D

data decryption field (DDF)

Used in EFS encryption to store the symmetric key used to encrypt and decrypt a file stored with the encryption attribute enabled. The DDF contains the file encryption key used to encrypt a file and is encrypted using the user's public key. Only the user who encrypted the file can then decrypt the DDF and retrieve the file encryption key and decrypt the file.

Data Link layer

Layer 2 of the OSI model. The Data Link layer is responsible for the physical addressing of computer. It contains two sublayers: the Logical Link Control layer and the Media Access Control (MAC) layer. The MAC address derives its name from the second sublayer.

data recovery field (DRF)

Used in EFS encryption to store the symmetric key used to encrypt and decrypt a file stored with the encryption attribute enabled. The DRF contains the file encryption key used to encrypt a file and is encrypted using the recovery agent's public key. Only the recovery agent can then decrypt the DRF and retrieve the file encryption key and decrypt the file.

decryption

The process of taking an encrypted file and decoding the encryption so that it can be read in its original format.

default gateway

The interface that can provide a computer with access outside of its own subnet. This is usually an interface on a router, but it could also be a network interface card on a server or another client computer.

Demilitarized Zone (DMZ)

Usually existing between (logically) two firewalls, a DMZ is considered a neutral area that is not part of the local network, nor is it part of the Internet. Servers are placed in the DMZ that should be accessed from the Internet but still need to be managed from locations on the local network. The DMZ prevents outside users from getting direct access to a server that has company data on the local network. The term comes from the geographic buffer zone that was set up between North Korea and South Korea following the United Nations' "police action" in the early 1950s.

destination host unreachable

An error message sent by ICMP when using the ping tool. This error message is usually sent from a router and indicates that the host is recognized by the network but cannot be reached at this time.

dialup

A remote connection that is formed using two modems. One modem is used to dial in to a network and another modem answers the first one.

differential backup

A backup that uses a special bit called an archive bit to identify all of the files that have changed since the last full backup. The differential backup does not clear the archive bits after it copies the files; therefore, all files that have changed since the last full backup will be copied again on the next differential backup.

digital certificate

See certificate.

digital signature

Certificates used to prove the identity of the user or company. Often used for signing e-mail or for code signing. Provides nonrepudiation.

Directory Service Manager for NetWare (DSMN)

A program that can be installed on Microsoft servers that allows them to see a Novell Directory Services (NDS) server as they see a Microsoft Windows Active Directory domain controller.

Discretionary Access Control List (DACL)

That part of the Access Control List (ACL) that can be modified using the Security tab in the resource's Properties dialog box. The DACL lists user and group security IDs (SIDs) that have access to the resource along with each SID's level of access. Each entry is called an Access Control Entry (ACE). The Deny Access permission is also listed at the top of the DACL. Together with the Security Access Control List (SACL), the DACL forms the overall ACL.

Disk 0

The first physical disk in a computer. This is the disk that must always contain the active partition.

disk duplexing

A RAID 1 configuration in which each of the two hard disks has its own controller card.

disk mirroring

A RAID 1 configuration in which two hard disks share one controller card.

display device

A device that produces visual output that a user can see and interpret.

Domain Name Services (DNS)

A service consisting of network-based servers that provide hostname resolution for clients and servers on a TCP/IP network.

drivers

Software that allows the hardware to communicate with the operating system. Each driver is designed specially for a hardware device and a specific operating system.

dynamic disks

A new type of disk management that allows a tremendous amount of flexibility over that of a basic disk. Dynamic disks can contain as many volumes as needed.

Dynamic Host Configuration Protocol (DHCP) servers

Network-based servers that can automatically assign and configure an IP address and many other network configuration parameters onto a client computer when the client computer is started up on the network.

Dynamic (or Private) Ports

Port numbers ranging from 49152 to 65535 that are not assigned to any application, service, or protocol and can therefore be used by any of them.