Term 481
True positive
A true positive is when a security tool correctly identifies a real threat or malicious activity.
Acronym study
Terms 481–510 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 481
A true positive is when a security tool correctly identifies a real threat or malicious activity.
Term 482
A Trusted Advisor is an IT professional who earns deep client trust through expert guidance, ethical behavior, and a focus on the client’s long-term success rather than just selling products.
Term 483
TTP stands for Tactics, Techniques, and Procedures, which describe the behavior patterns and methods used by threat actors in cybersecurity attacks.
Term 484
Typosquatting is a cyberattack where attackers register domain names that are common misspellings of popular websites to trick users into visiting fraudulent sites.
Term 485
An unauthenticated scan is a vulnerability assessment performed without providing valid login credentials, simulating an outside attacker's perspective.
Term 486
A use case is a description of how a specific user or system interacts with a system to achieve a particular goal, often used in security operations to define required functions and validate system behavior.
Term 487
A User Access Administrator is an IT professional responsible for managing who can access what resources in an organization, including creating, modifying, and revoking user accounts and permissions across systems.
Term 488
Virtualization security is the practice of protecting virtualized environments including virtual machines, hypervisors, virtual networks, and related infrastructure from threats and vulnerabilities.
Term 489
A virus is a malicious software program that attaches itself to legitimate files or programs and spreads to other systems, often causing damage or stealing information.
Term 490
Vishing is a social engineering attack where criminals use phone calls or voice messages to trick victims into revealing sensitive information.
Term 491
A feature that captures information about the IP traffic going to and from network interfaces in a Virtual Private Cloud (VPC).
Term 492
A VPN (Virtual Private Network) creates a secure, encrypted tunnel between your device and a remote server, protecting your data and hiding your online activity.
Term 493
A VPN concentrator is a network device that manages, encrypts, and routes multiple VPN connections from remote users or sites into a single secure gateway.
Term 494
A VPN Gateway is a network device or service that creates an encrypted tunnel between two or more networks over the internet, allowing secure communication.
Term 495
A vulnerability is a weakness in a system, network, or software that could be exploited by a threat to cause harm or unauthorized access.
Term 496
A vulnerability assessment is a systematic review of security weaknesses in an information system, evaluating if the system is susceptible to any known vulnerabilities, assigning severity levels, and recommending remediation or mitigation.
Term 497
Vulnerability management is the continuous process of identifying, classifying, prioritizing, and remediating security weaknesses in an organization's IT environment.
Term 498
A vulnerability scan is an automated process that checks systems, networks, and applications for known security weaknesses or misconfigurations.
Term 499
A vulnerability scanner is an automated tool that identifies security weaknesses in systems, networks, and applications by comparing their configurations and software versions against known vulnerability databases.
Term 500
Vulnerability scanning is an automated process that identifies security weaknesses in systems, networks, and applications by comparing them against known vulnerability databases.
Term 501
A watering hole attack is a cyberattack where the attacker compromises a website that a target group trusts, in order to infect visitors with malware.
Term 502
A Web Application Firewall (WAF) is a security tool that monitors, filters, and blocks HTTP traffic to and from a web application to protect it from common attacks.
Term 503
A web application scan is an automated security test that examines a web application for vulnerabilities that could be exploited by attackers.
Term 504
Whaling is a type of phishing attack that specifically targets high-level executives or senior management in an organization to steal sensitive data or money.
Term 505
Windows Defender Firewall is a built-in security feature in Microsoft Windows that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Term 506
The Windows event log is a built-in service that records system, security, and application activities in a structured file so administrators can monitor health, detect problems, and investigate security incidents.
Term 507
A wireless access point is a networking device that allows Wi-Fi-enabled devices to connect to a wired network, typically a local area network (LAN), acting as a bridge between wireless and wired communication.
Term 508
A worm is a type of malicious software that can copy itself and spread to other computers over a network, often without any human action.
Term 509
X-Ray is a data analysis and visualization tool used in cloud and distributed systems to trace and debug requests as they travel through an application's components.
Term 510
X-Ray tracing is a monitoring technique used in cloud applications to trace requests as they travel through different services, helping identify performance bottlenecks and errors.