Term 481
Policy assignment
Policy assignment is the process of attaching a set of rules or permissions to a specific resource, user, or group so that those rules are enforced in a cloud or IT environment.
Acronym study
Terms 481–510 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 481
Policy assignment is the process of attaching a set of rules or permissions to a specific resource, user, or group so that those rules are enforced in a cloud or IT environment.
Term 482
A policy definition is a formal rule or set of rules that specifies allowed or denied actions on resources within an IT environment, often used for governance, compliance, and security control.
Term 483
Policy enforcement is the process of implementing and ensuring compliance with defined security rules and configurations across an IT environment.
Term 484
Policy inheritance is the mechanism by which policies applied to a parent container in a hierarchical system automatically apply to all child objects within that container, unless explicitly blocked or overridden.
Term 485
Port mirroring is a network monitoring technique that sends a copy of all packets seen on one switch port (or VLAN) to another port for analysis.
Term 486
Port security is a network switch feature that restricts which devices can connect to a port based on the device's MAC address, preventing unauthorized access.
Term 487
A Potentially Unwanted Program (PUP) is software that you did not intend to install and that can cause unwanted behavior on your system, such as showing excessive ads or slowing down performance.
Term 488
PowerShell script deployment is the process of automating the distribution and execution of PowerShell scripts across multiple computers in an IT environment to perform configuration, software installation, or security tasks.
Term 489
PPTP is an outdated VPN protocol that encapsulates PPP frames in IP packets for secure remote access, but is now considered insecure.
Term 490
A secret password or passphrase that two devices share beforehand to prove they are allowed to connect and communicate securely.
Term 491
Preparation is the first phase of incident response where organizations proactively establish policies, tools, training, and procedures to handle security incidents effectively.
Term 492
A preventive control is a security measure designed to stop unauthorized access, attacks, or errors before they can occur.
Term 493
A Pricing Calculator is a tool that lets you estimate the cost of cloud services before you start using them.
Term 494
Privacy in IT is the control over how personal data is collected, stored, used, and shared by systems and organizations.
Term 495
Privacy risk management is the ongoing process of identifying, assessing, and responding to risks that could compromise the confidentiality, integrity, or availability of personal data.
Term 496
A private endpoint is a network interface that securely connects a service over a private IP address inside a virtual network, keeping traffic off the public internet.
Term 497
A private subnet is a segmented portion of a cloud or on-premises network that is not directly accessible from the public internet, used to host internal resources securely.
Term 498
AWS PrivateLink is a service that lets you securely access services hosted on AWS VPCs as if they were on your own private network, without exposing traffic to the public internet.
Term 499
Privileged access is a special level of permission that allows a user or system to perform high-impact actions like installing software, changing system settings, or accessing sensitive data across an IT environment.
Term 500
A privileged account is a user account that has extra permissions beyond a standard user, allowing it to install software, change system settings, or access sensitive data.
Term 501
Privileged Identity Management is a security system that controls, monitors, and audits access to sensitive systems by granting elevated permissions only when needed and for a limited time.
Term 502
Proactive remediations are automated actions taken in advance to fix or prevent known IT issues before they affect users or systems.
Term 503
A documented set of step-by-step instructions for performing a specific task or handling a particular situation in an IT environment.
Term 504
A project is a temporary endeavor with a defined beginning and end, undertaken to create a unique product, service, or result, managed through specific processes in IT environments.
Term 505
Protected health information (PHI) is any health data that can identify an individual and is subject to strict privacy and security regulations.
Term 506
A proxy is an intermediary server that sits between a client and a destination server, forwarding requests and responses while providing security, privacy, and control.
Term 507
A proxy log is a record of all traffic that passes through a proxy server, capturing details like source IP, destination URL, timestamps, and content type for security analysis and monitoring.
Term 508
Pseudonymization is a data processing technique that replaces private identifiers with artificial identifiers, or pseudonyms, to protect personal data while still allowing for analysis and processing.
Term 509
A pre-shared key (PSK) is a secret string of characters shared in advance between two parties to authenticate and encrypt wireless or VPN communications.
Term 510
Public key authentication is a cryptographic method that uses a pair of keys—a public key shared openly and a private key kept secret—to verify identity and secure communications.