Term 661
Syslog
Syslog is a standard protocol used to send and store log messages from network devices and servers to a central logging server for monitoring and troubleshooting.
Acronym study
Terms 661–690 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 661
Syslog is a standard protocol used to send and store log messages from network devices and servers to a central logging server for monitoring and troubleshooting.
Term 662
Sysmon is a Windows system service and device driver that logs detailed system activity to help security professionals detect and investigate malicious behavior.
Term 663
System high mode is a security operating mode where all users with access to the system have security clearances that meet the highest classification level of information processed, but may not have a formal need-to-know for all data within the system.
Term 664
A unified cloud-based service that lets IT administrators centrally manage the configuration, patching, and health of a fleet of servers and virtual machines.
Term 665
A tabletop exercise is a discussion-based session where team members talk through their response to a simulated emergency scenario to test plans and identify gaps without actually running any systems or deploying resources.
Term 666
TACACS+ is a protocol that separates authentication, authorization, and accounting functions to control who can access network devices and what they can do.
Term 667
Tactical intelligence is the analysis of real-time threat data to guide immediate defensive actions in a security operations center.
Term 668
A tag is a metadata label attached to a cloud resource or IT asset to organize, track, and manage it based on custom attributes like environment, owner, or cost center.
Term 669
A tagging strategy is a planned system of labels assigned to cloud resources to organize them, track costs, enforce security, and automate management across an IT environment.
Term 670
Tailgating is a physical security breach where an unauthorized person follows an authorized person into a restricted area without proper authentication.
Term 671
TAXII (Trusted Automated eXchange of Indicator Information) is a standardized protocol that enables the automated sharing of cyber threat intelligence (CTI) between organizations and security systems.
Term 672
TCB (Trusted Computing Base) is the collection of all hardware, firmware, and software components in a system that are essential to enforcing its security policy.
Term 673
A TCO Calculator is a tool that estimates the total cost of owning and operating an IT asset over its entire lifecycle, including purchase, maintenance, support, and disposal costs.
Term 674
TCP is a connection-oriented transport layer protocol that ensures reliable, ordered, and error-checked delivery of data between applications over IP networks.
Term 675
A technical control is a security mechanism implemented through hardware, software, or firmware that protects the confidentiality, integrity, and availability of IT systems and data.
Term 676
Telnet is a network protocol that provides a bidirectional, interactive text-based communication session between two machines over a network, typically used for remote access and management of network devices.
Term 677
TEMPEST is a U.S. government standard for protecting electronic equipment from emitting electromagnetic signals that could be intercepted to steal sensitive information.
Term 678
TKIP is a security protocol used in Wi-Fi networks to strengthen encryption by dynamically changing the encryption key for each data packet.
Term 679
A dedicated and isolated instance of Microsoft Entra ID that an organization receives when signing up for a Microsoft cloud service.
Term 680
TACACS+ is a network security protocol that separates authentication, authorization, and accounting to control who can access network devices and what they can do.
Term 681
TACACS+ is a remote authentication protocol that uses three separate servers to verify who you are, what you are allowed to do, and record what you did on network devices.
Term 682
Terraform is an infrastructure-as-code tool that lets you define and manage your IT infrastructure using configuration files instead of manual processes.
Term 683
A threat is any potential danger that could harm a computer system, network, or data, whether from a malicious hacker, a natural disaster, or an accidental mistake.
Term 684
A threat actor is any person or group that intentionally causes harm to digital systems, networks, or data.
Term 685
Threat analytics is the process of using threat intelligence, machine learning, and behavioral data to identify, assess, and predict cybersecurity threats in real time.
Term 686
Threat emulation is the proactive simulation of real-world cyberattacks within a controlled environment to test an organization's defenses, identify vulnerabilities, and improve security posture.
Term 687
A Microsoft 365 security tool that provides real-time interactive reports to investigate and analyze threats detected by Microsoft Defender for Office 365.
Term 688
Threat hunting is a proactive cybersecurity practice where analysts actively search networks, endpoints, and logs for hidden threats that have evaded automated security tools.
Term 689
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats that helps organizations defend against attacks.
Term 690
Threat modelling is a structured approach to identifying, evaluating, and documenting potential security threats to a system so that defenses can be built proactively.