Term 211
General Data Protection Regulation
A European Union law that gives individuals control over their personal data and sets strict rules for how organizations collect, store, and process that data.
Acronym study
Terms 211–240 of 514 CS0-003 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 211
A European Union law that gives individuals control over their personal data and sets strict rules for how organizations collect, store, and process that data.
Term 212
GitHub Advanced Security is a suite of security tools integrated into GitHub that helps developers find and fix vulnerabilities, secrets, and code quality issues directly in their repositories.
Term 213
A forged Kerberos authentication ticket that grants an attacker unrestricted domain admin access to all resources in a Windows Active Directory environment.
Term 214
Group Policy is a Windows-based feature that allows administrators to centrally manage and enforce settings for users and computers across an organization.
Term 215
AWS GuardDuty is a managed threat detection service that continuously monitors for malicious activity and unauthorized behavior in an AWS environment.
Term 216
Guest access allows a user to temporarily connect to a network, application, or shared resource with limited permissions, without being a permanent member of the organization.
Term 217
A specialized hardware appliance that securely generates, stores, and manages cryptographic keys in a tamper-resistant environment for enterprise security systems.
Term 218
Hash cracking is the process of attempting to reverse a hashed value back to its original plaintext input, typically used by attackers to recover passwords or by security professionals to test password strength.
Term 219
Hashing is a one-way mathematical function that converts any input data into a fixed-length string of characters, called a hash or digest, which is used to verify data integrity and store passwords securely.
Term 220
A host firewall is a software-based security tool that runs directly on an individual device, such as a laptop, server, or desktop, to monitor and control incoming and outgoing network traffic based on a set of security rules.
Term 221
Hypothesis-driven hunting is a proactive security approach where analysts form educated guesses about potential threats and then actively search for evidence to confirm or refute those guesses.
Term 222
Identity and Access Management (IAM) is a framework of policies and technologies that ensures the right individuals have the appropriate access to technology resources.
Term 223
An IAM group is a collection of IAM users in a cloud or identity system that simplifies permission management by allowing you to assign policies to multiple users at once.
Term 224
An IAM misconfiguration occurs when identity and access management settings are incorrectly set, granting too many or too few permissions to users or services, which can lead to security breaches or operational failures.
Term 225
An IAM policy is a set of rules that determines who can access specific cloud resources and what actions they are allowed to perform.
Term 226
An IAM role is a set of permissions that an entity can assume temporarily to access cloud resources securely.
Term 227
An IAM user is an identity created in AWS Identity and Access Management that represents a person or service interacting with AWS resources, with its own credentials and permissions.
Term 228
IAST (Interactive Application Security Testing) is a security testing method that analyzes an application from within while it is running, typically during automated testing or manual QA, to find vulnerabilities in real time.
Term 229
Identity and access management (IAM) is the security discipline that ensures the right individuals access the right resources at the right times for the right reasons.
Term 230
A security model where trust is determined by user identity and context rather than the network location, treating identity itself as the primary boundary for access control.
Term 231
Impact is the measure of the potential damage or harm that a risk event could cause to an organization's assets, operations, or reputation.
Term 232
Impersonation is a security attack where an attacker pretends to be a legitimate person or system to gain unauthorized access, steal data, or commit fraud.
Term 233
An incident is a security event that violates an organization's policies or threatens its data, systems, or operations, requiring a structured response.
Term 234
Incident classification is the process of categorizing security incidents based on type, severity, and impact to ensure appropriate response and resource allocation.
Term 235
Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.
Term 236
Incident management is the process of identifying, logging, prioritizing, and resolving IT service disruptions to restore normal operations as quickly as possible with minimal business impact.
Term 237
Incident response is the structured approach an organization uses to identify, contain, and recover from cybersecurity incidents like data breaches or ransomware attacks.
Term 238
The Incident response lifecycle is the structured process organizations follow to detect, contain, eradicate, and recover from cybersecurity incidents while learning from each event to improve future defenses.
Term 239
Incident severity is a classification used in IT incident management to describe the level of impact and urgency of an event, guiding response priority.
Term 240
An indicator of attack (IOA) is a sign that an attack is actively occurring or about to occur, focusing on attacker behavior and intent rather than just the artifacts left behind.