Glossary29DData owner—The individual(s), normally a manager or director, who has responsibility for the integrity, accurate reporting and use of computerized dataDatabase—A stored collection of related data needed by enterprises and individuals to meet their information processing and retrieval requirementsDefense in depth—The practice of layering defenses to provide added protection. Defense in depth increases security by raising the effort needed in an attack. This strategy places multiple barriers between an attacker and an enterprise’s computing and information resources.Demilitarized zone (DMZ)—A screened (firewalled) network segment that acts as a buffer zone between a trusted and untrusted network. A DMZ is typically used to house systems such as web servers that must be accessible from both internal networks and the Internet.Denial-of-service attack (DoS)—An assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rateDigital forensics—The process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in any legal proceedingsDigital signature—A piece of information, a digitized form of signature, that provides sender authenticity, message integrity and nonrepudiation. A digital signature is generated using the sender’s private key or applying a one-way hash function.Domain name system (DNS)—A hierarchical database that is distributed across the Internet that allows names to be resolved into IP addresses (and vice versa) to locate services such as web and e-mail serversDomain name system (DNS) exfiltration— Tunneling over DNS to gain network access. Lower-level attack vector for simple to complex data transmission, slow but difficult to detect.Due care—The level of care expected from a reasonable person of similar competency under similar conditionsDue diligence—The performance of those actions that are generally regarded as prudent, responsible and necessary to conduct a thorough and objective investigation, review and/or analysisDynamic ports—Dynamic and/or private ports--49152 through 65535: Not listed by IANA because of their dynamic nature.