Term 601
Security strategy
A security strategy is a high-level plan that outlines how an organization protects its information assets, aligns security with business goals, and manages risk over time.
Acronym study
Terms 601–630 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 601
A security strategy is a high-level plan that outlines how an organization protects its information assets, aligns security with business goals, and manages risk over time.
Term 602
A security update is a software patch released to fix a vulnerability that could be exploited by attackers to compromise a system.
Term 603
SELinux (Security-Enhanced Linux) is a mandatory access control (MAC) security mechanism built into the Linux kernel that enforces policies to restrict how processes and users interact with files, devices, and system resources.
Term 604
Sender Policy Framework (SPF) is an email authentication method that prevents spammers from sending emails that appear to come from your domain by listing which servers are allowed to send email for that domain.
Term 605
A sensitivity label is a metadata tag applied to digital content that classifies the content's level of confidentiality and governs how it can be shared, protected, and accessed.
Term 606
Separation of duties is a security principle that splits critical tasks and privileges among multiple people to prevent fraud, errors, and abuse of power.
Term 607
Serverless security is the practice of protecting applications that run on serverless computing platforms, where the cloud provider manages the infrastructure and the customer is responsible for securing the code, data, and access controls.
Term 608
A service account is a special type of account used by an application or a virtual machine, rather than a human user, to authenticate and interact with cloud services and APIs securely.
Term 609
A Service Control Policy (SCP) is a centralized governance tool in AWS Organizations that allows you to define and enforce maximum permissions for all accounts in an organization, acting as a security guardrail that limits what actions principals can perform.
Term 610
Service Health is a monitoring feature in Microsoft 365 and Azure that provides real-time and historical status of cloud services, including outages, advisories, and incidents.
Term 611
A service level agreement (SLA) is a documented contract that defines the specific level of service a provider guarantees to a customer, including performance metrics, responsibilities, and remedies for failures.
Term 612
A service principal is an identity created for an application or automated tool to access cloud resources securely without using a human user account.
Term 613
The Service Trust Portal is a Microsoft website that gives IT professionals and auditors access to compliance documentation, audit reports, and security information about Microsoft cloud services.
Term 614
sFlow is a network monitoring technology that samples packets and exports traffic statistics to a central collector for analyzing network performance and security.
Term 615
SFTP (Secure File Transfer Protocol) is a network protocol that provides secure file transfer over SSH, encrypting both commands and data.
Term 616
SGID stands for Set Group ID, a Unix/Linux file permission that allows a process or executable to run with the group privileges of the file's group owner, not the user who runs it.
Term 617
Shared responsibility is a cloud security model where the cloud provider and the customer each own distinct parts of security and compliance duties.
Term 618
A shared secret is a piece of data, like a password or cryptographic key, known only to the parties involved in a secure communication, used to verify identity and protect information.
Term 619
A shield in IT networking is a conductive layer around a cable or device that blocks electromagnetic interference to protect signal integrity.
Term 620
Shift left security is the practice of integrating security testing and controls earlier in the software development lifecycle, rather than waiting until after deployment.
Term 621
A social engineering attack where an attacker observes a victim's screen or keyboard to steal passwords or sensitive information.
Term 622
A side-channel attack is a type of security exploit that gathers information from a system by observing its physical or secondary outputs—such as timing, power consumption, or electromagnetic emissions—rather than directly attacking the software or cryptographic algorithm.
Term 623
SIEM (Security Information and Event Management) is a system that collects and analyzes log data from across an IT environment to detect and respond to security threats in real time.
Term 624
A SIEM query is a search command used in a Security Information and Event Management system to find, filter, and analyze security-related log data from across an organization's IT environment.
Term 625
A Sigma rule is a generic, YAML-based detection rule format used in cybersecurity to describe suspicious activities in a way that can be easily shared and converted for use across different security information and event management (SIEM) systems.
Term 626
SMTPS is a secure version of the Simple Mail Transfer Protocol that uses encryption to protect email messages during transmission between email servers.
Term 627
Single sign-on (SSO) is an authentication method that allows a user to log in once and gain access to multiple applications or systems without re-entering credentials.
Term 628
A Service Level Agreement (SLA) is a contract between a service provider and a customer that defines the level of service expected, including metrics like uptime, response time, and penalties for non-compliance.
Term 629
SLE (Single Loss Expectancy) is the monetary loss expected each time a specific risk event occurs, calculated as asset value times exposure factor.
Term 630
SMB is a network file-sharing protocol that allows applications to read, write, and request services from server programs in a computer network.