Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

CompTIA CySA+ CS0-003/Acronyms/Part 8

Acronym study

CS0-003 Acronyms — Part 8 of 18

Terms 211–240 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 7Part 8 of 18Part 9 →

Term 211

General Data Protection Regulation

A European Union law that gives individuals control over their personal data and sets strict rules for how organizations collect, store, and process that data.

Full entry →
Full General Data Protection Regulation glossary entry →

Term 212

GitHub Advanced Security

GitHub Advanced Security is a suite of security tools integrated into GitHub that helps developers find and fix vulnerabilities, secrets, and code quality issues directly in their repositories.

Full entry →
Full GitHub Advanced Security glossary entry →

Term 213

Golden ticket

A forged Kerberos authentication ticket that grants an attacker unrestricted domain admin access to all resources in a Windows Active Directory environment.

Full entry →
Full Golden ticket glossary entry →

Term 214

Group Policy

Group Policy is a Windows-based feature that allows administrators to centrally manage and enforce settings for users and computers across an organization.

Full entry →
Full Group Policy glossary entry →

Term 215

GuardDuty

AWS GuardDuty is a managed threat detection service that continuously monitors for malicious activity and unauthorized behavior in an AWS environment.

Full entry →
Full GuardDuty glossary entry →

Term 216

Guest access

Guest access allows a user to temporarily connect to a network, application, or shared resource with limited permissions, without being a permanent member of the organization.

Full entry →
Full Guest access glossary entry →

Term 217

Hardware security module

A specialized hardware appliance that securely generates, stores, and manages cryptographic keys in a tamper-resistant environment for enterprise security systems.

Full entry →
Full Hardware security module glossary entry →

Term 218

Hash cracking

Hash cracking is the process of attempting to reverse a hashed value back to its original plaintext input, typically used by attackers to recover passwords or by security professionals to test password strength.

Full entry →
Full Hash cracking glossary entry →

Term 219

Hashing

Hashing is a one-way mathematical function that converts any input data into a fixed-length string of characters, called a hash or digest, which is used to verify data integrity and store passwords securely.

Full entry →
Full Hashing glossary entry →

Term 220

Host firewall

A host firewall is a software-based security tool that runs directly on an individual device, such as a laptop, server, or desktop, to monitor and control incoming and outgoing network traffic based on a set of security rules.

Full entry →
Full Host firewall glossary entry →

Term 221

Hypothesis-driven hunting

Hypothesis-driven hunting is a proactive security approach where analysts form educated guesses about potential threats and then actively search for evidence to confirm or refute those guesses.

Full entry →
Full Hypothesis-driven hunting glossary entry →

Term 222

IAM

Identity and Access Management (IAM) is a framework of policies and technologies that ensures the right individuals have the appropriate access to technology resources.

Full entry →
Full IAM glossary entry →

Term 223

IAM group

An IAM group is a collection of IAM users in a cloud or identity system that simplifies permission management by allowing you to assign policies to multiple users at once.

Full entry →
Full IAM group glossary entry →

Term 224

IAM misconfiguration

An IAM misconfiguration occurs when identity and access management settings are incorrectly set, granting too many or too few permissions to users or services, which can lead to security breaches or operational failures.

Full entry →
Full IAM misconfiguration glossary entry →

Term 225

IAM policy

An IAM policy is a set of rules that determines who can access specific cloud resources and what actions they are allowed to perform.

Full entry →
Full IAM policy glossary entry →

Term 226

IAM role

An IAM role is a set of permissions that an entity can assume temporarily to access cloud resources securely.

Full entry →
Full IAM role glossary entry →

Term 227

IAM user

An IAM user is an identity created in AWS Identity and Access Management that represents a person or service interacting with AWS resources, with its own credentials and permissions.

Full entry →
Full IAM user glossary entry →

Term 228

IAST

IAST (Interactive Application Security Testing) is a security testing method that analyzes an application from within while it is running, typically during automated testing or manual QA, to find vulnerabilities in real time.

Full entry →
Full IAST glossary entry →

Term 229

Identity and access management

Identity and access management (IAM) is the security discipline that ensures the right individuals access the right resources at the right times for the right reasons.

Full entry →
Full Identity and access management glossary entry →

Term 230

Identity as security perimeter

A security model where trust is determined by user identity and context rather than the network location, treating identity itself as the primary boundary for access control.

Full entry →
Full Identity as security perimeter glossary entry →

Term 231

Impact

Impact is the measure of the potential damage or harm that a risk event could cause to an organization's assets, operations, or reputation.

Full entry →
Full Impact glossary entry →

Term 232

Impersonation

Impersonation is a security attack where an attacker pretends to be a legitimate person or system to gain unauthorized access, steal data, or commit fraud.

Full entry →
Full Impersonation glossary entry →

Term 233

Incident

An incident is a security event that violates an organization's policies or threatens its data, systems, or operations, requiring a structured response.

Full entry →
Full Incident glossary entry →

Term 234

Incident classification

Incident classification is the process of categorizing security incidents based on type, severity, and impact to ensure appropriate response and resource allocation.

Full entry →
Full Incident classification glossary entry →

Term 235

Incident documentation

Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.

Full entry →
Full Incident documentation glossary entry →

Term 236

Incident management

Incident management is the process of identifying, logging, prioritizing, and resolving IT service disruptions to restore normal operations as quickly as possible with minimal business impact.

Full entry →
Full Incident management glossary entry →

Term 237

Incident response

Incident response is the structured approach an organization uses to identify, contain, and recover from cybersecurity incidents like data breaches or ransomware attacks.

Full entry →
Full Incident response glossary entry →

Term 238

Incident response lifecycle

The Incident response lifecycle is the structured process organizations follow to detect, contain, eradicate, and recover from cybersecurity incidents while learning from each event to improve future defenses.

Full entry →
Full Incident response lifecycle glossary entry →

Term 239

Incident severity

Incident severity is a classification used in IT incident management to describe the level of impact and urgency of an event, guiding response priority.

Full entry →
Full Incident severity glossary entry →

Term 240

Indicator of attack

An indicator of attack (IOA) is a sign that an attack is actively occurring or about to occur, focusing on attacker behavior and intent rather than just the artifacts left behind.

Full entry →
Full Indicator of attack glossary entry →
← Part 7Part 9 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8currentPart 9Part 10Part 11Part 12Part 13Part 14Part 15Part 16Part 17Part 18

Study resources

All CS0-003 Acronyms→CS0-003 Practice Tests→CS0-003 Study Guide→Exam Domains→