Term 211
Data protection
Data protection refers to the practices and technologies used to safeguard personal and sensitive information from unauthorized access, loss, or corruption.
Acronym study
Terms 211–240 of 956 220-1102 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 211
Data protection refers to the practices and technologies used to safeguard personal and sensitive information from unauthorized access, loss, or corruption.
Term 212
Data remanence is the residual representation of data that remains on a storage medium even after attempts to erase or remove it.
Term 213
Data residency is the physical or geographical location where an organization's data is stored and processed, often subject to local laws.
Term 214
Data retention is the practice of keeping data for a specific period to meet legal, business, or compliance needs, and then securely disposing of it.
Term 215
Data sanitization is the process of deliberately, permanently, and irreversibly removing or destroying data stored on a device or media so that it cannot be recovered or reconstructed by any known method.
Term 216
A DDoS (Distributed Denial-of-Service) attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic from multiple compromised systems.
Term 217
A deauthentication attack is a wireless network exploit where an attacker sends fake disconnection frames to force devices off a Wi-Fi network, often used to capture handshake data or disrupt connectivity.
Term 218
Decryption is the process of converting encrypted or scrambled data back into its original, readable form using a specific key or method.
Term 219
A configuration in IT systems where security services or appliances operate in an isolated, single-purpose environment to prevent interference with other functions and reduce attack surface.
Term 220
A default app is the program that your operating system automatically uses to open a specific type of file or perform a certain task, such as opening a web link or viewing a photo.
Term 221
Microsoft Defender for Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) that provides unified security management and threat protection across hybrid and multi-cloud environments.
Term 222
Defender for Cloud Apps is a Microsoft cloud access security broker (CASB) that helps you discover, protect, and govern your cloud applications and data across multiple cloud environments.
Term 223
Microsoft Defender for Endpoint is a cloud-delivered enterprise security solution designed to protect devices from cyber threats using behavioral analysis, machine learning, and automated investigation.
Term 224
Defender for Identity is a cloud-based security solution that detects, investigates, and responds to advanced identity threats targeting on-premises Active Directory and cloud identities.
Term 225
Microsoft Defender for Office 365 is a cloud-based email security service that protects organizations against advanced threats like phishing, malware, and business email compromise by scanning emails, attachments, and links in real time.
Term 226
Defense in depth is a cybersecurity strategy that uses multiple layers of security controls to protect information and systems, so if one layer fails, another layer is already in place to stop the attack.
Term 227
Delete device is the process of removing a device from an organization's management system, typically in Microsoft Intune or Azure AD, which revokes its access to corporate resources and management policies.
Term 228
Delivery Optimization is a Windows feature that uses peer-to-peer sharing and other sources to download updates and apps more efficiently, reducing network strain.
Term 229
A Denial-of-service (DoS) attack is an attempt to make a computer, network, or online service unavailable to its intended users by overwhelming it with fake traffic or requests.
Term 230
Dependency scanning is the automated process of checking software components for known security vulnerabilities and outdated versions.
Term 231
Detection engineering is the practice of designing, building, and refining security monitoring rules and signals to identify malicious activity in an IT environment.
Term 232
A detective control is a security measure that identifies and reports unwanted or suspicious activity after it has already occurred.
Term 233
A deterrent control is a security measure designed to discourage potential attackers from attempting to breach a system or commit a violation, relying on the perceived threat of consequences.
Term 234
Device Guard is a Windows security feature that uses hardware and software virtualization to lock down a device so only trusted, approved applications can run.
Term 235
Device Manager is a built-in Windows tool that shows you all the hardware connected to your computer and lets you manage the drivers that make that hardware work.
Term 236
Device risk is the chance that a computer, phone, or other endpoint could cause a security problem or data leak because it is not properly managed or protected.
Term 237
DevSecOps is a software development practice that integrates security into every phase of the DevOps lifecycle, making security a shared responsibility from the start.
Term 238
A DHCP pool is a reserved set of IP addresses that a DHCP server can assign to devices on a network automatically when they request a connection.
Term 239
A DHCP server is a network device or service that automatically assigns IP addresses and other network configuration parameters to devices on a network, eliminating the need for manual configuration.
Term 240
DHCP snooping is a network security feature that filters untrusted DHCP messages to prevent rogue DHCP servers from giving out false IP addresses.