Term 271
Incident documentation
Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.
Term 271
Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.
Term 272
Incident management is the process of identifying, logging, prioritizing, and resolving IT service disruptions to restore normal operations as quickly as possible with minimal business impact.
Term 273
Incident response is the structured approach an organization uses to identify, contain, and recover from cybersecurity incidents like data breaches or ransomware attacks.
Term 274
The Incident response lifecycle is the structured process organizations follow to detect, contain, eradicate, and recover from cybersecurity incidents while learning from each event to improve future defenses.
Term 275
Incident severity is a classification used in IT incident management to describe the level of impact and urgency of an event, guiding response priority.
Term 276
Information security management is the systematic process of developing, implementing, monitoring, and improving policies, procedures, and controls to protect an organization's information assets from threats and ensure confidentiality, integrity, and availability.
Term 277
Inherent risk is the level of risk that exists in a process or system before any security controls or mitigations are applied.
Term 278
An initiative is a formal, structured effort or project undertaken by an organization to achieve a specific strategic goal, often involving changes to IT systems, policies, or processes.
Term 279
Insider Risk Management is the practice of identifying, assessing, and mitigating threats that originate from within an organization, such as employees, contractors, or partners who have legitimate access to systems and data.
Term 280
Inter-VLAN routing is the process of forwarding network traffic between different VLANs to enable communication across logically separated broadcast domains.
Term 281
An Internet gateway is a cloud networking component that provides a connection between a virtual private cloud (VPC) and the public Internet, enabling resources in the VPC to send and receive traffic to and from the Internet.
Term 282
An IP address is a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
Term 283
An IP conflict occurs when two devices on the same network attempt to use the same IP address, causing communication disruptions.
Term 284
A Cisco IOS command that forwards broadcast traffic from one subnet to a specific server on another subnet, allowing devices to obtain IP configuration or other services without needing a router or server on their local network.
Term 285
IP Source Guard is a network security feature that blocks IP address spoofing by verifying that each packet's source IP address matches an authorized binding assigned to that switch port.
Term 286
IPv4 is the fourth version of the Internet Protocol, a set of rules that assigns unique numerical addresses to devices so they can communicate over networks like the internet.
Term 287
An IPv4 address is a unique 32-bit numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
Term 288
IPv6 is the most recent version of the Internet Protocol, designed to replace IPv4 by providing a vastly larger number of unique addresses and improved network features.
Term 289
An IPv6 address is a 128-bit numeric label used to identify a device on an Internet Protocol network, designed to replace IPv4 due to the exhaustion of available addresses.
Term 290
An IPv6 global unicast address is a public, globally unique IP address assigned to a single network interface, allowing direct communication over the Internet.
Term 291
An IPv6 link-local address is a self-assigned, non-routable address used for communication between devices on the same network segment without needing a central server.
Term 292
Just-enough access is an identity and access management principle that grants users only the minimum permissions required to perform their specific job tasks, reducing security risks.
Term 293
Just-in-time access is a security method that grants users elevated permissions only for a limited time exactly when they need them, then automatically removes those permissions.
Term 294
KMS encryption is a managed service that creates, stores, and controls cryptographic keys used to encrypt data in the cloud.
Term 295
Kusto Query Language is a powerful read-only query language used to explore, analyze, and visualize large datasets, most notably in Azure Data Explorer and Microsoft Sentinel.
Term 296
A set of machines, called nodes, that work together to run and manage containerized applications using Kubernetes orchestration software.
Term 297
Kubernetes RBAC is a security mechanism that controls who can access and perform actions on resources in a Kubernetes cluster based on their role.
Term 298
Kubernetes security is the practice of protecting containerized applications, the Kubernetes cluster itself, and the underlying infrastructure from unauthorized access, data breaches, and system vulnerabilities.
Term 299
Kusto Query Language (KQL) is a read-only, high-performance query language used to analyze large datasets, especially for log monitoring, security investigations, and operational analytics in Microsoft Azure.
Term 300
A KVM switch is a hardware device that allows you to control multiple computers from a single keyboard, monitor, and mouse.