Term 331
Port security
Port security is a network switch feature that restricts which devices can connect to a port based on the device's MAC address, preventing unauthorized access.
Acronym study
Terms 331–360 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 331
Port security is a network switch feature that restricts which devices can connect to a port based on the device's MAC address, preventing unauthorized access.
Term 332
Post-exploitation is the phase of a penetration test that begins after an attacker has gained initial access to a system, focusing on maintaining access, escalating privileges, moving laterally, and achieving the test's objectives.
Term 333
A postmortem is a structured review of an incident to identify what went wrong, what went well, and how to prevent future issues.
Term 334
Preparation is the first phase of incident response where organizations proactively establish policies, tools, training, and procedures to handle security incidents effectively.
Term 335
Pretexting is a social engineering attack where the attacker fabricates a believable scenario or false identity to trick a victim into revealing sensitive information or performing an action.
Term 336
Privacy and security refer to the practices and technologies used to protect sensitive data from unauthorized access while ensuring individuals' rights over their personal information are respected.
Term 337
Privacy risk management is the ongoing process of identifying, assessing, and responding to risks that could compromise the confidentiality, integrity, or availability of personal data.
Term 338
Private Google Access lets virtual machines in a Google Cloud VPC reach Google APIs and services using private IP addresses, without needing public internet access.
Term 339
Privilege escalation is when a user or attacker gains more access or control over a system than they are supposed to have.
Term 340
Privileged access is a special level of permission that allows a user or system to perform high-impact actions like installing software, changing system settings, or accessing sensitive data across an IT environment.
Term 341
Privileged access management is a cybersecurity practice that controls and monitors the elevated access rights of users who have special permissions to critical systems and data.
Term 342
Privileged Identity Management is a security system that controls, monitors, and audits access to sensitive systems by granting elevated permissions only when needed and for a limited time.
Term 343
A proxy log is a record of all traffic that passes through a proxy server, capturing details like source IP, destination URL, timestamps, and content type for security analysis and monitoring.
Term 344
Pseudonymization is a data processing technique that replaces private identifiers with artificial identifiers, or pseudonyms, to protect personal data while still allowing for analysis and processing.
Term 345
A purple team is a collaborative approach in cybersecurity where the offensive (red) and defensive (blue) teams work together to improve an organization's security posture by sharing insights and tactics.
Term 346
Qualitative risk analysis is a subjective, scenario-based approach to prioritizing information security risks by evaluating their likelihood and potential impact using predefined scales rather than numerical calculations.
Term 347
A quality update policy is a set of rules and schedules that IT administrators use to control which Windows updates are deployed to devices to ensure stability, security, and compatibility.
Term 348
Quantitative risk analysis is a structured process that uses numerical data and statistical methods to calculate the potential financial impact of risks on an organization's assets and projects.
Term 349
Quarantine is a security process that isolates a potentially malicious file, email, or device from the rest of the system to prevent harm while it is analyzed or remediated.
Term 350
A rainbow table is a precomputed list of password hashes used to reverse weak passwords quickly without guessing each one live.
Term 351
Ransomware is a type of malicious software that encrypts a victim's files or locks them out of their system, demanding payment, usually in cryptocurrency, to restore access.
Term 352
RBAC is a method of restricting network access based on the roles of individual users within an organization, where permissions are assigned to roles rather than to individuals directly.
Term 353
Read-access geo-redundant storage (RA-GRS) is a cloud storage replication option that maintains three synchronous copies in one primary region and three asynchronous copies in a secondary region, while allowing read access to the secondary copy even during normal operations.
Term 354
Records management is the systematic control of an organization's records, from creation or receipt through processing, distribution, maintenance, storage, retrieval, and disposal, ensuring integrity, compliance, and availability.
Term 355
Recovery is the process of restoring systems, data, and operations after a security incident, failure, or disaster to return to normal functioning.
Term 356
A Recovery Services vault is a secure storage container in Microsoft Azure that holds backup data and replication settings for virtual machines, databases, and other cloud resources, enabling you to restore them if something goes wrong.
Term 357
A red team is a group of security professionals who simulate real-world attacks on an organization's systems, people, and facilities to test the effectiveness of its defenses.
Term 358
Reliability engineering is the practice of designing, testing, and maintaining systems to ensure they operate without failure for a specified period under stated conditions.
Term 359
Remediation is the process of fixing or eliminating vulnerabilities, misconfigurations, or security weaknesses in an IT environment.
Term 360
A remediation recommendation is a prioritized, actionable suggestion for fixing a security vulnerability, misconfiguration, or compliance gap identified during an assessment or scan.