not indexed by search engines. Includes websites that are password-protected and paywalled, as well as encrypted networks, and databases.
Default passwords
where a device needs a username and/or password to log in, a default password is usually provided that allows the device to be accessed during its initial setup, or after resetting to factory defaults.
Defence in depth
The implementation of multiple layers of security controls in a system to provide redundancy in the event a security control fails or a vulnerability is exploited.
Defence Intelligence Organisation
The Defence Intelligence Organisation is an Australian Government intelligence agency responsible for strategic intelligence and technical intelligence assessments, advising defence and government decision-making on national security and international security issues, and the planning and conduct of Australian Defence Force operations.
Degausser
An electrical device or permanent magnet assembly which generates a coercive magnetic force for the purpose of degaussing magnetic storage devices.
Degaussing
A process for reducing the magnetisation of a magnetic storage device to zero by applying a reverse (coercive) magnetic force, rendering any previously stored information unreadable.
Demilitarised zone
A small network with one or more servers that is kept separate from the core network, typically on the outside of the firewall or as a separate network protected by the firewall. Demilitarised zones usually provide information to less trusted networks, such as the internet.
Denial of Service
When legitimate users are denied access to computer services (or resources), usually by overloading the service with requests.
Denial-of-Service attack
An attempt by an adversary to prevent legitimate access to online services (typically a website), for example, by consuming the amount of available bandwidth or the processing capacity of the server hosting the online service.
Department of Home Affairs
The Department of Home Affairs is the Australian Government interior ministry with responsibilities for national security, law enforcement, emergency management, border control, immigration, refugees, citizenship, and multicultural affairs.
Device access control software
Software that can be used on a system to restrict access to communications ports. Device access control software can block all access to a communications port or allow access based on device types, manufacturer’s identification or even unique device identifiers.
DH
Diffie-Hellman
DHA
Department of Home Affairs
Dictionary attack
Where attackers use ‘password dictionaries’ or long lists of the most commonly-used passwords and character combinations against a password in order to guess it and break into a system.
Digital certificate
An electronic document used to identify an individual, a system, a server, a company, or some other entity, and to associate a public key with the entity. A digital certificate is issued by a certification authority and is digitally signed by that authority.
Digital footprint
The unique set of traceable activities, actions, contributions and communications that are manifested on the Internet or on digital devices.
Digital preservation
The coordinated and ongoing set of processes and activities that ensure long-term, error-free storage of digital information, with means for retrieval and interpretation, for the entire time span the information is required.
Digital signature
A cryptographic process that allows the proof of the source (with non-repudiation) and the verification of the integrity of that data.
Digital Transformation Agency
The Digital Transformation Agency is an Executive Agency within the Social Services Portfolio. The DTA exists to make it easy for people to deal with government, by helping government transform services to be simple, clear and fast.
DIO
Defence Intelligence Organisation
Diode
A device that allows data to flow in only one direction.
Disaster recovery
Disaster recovery involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity.
Distributed Denial of Service
A denial-of-service (DoS) where the source is comprised of multiple unique IP addresses used to flood the bandwidth or resources of a targeted system or network.
Distributed denial-of-service attack
A distributed form of denial-of-service attack.
DKIM
DomainKeys Identified Mail
DMA
Direct Memory Access
DMARC
Domain-based Message Authentication, Reporting and Conformance
DNS
Domain Name System
Domain
In the Internet, a part of a naming hierarchy in which the domain name consists of a sequence of names (labels) separated by periods (dots).
Note: There are multiple other technical and communications-related definitions for ‘domain’.
Domain Name System
The naming system that translates domain names into IP addresses.
Domain verification
When you are checked and verified as a legitimate user so you can see and access a website.
Domain-based Message Authentication, Reporting and Conformance
DMARC is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorised use, commonly known as email spoofing.
DomainKeys Identified Mail
DomainKeys Identified Mail is a system for authenticating email that works with modern Message Transfer Agent systems. This resource was created to help fight spam, and uses a digital signature to help email recipients determine whether an email is legitimate.
DoS
Denial of Service
DoS attacks
Denial of Service attacks
Downloader
A type of trojan that downloads other malware onto your PC. The downloader needs to connect to the Internet to download the files.
Doxing
Obtaining and publishing private or personally identifiable information about an individual over the internet. Information can be obtained through a range of methods including network compromise, social engineering, data breaches, or research.
Drive-by download
The unintended – automatic or accidental – download of malware from the internet.
Drive-by download attacks
Refers to the unintentional download of malicious code to your computer or mobile device that leaves you open to a cyberattack. You don't have to click on anything, press download, or open a malicious email attachment to become infected.
Driver
Software that interfaces a hardware device with an operating system.
Dropper
A type of trojan that installs other malware files onto your PC. The other malware is included within the trojan file, and does not require connection to the internet.
DROWN
Decrypting RSA With Obsolete and Weakened Encryption
Drupal
Drupal is a free and open-source web content management framework written in PHP and distributed under the GNU General Public License.
DSA
Digital Signature Algorithm
DTA
Digital Transformation Agency
Dual-stack network device
ICT equipment that implements both Internet Protocol version 4 and Internet Protocol version 6 protocol stacks.
