Term 271
FileVault
FileVault is a full-disk encryption feature built into macOS that protects all data on a Mac's startup disk by scrambling it so that only authorized users can unlock and access it.
Acronym study
Terms 271–300 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 271
FileVault is a full-disk encryption feature built into macOS that protects all data on a Mac's startup disk by scrambling it so that only authorized users can unlock and access it.
Term 272
A firewall is a network security system that monitors and controls incoming and outgoing traffic based on predetermined security rules to protect trusted internal networks from untrusted external networks.
Term 273
A firewall log is a record of network traffic that a firewall has allowed or denied, used by IT professionals to monitor security events and troubleshoot connectivity issues.
Term 274
A firewall rule is a set of conditions that tells a firewall which network traffic to allow or block based on attributes like source, destination, port, and protocol.
Term 275
firewalld is a dynamic firewall management tool for Linux systems that controls incoming and outgoing network traffic using zones and rules.
Term 276
A firmware update is a process that replaces or patches the permanent software programmed into a hardware device to fix bugs, patch security vulnerabilities, or add new features.
Term 277
A folder is a logical container used to organize and group digital files, resources, or cloud-based assets within a system or platform.
Term 278
A forensic image is an exact, bit-for-bit copy of a storage device, including all deleted and hidden data, created and preserved for digital investigation.
Term 279
A Free Tier is a limited, no-cost service level offered by cloud providers that lets users explore and test features without paying.
Term 280
Full packet capture is the process of recording every single data packet that travels across a network segment, including headers and payload, for later analysis.
Term 281
A gateway endpoint is a networking component that acts as an entry and exit point for traffic between two different networks, typically translating between incompatible protocols or addressing schemes.
Term 282
The General Data Protection Regulation (GDPR) is a European Union law that sets strict rules for how organizations collect, store, process, and protect the personal data of individuals within the EU.
Term 283
A European Union law that gives individuals control over their personal data and sets strict rules for how organizations collect, store, and process that data.
Term 284
GitHub Advanced Security is a suite of security tools integrated into GitHub that helps developers find and fix vulnerabilities, secrets, and code quality issues directly in their repositories.
Term 285
Governance is the framework of policies, processes, and controls that ensures IT activities align with business goals and comply with regulations.
Term 286
GPG (GNU Privacy Guard) is a free, open-source encryption tool that allows users to securely encrypt, decrypt, and sign data and communications.
Term 287
A group is a collection of users, devices, or other objects that are assigned permissions and policies together for simplified management in identity and governance systems like Microsoft Entra ID.
Term 288
AWS GuardDuty is a managed threat detection service that continuously monitors for malicious activity and unauthorized behavior in an AWS environment.
Term 289
A guest user is a temporary or limited-access account that allows someone to use a system, network, or application without full user privileges and often without a permanent identity.
Term 290
A guideline is a recommended set of best practices or instructions that provide direction for implementing, managing, or governing IT processes, without being strictly mandatory or enforced like a policy.
Term 291
Hardening is the process of securing a computer system or network by reducing its attack surface, disabling unnecessary services, and applying security configurations.
Term 292
A specialized hardware appliance that securely generates, stores, and manages cryptographic keys in a tamper-resistant environment for enterprise security systems.
Term 293
Hashing is a one-way mathematical function that converts any input data into a fixed-length string of characters, called a hash or digest, which is used to verify data integrity and store passwords securely.
Term 294
High availability is a system design approach that aims to keep applications and services operational and accessible with minimal downtime, even when some components fail.
Term 295
HIPAA is a U.S. law that sets national standards for protecting sensitive patient health information from being disclosed without the patient's consent or knowledge.
Term 296
A host firewall is a software-based security tool that runs directly on an individual device, such as a laptop, server, or desktop, to monitor and control incoming and outgoing network traffic based on a set of security rules.
Term 297
A hosted zone is a container for DNS records that holds the information needed to route internet traffic for a domain name.
Term 298
A hunting query is a proactive, iterative Kusto Query Language (KQL) query used in Microsoft 365 Defender and Azure Sentinel to search for hidden threats, anomalies, and indicators of compromise across security data.
Term 299
Hypertext Transfer Protocol Secure, or HTTPS, is the secure version of HTTP that encrypts data between a web browser and a website using SSL/TLS to protect sensitive information like passwords and credit card numbers.
Term 300
Hypothesis-driven hunting is a proactive security approach where analysts form educated guesses about potential threats and then actively search for evidence to confirm or refute those guesses.