Term 571
SBOM
An SBOM is a formal, machine-readable inventory of all software components and dependencies used in a software application or system.
Acronym study
Terms 571–600 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 571
An SBOM is a formal, machine-readable inventory of all software components and dependencies used in a software application or system.
Term 572
SCA (Software Composition Analysis) is a security testing method that automatically identifies open-source components, libraries, and dependencies in software to find known vulnerabilities and license compliance issues.
Term 573
SCADA is an industrial control system that monitors and controls infrastructure processes like power grids, water treatment, and pipelines.
Term 574
In IT, scope defines the boundaries, goals, and deliverables of a project, assessment, or engagement, specifying what is included and what is excluded.
Term 575
SCP (Secure Copy Protocol) is a network protocol used to securely transfer files between computers over an encrypted SSH connection.
Term 576
A Secret Manager is a centralized tool that securely stores, manages, and controls access to sensitive information like passwords, API keys, and certificates, often automating their rotation and injection into applications.
Term 577
Secrets management is the practice of securely storing, controlling access to, and regularly rotating sensitive credentials like passwords, API keys, and certificates used by applications and services.
Term 578
AWS Secrets Manager is a fully managed service that helps you protect access to your applications, services, and IT resources by securely storing, rotating, and controlling access to secrets like database passwords, API keys, and credentials.
Term 579
Secure Access Service Edge (SASE) is a cloud-based security framework that combines network connectivity and security services into a single, unified service to protect users and devices wherever they are.
Term 580
Secure Boot is a security feature that ensures a device starts up using only trusted software that is digitally signed by the manufacturer.
Term 581
A secure enclave is a dedicated, isolated hardware component within a processor that protects sensitive data and code from unauthorized access, even if the main operating system is compromised.
Term 582
Secure Score is a measurement tool in Microsoft 365 that shows how secure your organization is based on the security features you have enabled and configured.
Term 583
Secure Shell (SSH) is a network protocol that provides a secure, encrypted way to access and manage remote computers over an unsecured network.
Term 584
Secure Sockets Layer is a cryptographic protocol that encrypts data transmitted between a web browser and a server to protect it from eavesdropping and tampering.
Term 585
Security Assertion Markup Language is an open standard that allows different computer systems to securely share authentication and authorization information about a user.
Term 586
Security awareness is the ongoing practice of educating people within an organization about cybersecurity risks, safe behaviors, and their individual responsibilities to protect information assets.
Term 587
A security baseline is a documented minimum set of security configurations and settings that must be applied to a system, device, or network to ensure a known secure starting point.
Term 588
Security Command Center is a centralized cloud security management platform that helps organizations detect, investigate, and respond to threats across their cloud infrastructure.
Term 589
A security control is a safeguard or countermeasure designed to protect the confidentiality, integrity, and availability of information systems and data.
Term 590
Security governance is the framework of rules, policies, and processes that an organization uses to align its cybersecurity activities with its business goals and legal obligations.
Term 591
A security group is a virtual firewall that controls inbound and outbound traffic to AWS resources, such as EC2 instances, based on defined rules.
Term 592
Security Hub is a cloud security posture management service that aggregates and prioritizes security alerts and compliance checks from multiple AWS services into a single place.
Term 593
A system that collects, analyzes, and reports on security data from across an IT environment to detect and respond to threats.
Term 594
The security kernel is the core, trusted part of an operating system that enforces access control and security policies for all system operations.
Term 595
Security misconfiguration occurs when security settings are defined, implemented, or maintained incorrectly, leaving systems, applications, or networks vulnerable to unauthorized access or data breaches.
Term 596
A security model is a formal framework that defines how subjects (users, processes) can access objects (files, resources) based on rules, ensuring confidentiality, integrity, and availability.
Term 597
A Security Operations Center (SOC) is a centralized team and facility that monitors, detects, analyzes, and responds to cybersecurity incidents across an organization's IT environment 24/7.
Term 598
A security policy is a formal set of rules and guidelines that an organization establishes to protect its information assets and technology resources.
Term 599
An organization's overall cybersecurity strength, including policies, controls, and readiness to defend against and respond to threats.
Term 600
A security recommendation is a prescribed action, configuration, or update that aims to reduce risk and protect systems, data, and users from known threats or vulnerabilities.