Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

CompTIA CySA+ CS0-003/Acronyms/Part 13

Acronym study

CS0-003 Acronyms — Part 13 of 18

Terms 361–390 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 12Part 13 of 18Part 14 →

Term 361

Replication

Replication is the process of copying and synchronizing data across multiple servers or storage devices to ensure availability, reliability, and fault tolerance.

Full entry →
Full Replication glossary entry →

Term 362

Residual risk

Residual risk is the level of risk that remains after all security controls and countermeasures have been applied.

Full entry →
Full Residual risk glossary entry →

Term 363

Resource policy

A resource policy is a set of rules that controls who can access a specific cloud resource and what actions they can perform on it.

Full entry →
Full Resource policy glossary entry →

Term 364

Retention label

A retention label is a tag applied to emails, documents, or files in Microsoft 365 that tells the system how long to keep the item and what to do with it when the time is up.

Full entry →
Full Retention label glossary entry →

Term 365

Retention policy

A retention policy is a set of rules that determines how long an organization keeps its data and what happens to it when the retention period expires.

Full entry →
Full Retention policy glossary entry →

Term 366

Retry policy

A retry policy is a set of rules that automatically re-attempts a failed operation after a defined interval, up to a maximum number of tries.

Full entry →
Full Retry policy glossary entry →

Term 367

Reverse engineering

Reverse engineering is the process of deconstructing a system, software, or hardware to understand its design, functionality, and operation, often for analysis, replication, or improvement.

Full entry →
Full Reverse engineering glossary entry →

Term 368

Reverse shell

A reverse shell is a type of remote access attack where the target machine initiates an outbound connection back to the attacker, allowing the attacker to execute commands on the compromised system.

Full entry →
Full Reverse shell glossary entry →

Term 369

Risk

Risk is the possibility that an event or action will negatively affect an organization's ability to achieve its goals, often measured in terms of likelihood and impact.

Full entry →
Full Risk glossary entry →

Term 370

Risk acceptance

Risk acceptance is a risk management strategy where an organization acknowledges a potential risk but decides to tolerate it without taking active measures to reduce or eliminate it.

Full entry →
Full Risk acceptance glossary entry →

Term 371

Risk appetite

Risk appetite is the amount of risk an organization is willing to accept in pursuit of its objectives, defining the boundaries for decision-making.

Full entry →
Full Risk appetite glossary entry →

Term 372

Risk assessment

Risk assessment is the process of identifying, analyzing, and evaluating potential threats to an organization's assets to determine the likelihood and impact of those threats, and to decide on appropriate treatment measures.

Full entry →
Full Risk assessment glossary entry →

Term 373

Risk avoidance

Risk avoidance is a risk management strategy that involves eliminating any activity, process, or technology that introduces a specific risk, rather than trying to reduce or accept it.

Full entry →
Full Risk avoidance glossary entry →

Term 374

Risk management

Risk management is the process of identifying, assessing, and controlling threats to an organization's capital, earnings, and operations, including IT systems and data.

Full entry →
Full Risk management glossary entry →

Term 375

Risk mitigation

Risk mitigation is the process of reducing the likelihood or impact of a potential security threat to an acceptable level through specific controls and actions.

Full entry →
Full Risk mitigation glossary entry →

Term 376

Risk register

A risk register is a formal document that lists and tracks all identified risks to an IT project, system, or organization, including their assessed impact, probability, and planned responses.

Full entry →
Full Risk register glossary entry →

Term 377

Risk score

A risk score is a numerical value that represents the level of risk associated with a given asset, threat, or vulnerability in a security context.

Full entry →
Full Risk score glossary entry →

Term 378

Risk tolerance

Risk tolerance is the amount of risk an organization or individual is willing to accept in pursuit of its objectives, defining the boundary between acceptable and unacceptable losses.

Full entry →
Full Risk tolerance glossary entry →

Term 379

Risk transfer

Risk transfer is the practice of shifting the financial burden of a potential loss to another party, typically through insurance or contracts.

Full entry →
Full Risk transfer glossary entry →

Term 380

Risk treatment

Risk treatment is the process of selecting and implementing measures to modify risk, which can include avoiding, accepting, mitigating, or transferring the risk.

Full entry →
Full Risk treatment glossary entry →

Term 381

Risk-based access

Risk-based access is a security model that dynamically adjusts access permissions based on the assessed risk of each access request, rather than granting a static level of access to all users.

Full entry →
Full Risk-based access glossary entry →

Term 382

Risk-based vulnerability management

Risk-based vulnerability management is a cybersecurity approach that prioritizes the fixing of security weaknesses based on the level of risk they pose to an organization's specific environment, rather than just addressing all vulnerabilities in the order they are found.

Full entry →
Full Risk-based vulnerability management glossary entry →

Term 383

Rolling deployment

A rolling deployment is a software release strategy that gradually replaces old application instances with new ones across a cluster of servers, one at a time or in small batches, to ensure zero downtime and continuous service availability.

Full entry →
Full Rolling deployment glossary entry →

Term 384

Root cause analysis

Root cause analysis is a systematic process used to identify the fundamental underlying cause of a problem, rather than just treating its symptoms.

Full entry →
Full Root cause analysis glossary entry →

Term 385

Rootkit

A rootkit is a type of malware that hides its presence and the presence of other malicious software on a computer, often by modifying the operating system itself.

Full entry →
Full Rootkit glossary entry →

Term 386

RPO

Recovery Point Objective (RPO) is the maximum acceptable amount of data loss measured in time, defining how recent data must be to resume operations after a disruption.

Full entry →
Full RPO glossary entry →

Term 387

RTO

Recovery Time Objective is the maximum acceptable time to restore a system or data after a disaster, defining how quickly normal operations must resume.

Full entry →
Full RTO glossary entry →

Term 388

Rule-based access control

Rule-based access control (RuBAC) is a method of managing access to resources by evaluating a set of predefined rules that combine conditions such as time, location, device, and user attributes to allow or deny access.

Full entry →
Full Rule-based access control glossary entry →

Term 389

Rules of engagement

Rules of engagement are the documented guidelines that define the scope, boundaries, and authorized actions a security tester may take during a penetration test or security assessment.

Full entry →
Full Rules of engagement glossary entry →

Term 390

S3 bucket policy

An S3 bucket policy is a JSON-based resource-based access control document that defines who can access an Amazon S3 bucket and its objects, and what actions they can perform.

Full entry →
Full S3 bucket policy glossary entry →
← Part 12Part 14 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13currentPart 14Part 15Part 16Part 17Part 18

Study resources

All CS0-003 Acronyms→CS0-003 Practice Tests→CS0-003 Study Guide→Exam Domains→