Term 361
Key pair
A key pair is a set of two cryptographic keys—a public key and a private key—used together to encrypt and decrypt data or to create and verify digital signatures.
Acronym study
Terms 361–390 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 361
A key pair is a set of two cryptographic keys—a public key and a private key—used together to encrypt and decrypt data or to create and verify digital signatures.
Term 362
A keylogger is a type of surveillance software or hardware that records every keystroke you type on your keyboard, often used without your knowledge to steal passwords and other sensitive information.
Term 363
A kill chain is a step-by-step model that describes the stages of a cyberattack, from initial reconnaissance to the final objective, helping defenders understand and disrupt each phase.
Term 364
KMS (Key Management Service) is a Microsoft technology that automates volume licensing activation for Windows and Office products within an organization's network.
Term 365
A file used by SSH to store the public keys of remote servers, allowing the client to verify the server's identity and prevent man-in-the-middle attacks.
Term 366
Kubernetes RBAC is a security mechanism that controls who can access and perform actions on resources in a Kubernetes cluster based on their role.
Term 367
Labels are descriptive text or tags attached to IT resources to organize, identify, and manage them based on attributes like purpose, environment, or owner.
Term 368
Latency routing is a DNS-based traffic management method that directs user requests to the server location which can provide the lowest network latency for that specific user.
Term 369
Lateral movement is the technique attackers use to move through a network from one compromised system to another, seeking sensitive data or higher privileges.
Term 370
LDAPS is a secure version of LDAP that encrypts all directory service communications using SSL or TLS.
Term 371
LDAPS encrypts LDAP traffic using SSL/TLS to secure directory queries and authentication over a network.
Term 372
Least privilege is a security principle that means giving users, systems, or programs only the minimum permissions they need to do their job and nothing more.
Term 373
A legal requirement is a mandatory rule or standard set by law or regulation that an organization must follow, often concerning data protection, privacy, or security practices.
Term 374
Lessons learned is the process of capturing, analyzing, and documenting knowledge gained from past incidents or projects to improve future security operations and prevent recurrence of problems.
Term 375
Lightweight Directory Access Protocol (LDAP) is a standard protocol used to access and manage directory information over a network, such as user credentials and permissions.
Term 376
Likelihood is the estimated probability that a specific threat will exploit a vulnerability, causing harm to an IT asset or system.
Term 377
A line-of-business app is a software application that is essential for running a specific core business process, such as accounting, inventory management, or customer relationship management.
Term 378
LLDP (Link Layer Discovery Protocol) is a vendor-neutral protocol used by network devices to advertise their identity, capabilities, and neighbors on a local Ethernet network.
Term 379
Log management is the process of collecting, storing, analyzing, and disposing of log data generated by computer systems, networks, and applications to ensure security, compliance, and operational health.
Term 380
Log retention is the practice of storing log data for a defined period to meet security, compliance, and operational needs.
Term 381
A log source is any system, device, or application that generates and records event data, such as timestamps and activities, for monitoring and security analysis.
Term 382
MAC (Media Access Control) is a unique hardware identifier assigned to network interfaces for communication on a local network segment.
Term 383
MAC filtering is a security practice that allows or denies network access to devices based on their unique Media Access Control (MAC) address.
Term 384
Amazon Macie is a fully managed data security and privacy service that uses machine learning and pattern matching to discover, classify, and protect sensitive data stored in Amazon Web Services (AWS).
Term 385
Malware is any software intentionally designed to cause damage, disrupt operations, steal data, or gain unauthorized access to computer systems.
Term 386
Malware analysis is the process of examining malicious software to understand its behavior, origin, and impact, enabling defenders to detect, contain, and prevent future attacks.
Term 387
Mobile Application Management (MAM) is a set of technologies and policies that allow IT administrators to manage and secure corporate applications on mobile devices without managing the entire device.
Term 388
A cyberattack where an attacker secretly intercepts and potentially alters communication between two parties who believe they are directly communicating with each other.
Term 389
A cybersecurity service that continuously monitors an organization's network and systems to detect threats and respond to them quickly.
Term 390
A managed identity is an automatically managed service principal in Azure that allows your code to authenticate to any service that supports Azure AD authentication without storing credentials.