ThorTeaches.com CISSP, CISM, CC training logo

CISM D3: Information Security Program

DevSecOps

DevSecOps: An extension of the DevOps methodology, this approach integrates security into the development and operation processes. It advocates for security considerations and controls to be included from the initial stages of software development rather than being an afterthought or standalone phase. It underscores a “security as code” culture with ongoing, flexible collaboration between release […]

Directory

Directory: In the context of computing, a directory is a file system cataloging structure that contains references to other computer files and possibly other directories. On many computers, directories are known as folders. In operating systems, directories are used to organize files in a hierarchical structure, providing a convenient means to access data stored within […]

DFDs (Data Flow Diagrams)

DFDs (Data Flow Diagrams): Graphical representations of the flow of data through an information system. They map out the data inputs, processing steps, data storage, and output processes involved in handling data. DFDs are used for system analysis and design and can help in understanding the complexities of systems, ensuring that all components are well-integrated […]

Discretionary Access Control (DAC)

Discretionary Access Control (DAC): A type of access control where the owner or administrator of the protected system, data, or resource sets the policies defining who or what is authorized to access the resource. In DAC models, access is based on the discretion of the owner. Users can be granted permission by an owner to […]

Dial Back

Dial Back: A security mechanism often used in remote authentication systems where the system disconnects a user after initial identification and then reconnects by dialing a pre-configured number. This process ensures that the connection is being established with a trusted source, thus reducing the risk of unauthorized access. It can be used in both telecommunications […]

Diskless Workstations

Diskless Workstations: Computers that do not have internal storage. Instead, they rely on a network connection to a server from which they access operating systems, applications, and data. This approach can reduce the risk of local data theft or loss and makes system maintenance easier, as updates and changes can be performed centrally on the […]