Term 151
Data sanitization
Data sanitization is the process of deliberately, permanently, and irreversibly removing or destroying data stored on a device or media so that it cannot be recovered or reconstructed by any known method.
Acronym study
Terms 151–180 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 151
Data sanitization is the process of deliberately, permanently, and irreversibly removing or destroying data stored on a device or media so that it cannot be recovered or reconstructed by any known method.
Term 152
Data security is the practice of protecting digital information from unauthorized access, corruption, or theft throughout its lifecycle.
Term 153
A configuration in IT systems where security services or appliances operate in an isolated, single-purpose environment to prevent interference with other functions and reduce attack surface.
Term 154
Microsoft Defender for Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) that provides unified security management and threat protection across hybrid and multi-cloud environments.
Term 155
Microsoft Defender for Office 365 is a cloud-based email security service that protects organizations against advanced threats like phishing, malware, and business email compromise by scanning emails, attachments, and links in real time.
Term 156
A Defender policy is a set of security rules configured in Microsoft 365 Defender that controls how endpoint detection and response (EDR), antivirus, firewall, and other protection features behave on managed devices.
Term 157
Detection is the process of identifying potential security incidents or anomalies by analyzing system data, logs, and network traffic.
Term 158
Detection engineering is the practice of designing, building, and refining security monitoring rules and signals to identify malicious activity in an IT environment.
Term 159
Device compliance is the process of ensuring that a device meets an organization's security and configuration policies before it can access network resources.
Term 160
Device risk is the chance that a computer, phone, or other endpoint could cause a security problem or data leak because it is not properly managed or protected.
Term 161
A Diagnostic setting is a configuration in Azure that controls where and how resource logs and metrics are collected, stored, and streamed for monitoring and analysis.
Term 162
The Diamond model is a framework for analyzing cybersecurity intrusions by examining four key components: adversary, capability, infrastructure, and victim.
Term 163
A dictionary attack is a cyberattack method where an attacker tries to break into a system by rapidly testing thousands of common passwords or passphrases from a precompiled list.
Term 164
A digital certificate is an electronic document that verifies the identity of a person, device, or website and enables secure encrypted communication over the internet.
Term 165
A Disaster Recovery Plan (DRP) is a documented, structured approach that outlines how an organization can quickly resume critical IT systems and operations after a disruptive event.
Term 166
Disk encryption is the process of converting data on a storage device into a coded form that can only be read with the correct decryption key, protecting it from unauthorized access.
Term 167
A disk image is a sector-by-sector copy of an entire storage device, such as a hard drive or SSD, used in incident response to preserve forensic evidence exactly as it existed at a point in time.
Term 168
Distributed tracing is a method used to track and observe requests as they flow through multiple services in a distributed system, helping identify performance bottlenecks and failures.
Term 169
Data Loss Prevention — security technology that detects and prevents unauthorised transmission of sensitive data outside an organisation.
Term 170
A DLP policy is a set of rules that an organization uses to prevent sensitive data from being lost, stolen, or accidentally exposed, whether it is in use, in motion, or at rest.
Term 171
A DNS log is a record of all Domain Name System queries and responses that pass through a server, providing a trail of which domains were requested, by whom, and when.
Term 172
Dumpster diving is the practice of searching through trash to find discarded information or equipment that can be used to compromise security.
Term 173
eDiscovery is the process of identifying, collecting, and producing electronic information for legal cases or investigations.
Term 174
Endpoint Detection and Response (EDR) is a cybersecurity technology that continuously monitors endpoint devices to detect, investigate, and respond to advanced threats.
Term 175
An EDR alert is a notification generated by Endpoint Detection and Response software when it detects potentially malicious activity or an anomaly on a device like a laptop, server, or workstation.
Term 176
Encryption is the process of converting readable data into a secret code to prevent unauthorized access.
Term 177
Encryption at rest is the practice of securing stored data by converting it into an unreadable format using cryptographic algorithms, so that even if physical or digital access to the storage medium is obtained, the data remains confidential.
Term 178
Encryption in transit is the process of scrambling data as it moves between two points over a network so that anyone who intercepts it cannot read it.
Term 179
An encryption key is a string of random characters used by an algorithm to lock (encrypt) and unlock (decrypt) data, ensuring only authorized parties can read it.
Term 180
End-of-life means a product or service is no longer being sold, updated, or supported by the manufacturer, and users should plan to upgrade or replace it.