Term 1
802.1X
802.1X is a network access control standard that authenticates devices before they are allowed to connect to a wired or wireless network.
Acronym study
Terms 1–30 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 1
802.1X is a network access control standard that authenticates devices before they are allowed to connect to a wired or wireless network.
Term 2
A/B testing is a controlled experiment that compares two versions of a single variable to determine which one performs better against a predefined metric.
Term 3
An acceptable use policy is a set of rules that an organization creates to define how employees and other users may use its computer systems, networks, and data.
Term 4
Access control is the security practice of determining who or what is allowed to view, use, or enter a resource, and under what conditions.
Term 5
An access key is a unique identifier and secret code pair used to authenticate requests to cloud storage services, ensuring only authorized users or applications can access data.
Term 6
An access port is a switch port that connects to a single end device, like a computer or printer, and carries traffic for only one VLAN.
Term 7
An access review is a periodic audit process where administrators check and confirm which users have permissions to what resources, ensuring only authorized people retain access.
Term 8
A digital key that a computer system gives you to prove your identity and grant you permission to access specific resources or perform actions.
Term 9
An Access Control List is a set of rules that determines who or what can access specific network resources or data.
Term 10
An Action group is a collection of notification and automation settings that defines how an Azure Monitor alert responds when triggered, such as who gets emailed, which phone numbers get called, or which automated tasks run.
Term 11
Active reconnaissance is the process of directly interacting with a target system or network to gather information, often through scanning and probing.
Term 12
An activity log is a record of all operations performed on Azure resources, capturing who did what, when, and where, for auditing and troubleshooting purposes.
Term 13
A cybersecurity exercise where a team mimics the tactics, techniques, and procedures of a real attacker to test an organization's defenses without causing actual harm.
Term 14
Adware is software that automatically displays or downloads unwanted advertisements, often bundled with free programs, and may track user behavior without clear consent.
Term 15
ALE (Annualized Loss Expectancy) is a risk management formula that estimates the yearly monetary loss from a specific threat to an asset.
Term 16
An alert is a notification that something unusual or potentially harmful has happened in a computer system or network.
Term 17
Alert fatigue is the desensitization and overwhelming feeling security analysts experience when they receive so many security alerts that they begin to ignore or miss them.
Term 18
An alert rule is a set of conditions and actions that trigger a notification when a monitored metric or log reaches a predefined threshold.
Term 19
An alerting policy is a set of rules that defines when to send notifications about a system condition that needs attention.
Term 20
Amazon CloudWatch is a monitoring service for AWS resources and applications that collects metrics, logs, and events to help you observe and troubleshoot your cloud infrastructure.
Term 21
In incident response, analysis is the process of examining data and events to determine what happened, how it happened, and what actions to take.
Term 22
Anonymization is the process of removing or altering personally identifiable information so that an individual cannot be identified, directly or indirectly, from the remaining data.
Term 23
Anti-malware is software that detects, prevents, and removes malicious software from computers, networks, and devices.
Term 24
An anti-malware policy is a set of rules and procedures that an organization enforces to prevent, detect, and remove malicious software from its computers and networks.
Term 25
An anti-phishing policy is a set of rules and technical controls that organizations use to detect, block, and respond to email or message-based attacks that trick users into revealing sensitive information.
Term 26
An anti-spam policy is a set of rules and filters used by email systems to automatically detect and block unwanted, unsolicited, or harmful messages before they reach a user's inbox.
Term 27
API security is the practice of protecting application programming interfaces from attacks by ensuring only authorized users and applications can access data and functions.
Term 28
An app protection policy is a set of rules that controls how data is handled and secured within mobile applications, ensuring corporate information stays safe even on personal devices.
Term 29
An Application Security Group (ASG) is a cloud networking feature that groups virtual machines logically and allows you to apply security rules based on the application workload, rather than individual IP addresses.
Term 30
ARO stands for Annualized Rate of Occurrence, a number that estimates how often a specific threat or risk event is expected to happen in a single year.