Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

CompTIA CySA+ CS0-003/Acronyms/Part 11

Acronym study

CS0-003 Acronyms — Part 11 of 18

Terms 301–330 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 10Part 11 of 18Part 12 →

Term 301

Network Security Group

A Network Security Group is a set of rules that controls inbound and outbound traffic to Azure resources like virtual machines and subnets.

Full entry →
Full Network Security Group glossary entry →

Term 302

Network telemetry

Network telemetry is the automated process of collecting, transmitting, and analyzing data from network devices to monitor performance, detect issues, and improve security in real time.

Full entry →
Full Network telemetry glossary entry →

Term 303

Network Watcher

Network Watcher is a monitoring and diagnostics service used in cloud environments to track network traffic, detect issues, and analyze performance between virtual machines and other resources.

Full entry →
Full Network Watcher glossary entry →

Term 304

Nikto

Nikto is an open-source web server scanner that tests for potentially dangerous files, outdated server software, and configuration issues.

Full entry →
Full Nikto glossary entry →

Term 305

NSG flow logs

NSG flow logs are records of IP traffic flowing through an Azure Network Security Group, used for monitoring, analysis, and troubleshooting network security.

Full entry →
Full NSG flow logs glossary entry →

Term 306

OAuth abuse

OAuth abuse is the exploitation of the OAuth authorization framework by attackers to gain unauthorized access to user data or systems by manipulating tokens, redirects, or consent processes.

Full entry →
Full OAuth abuse glossary entry →

Term 307

OpenVAS

OpenVAS is an open-source vulnerability scanner that helps IT professionals identify security weaknesses in networks, systems, and applications.

Full entry →
Full OpenVAS glossary entry →

Term 308

Operational intelligence

Operational intelligence is the real-time analysis of IT system data to detect patterns, anomalies, and threats as they happen, enabling immediate action to protect systems and maintain performance.

Full entry →
Full Operational intelligence glossary entry →

Term 309

Origin access control

Origin access control is a security mechanism that restricts access to a network, system, or resource based on the verified identity or attributes of the requesting entity.

Full entry →
Full Origin access control glossary entry →

Term 310

OWASP Top 10

The OWASP Top 10 is a regularly updated list of the most critical security risks to web applications, published by the Open Web Application Security Project (OWASP) to help developers and security professionals prioritize and mitigate common vulnerabilities.

Full entry →
Full OWASP Top 10 glossary entry →

Term 311

Packet capture

Packet capture is the process of intercepting and recording data packets traveling over a computer network for analysis.

Full entry →
Full Packet capture glossary entry →

Term 312

Parameter Store

Parameter Store is a secure, centralized service for storing and managing configuration data, secrets, and environment variables used by applications and IT infrastructure.

Full entry →
Full Parameter Store glossary entry →

Term 313

Pass-the-hash

Pass-the-hash is a cyberattack where an attacker captures the hash of a user's password and uses it to authenticate to other systems without ever knowing the actual password.

Full entry →
Full Pass-the-hash glossary entry →

Term 314

Passive reconnaissance

Passive reconnaissance is the process of gathering information about a target system or network without directly interacting with it, using publicly available sources and stealthy observation.

Full entry →
Full Passive reconnaissance glossary entry →

Term 315

Password policy

A set of rules designed to enhance computer security by encouraging users to create strong, secure passwords and store them properly.

Full entry →
Full Password policy glossary entry →

Term 316

Password spraying

Password spraying is a type of brute-force attack where an attacker tries a few commonly used passwords against many different accounts to avoid account lockouts.

Full entry →
Full Password spraying glossary entry →

Term 317

Patch management

Patch management is the process of identifying, acquiring, testing, and deploying software updates (patches) to fix vulnerabilities, bugs, or improve performance in IT systems.

Full entry →
Full Patch management glossary entry →

Term 318

Patch prioritization

Patch prioritization is the process of ranking security updates based on risk, impact, and urgency to decide which ones to apply first in an IT environment.

Full entry →
Full Patch prioritization glossary entry →

Term 319

Payment Card Industry Data Security Standards

A set of security rules that any company that handles credit card payments must follow to protect cardholder data from theft and fraud.

Full entry →
Full Payment Card Industry Data Security Standards glossary entry →

Term 320

Penetration testing

Penetration testing is a simulated cyberattack on a computer system, network, or application to find security weaknesses before real attackers can exploit them.

Full entry →
Full Penetration testing glossary entry →

Term 321

Persistence

Persistence is the set of techniques attackers use to maintain long-term access to a compromised system even after reboots or credential changes.

Full entry →
Full Persistence glossary entry →

Term 322

Phishing

Phishing is a type of cyber attack where criminals impersonate legitimate organizations or individuals to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal data.

Full entry →
Full Phishing glossary entry →

Term 323

Piggybacking

Piggybacking is the act of an unauthorized person following an authorized person into a restricted area or system by taking advantage of their access.

Full entry →
Full Piggybacking glossary entry →

Term 324

Pivoting

Pivoting is a post-exploitation technique where an attacker uses a compromised system as a relay to access other systems on a network that were not directly reachable.

Full entry →
Full Pivoting glossary entry →

Term 325

Policy

A policy is a set of rules or guidelines that defines how an organization manages, secures, and operates its IT systems and services.

Full entry →
Full Policy glossary entry →

Term 326

Policy as code

Policy as code is the practice of representing and managing security, compliance, and governance rules as executable code, enabling automated validation and enforcement across infrastructure and software development workflows.

Full entry →
Full Policy as code glossary entry →

Term 327

Policy assignment

Policy assignment is the process of attaching a set of rules or permissions to a specific resource, user, or group so that those rules are enforced in a cloud or IT environment.

Full entry →
Full Policy assignment glossary entry →

Term 328

Policy definition

A policy definition is a formal rule or set of rules that specifies allowed or denied actions on resources within an IT environment, often used for governance, compliance, and security control.

Full entry →
Full Policy definition glossary entry →

Term 329

Policy enforcement

Policy enforcement is the process of implementing and ensuring compliance with defined security rules and configurations across an IT environment.

Full entry →
Full Policy enforcement glossary entry →

Term 330

Policy inheritance

Policy inheritance is the mechanism by which policies applied to a parent container in a hierarchical system automatically apply to all child objects within that container, unless explicitly blocked or overridden.

Full entry →
Full Policy inheritance glossary entry →
← Part 10Part 12 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11currentPart 12Part 13Part 14Part 15Part 16Part 17Part 18

Study resources

All CS0-003 Acronyms→CS0-003 Practice Tests→CS0-003 Study Guide→Exam Domains→