Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

ISC2 Certified in Cybersecurity CC/Acronyms/Part 13

Acronym study

ISC2 CC Acronyms — Part 13 of 26

Terms 361–390 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 12Part 13 of 26Part 14 →

Term 361

Key pair

A key pair is a set of two cryptographic keys—a public key and a private key—used together to encrypt and decrypt data or to create and verify digital signatures.

Full entry →
Full Key pair glossary entry →

Term 362

Keylogger

A keylogger is a type of surveillance software or hardware that records every keystroke you type on your keyboard, often used without your knowledge to steal passwords and other sensitive information.

Full entry →
Full Keylogger glossary entry →

Term 363

Kill chain

A kill chain is a step-by-step model that describes the stages of a cyberattack, from initial reconnaissance to the final objective, helping defenders understand and disrupt each phase.

Full entry →
Full Kill chain glossary entry →

Term 364

KMS

KMS (Key Management Service) is a Microsoft technology that automates volume licensing activation for Windows and Office products within an organization's network.

Full entry →
Full KMS glossary entry →

Term 365

known_hosts

A file used by SSH to store the public keys of remote servers, allowing the client to verify the server's identity and prevent man-in-the-middle attacks.

Full entry →
Full known_hosts glossary entry →

Term 366

Kubernetes RBAC

Kubernetes RBAC is a security mechanism that controls who can access and perform actions on resources in a Kubernetes cluster based on their role.

Full entry →
Full Kubernetes RBAC glossary entry →

Term 367

Labels

Labels are descriptive text or tags attached to IT resources to organize, identify, and manage them based on attributes like purpose, environment, or owner.

Full entry →
Full Labels glossary entry →

Term 368

Latency routing

Latency routing is a DNS-based traffic management method that directs user requests to the server location which can provide the lowest network latency for that specific user.

Full entry →
Full Latency routing glossary entry →

Term 369

Lateral movement

Lateral movement is the technique attackers use to move through a network from one compromised system to another, seeking sensitive data or higher privileges.

Full entry →
Full Lateral movement glossary entry →

Term 370

LDAPS

LDAPS is a secure version of LDAP that encrypts all directory service communications using SSL or TLS.

Full entry →
Full LDAPS glossary entry →

Term 371

LDAPS

LDAPS encrypts LDAP traffic using SSL/TLS to secure directory queries and authentication over a network.

Full entry →
Full LDAPS glossary entry →

Term 372

Least privilege

Least privilege is a security principle that means giving users, systems, or programs only the minimum permissions they need to do their job and nothing more.

Full entry →
Full Least privilege glossary entry →

Term 373

Legal requirement

A legal requirement is a mandatory rule or standard set by law or regulation that an organization must follow, often concerning data protection, privacy, or security practices.

Full entry →
Full Legal requirement glossary entry →

Term 374

Lessons learned

Lessons learned is the process of capturing, analyzing, and documenting knowledge gained from past incidents or projects to improve future security operations and prevent recurrence of problems.

Full entry →
Full Lessons learned glossary entry →

Term 375

Lightweight Directory Access Protocol

Lightweight Directory Access Protocol (LDAP) is a standard protocol used to access and manage directory information over a network, such as user credentials and permissions.

Full entry →
Full Lightweight Directory Access Protocol glossary entry →

Term 376

Likelihood

Likelihood is the estimated probability that a specific threat will exploit a vulnerability, causing harm to an IT asset or system.

Full entry →
Full Likelihood glossary entry →

Term 377

Line-of-business app

A line-of-business app is a software application that is essential for running a specific core business process, such as accounting, inventory management, or customer relationship management.

Full entry →
Full Line-of-business app glossary entry →

Term 378

LLDP

LLDP (Link Layer Discovery Protocol) is a vendor-neutral protocol used by network devices to advertise their identity, capabilities, and neighbors on a local Ethernet network.

Full entry →
Full LLDP glossary entry →

Term 379

Log management

Log management is the process of collecting, storing, analyzing, and disposing of log data generated by computer systems, networks, and applications to ensure security, compliance, and operational health.

Full entry →
Full Log management glossary entry →

Term 380

Log retention

Log retention is the practice of storing log data for a defined period to meet security, compliance, and operational needs.

Full entry →
Full Log retention glossary entry →

Term 381

Log source

A log source is any system, device, or application that generates and records event data, such as timestamps and activities, for monitoring and security analysis.

Full entry →
Full Log source glossary entry →

Term 382

MAC

MAC (Media Access Control) is a unique hardware identifier assigned to network interfaces for communication on a local network segment.

Full entry →
Full MAC glossary entry →

Term 383

MAC filtering

MAC filtering is a security practice that allows or denies network access to devices based on their unique Media Access Control (MAC) address.

Full entry →
Full MAC filtering glossary entry →

Term 384

Macie

Amazon Macie is a fully managed data security and privacy service that uses machine learning and pattern matching to discover, classify, and protect sensitive data stored in Amazon Web Services (AWS).

Full entry →
Full Macie glossary entry →

Term 385

Malware

Malware is any software intentionally designed to cause damage, disrupt operations, steal data, or gain unauthorized access to computer systems.

Full entry →
Full Malware glossary entry →

Term 386

Malware analysis

Malware analysis is the process of examining malicious software to understand its behavior, origin, and impact, enabling defenders to detect, contain, and prevent future attacks.

Full entry →
Full Malware analysis glossary entry →

Term 387

MAM

Mobile Application Management (MAM) is a set of technologies and policies that allow IT administrators to manage and secure corporate applications on mobile devices without managing the entire device.

Full entry →
Full MAM glossary entry →

Term 388

Man-in-the-middle attack

A cyberattack where an attacker secretly intercepts and potentially alters communication between two parties who believe they are directly communicating with each other.

Full entry →
Full Man-in-the-middle attack glossary entry →

Term 389

Managed Detection and Response

A cybersecurity service that continuously monitors an organization's network and systems to detect threats and respond to them quickly.

Full entry →
Full Managed Detection and Response glossary entry →

Term 390

Managed identity

A managed identity is an automatically managed service principal in Azure that allows your code to authenticate to any service that supports Azure AD authentication without storing credentials.

Full entry →
Full Managed identity glossary entry →
← Part 12Part 14 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13currentPart 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26

Study resources

All ISC2 CC Acronyms→ISC2 CC Practice Tests→ISC2 CC Study Guide→Exam Domains→