Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

CompTIA CySA+ CS0-003/Acronyms/Part 15

Acronym study

CS0-003 Acronyms — Part 15 of 18

Terms 421–450 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 14Part 15 of 18Part 16 →

Term 421

Security strategy

A security strategy is a high-level plan that outlines how an organization protects its information assets, aligns security with business goals, and manages risk over time.

Full entry →
Full Security strategy glossary entry →

Term 422

Security update

A security update is a software patch released to fix a vulnerability that could be exploited by attackers to compromise a system.

Full entry →
Full Security update glossary entry →

Term 423

Sensitivity label

A sensitivity label is a metadata tag applied to digital content that classifies the content's level of confidentiality and governs how it can be shared, protected, and accessed.

Full entry →
Full Sensitivity label glossary entry →

Term 424

Serverless security

Serverless security is the practice of protecting applications that run on serverless computing platforms, where the cloud provider manages the infrastructure and the customer is responsible for securing the code, data, and access controls.

Full entry →
Full Serverless security glossary entry →

Term 425

Service Control Policy

A Service Control Policy (SCP) is a centralized governance tool in AWS Organizations that allows you to define and enforce maximum permissions for all accounts in an organization, acting as a security guardrail that limits what actions principals can perform.

Full entry →
Full Service Control Policy glossary entry →

Term 426

Service Health

Service Health is a monitoring feature in Microsoft 365 and Azure that provides real-time and historical status of cloud services, including outages, advisories, and incidents.

Full entry →
Full Service Health glossary entry →

Term 427

Service Trust Portal

The Service Trust Portal is a Microsoft website that gives IT professionals and auditors access to compliance documentation, audit reports, and security information about Microsoft cloud services.

Full entry →
Full Service Trust Portal glossary entry →

Term 428

Shared access

Shared access is a permission model where multiple users, systems, or services are granted common access rights to a resource such as a file, database, network drive, or cloud storage.

Full entry →
Full Shared access glossary entry →

Term 429

Shared access signature

A shared access signature (SAS) is a secure, time-limited URL that grants granular access to specific resources in cloud storage, allowing you to delegate permissions without sharing your account keys.

Full entry →
Full Shared access signature glossary entry →

Term 430

Shift left security

Shift left security is the practice of integrating security testing and controls earlier in the software development lifecycle, rather than waiting until after deployment.

Full entry →
Full Shift left security glossary entry →

Term 431

Shoulder surfing

A social engineering attack where an attacker observes a victim's screen or keyboard to steal passwords or sensitive information.

Full entry →
Full Shoulder surfing glossary entry →

Term 432

SIEM

SIEM (Security Information and Event Management) is a system that collects and analyzes log data from across an IT environment to detect and respond to security threats in real time.

Full entry →
Full SIEM glossary entry →

Term 433

SIEM query

A SIEM query is a search command used in a Security Information and Event Management system to find, filter, and analyze security-related log data from across an organization's IT environment.

Full entry →
Full SIEM query glossary entry →

Term 434

Sigma rule

A Sigma rule is a generic, YAML-based detection rule format used in cybersecurity to describe suspicious activities in a way that can be easily shared and converted for use across different security information and event management (SIEM) systems.

Full entry →
Full Sigma rule glossary entry →

Term 435

Silver ticket

A forged Kerberos service ticket that grants access to a specific service in a Windows domain without requiring the user's password.

Full entry →
Full Silver ticket glossary entry →

Term 436

Site Recovery

Site Recovery is the process of restoring IT infrastructure and data at a different physical location after a disaster to keep business operations running.

Full entry →
Full Site Recovery glossary entry →

Term 437

SLA

A Service Level Agreement (SLA) is a contract between a service provider and a customer that defines the level of service expected, including metrics like uptime, response time, and penalties for non-compliance.

Full entry →
Full SLA glossary entry →

Term 438

SLE

SLE (Single Loss Expectancy) is the monetary loss expected each time a specific risk event occurs, calculated as asset value times exposure factor.

Full entry →
Full SLE glossary entry →

Term 439

SLI

An SLI (Service Level Indicator) is a carefully chosen metric that measures one specific aspect of a service's performance, such as request latency or error rate, to help determine whether the service is meeting its reliability goals.

Full entry →
Full SLI glossary entry →

Term 440

SLO

A Service Level Objective is a measurable target for a specific aspect of a service's performance or reliability that a team commits to meeting over a defined period.

Full entry →
Full SLO glossary entry →

Term 441

Smishing

Smishing is a social engineering attack that uses deceptive text messages to trick recipients into revealing sensitive information or installing malware.

Full entry →
Full Smishing glossary entry →

Term 442

SOAR playbook

A SOAR playbook is a documented, step-by-step guide that automates and orchestrates security incident response actions within a Security Orchestration, Automation, and Response platform.

Full entry →
Full SOAR playbook glossary entry →

Term 443

SOC

A Security Operations Center (SOC) is a centralized team that monitors, detects, analyzes, and responds to cybersecurity incidents to protect an organization's information systems.

Full entry →
Full SOC glossary entry →

Term 444

Soft delete

A soft delete marks data as deleted without actually removing it from the database, allowing recovery if needed.

Full entry →
Full Soft delete glossary entry →

Term 445

Spear phishing

Spear phishing is a targeted cyberattack in which a criminal sends a fraudulent email that appears to come from a trusted source, aiming to trick a specific person or organization into revealing sensitive data or installing malware.

Full entry →
Full Spear phishing glossary entry →

Term 446

Spyware

Spyware is malicious software that secretly monitors and collects information about a user's activity without their knowledge or consent.

Full entry →
Full Spyware glossary entry →

Term 447

SQL injection

SQL injection is a web security vulnerability that allows an attacker to interfere with the queries an application makes to its database, often to read, modify, or destroy data.

Full entry →
Full SQL injection glossary entry →

Term 448

SSL VPN

An SSL VPN is a virtual private network that uses the Secure Sockets Layer protocol to create an encrypted tunnel for remote users to securely access network resources over the internet.

Full entry →
Full SSL VPN glossary entry →

Term 449

SSO

Single Sign-On (SSO) is an authentication process that allows a user to access multiple applications or systems with one set of login credentials.

Full entry →
Full SSO glossary entry →

Term 450

SSRF

A security vulnerability where an attacker tricks a server into making unauthorized requests to internal or external resources on behalf of the attacker.

Full entry →
Full SSRF glossary entry →
← Part 14Part 16 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15currentPart 16Part 17Part 18

Study resources

All CS0-003 Acronyms→CS0-003 Practice Tests→CS0-003 Study Guide→Exam Domains→