Term 691
Threat protection
Threat protection is the set of security measures and technologies used to detect, prevent, and respond to cyberattacks and unauthorized access to systems and data.
Acronym study
Terms 691–720 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 691
Threat protection is the set of security measures and technologies used to detect, prevent, and respond to cyberattacks and unauthorized access to systems and data.
Term 692
A temporary, automatically generated code that changes every few seconds and is used as an extra layer of security when logging into an account.
Term 693
Timeline analysis is the process of ordering events by their time of occurrence to establish a sequence of actions during an incident response investigation.
Term 694
TKIP is a security protocol used in WPA to replace WEP's static key with dynamic per-packet keys, ensuring data integrity.
Term 695
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
Term 696
TPM (Trusted Platform Module) is a dedicated hardware chip on a computer's motherboard that stores cryptographic keys, passwords, and certificates to secure the system against unauthorized access and tampering.
Term 697
A Transit Gateway is a network hub that connects multiple virtual private clouds (VPCs) and on-premises networks through a single, central gateway to simplify routing and reduce complexity.
Term 698
Transport Layer Security (TLS) is a cryptographic protocol that provides secure, encrypted communication between two devices over a network, such as between a web browser and a server.
Term 699
Triage is the process of quickly assessing and prioritizing security incidents based on their severity, impact, and urgency to determine the appropriate response.
Term 700
A Trojan is a type of malware that disguises itself as a legitimate file or program to trick users into installing it, then performs harmful actions without the user's knowledge.
Term 701
A true negative is a test result that correctly identifies the absence of a condition or threat, meaning no false alarm occurred.
Term 702
A true positive is when a security tool correctly identifies a real threat or malicious activity.
Term 703
A trust boundary is the logical or physical line that separates a trusted, secure area from an untrusted, potentially hostile environment in a computer system or network.
Term 704
A Trust Center is a centralized portal or collection of resources where an organization publishes its security, compliance, privacy, and data protection policies to build customer and stakeholder confidence.
Term 705
A Trusted Advisor is an IT professional who earns deep client trust through expert guidance, ethical behavior, and a focus on the client’s long-term success rather than just selling products.
Term 706
The trusted computing base is the entire set of hardware, firmware, and software components that are critical to a system's security, meaning that any flaw in these components can break the entire security policy.
Term 707
A Trusted Platform Module (TPM) is a dedicated microcontroller chip that securely stores cryptographic keys, passwords, and certificates to protect a computer's hardware and ensure system integrity.
Term 708
TTP stands for Tactics, Techniques, and Procedures, which describe the behavior patterns and methods used by threat actors in cybersecurity attacks.
Term 709
User Account Control is a Windows security feature that prevents unauthorized changes to your computer by asking for permission before allowing certain actions.
Term 710
UFW (Uncomplicated Firewall) is a user-friendly command-line interface for managing iptables firewall rules on Linux systems, designed to simplify network security configuration.
Term 711
Umask (user file-creation mode mask) is a Linux/Unix setting that determines the default permissions assigned to new files and directories by subtracting or masking permission bits from a base set.
Term 712
Unified Threat Management (UTM) is a single security appliance or service that combines multiple network security functions like firewall, antivirus, intrusion prevention, and content filtering into one device.
Term 713
A use case is a description of how a specific user or system interacts with a system to achieve a particular goal, often used in security operations to define required functions and validate system behavior.
Term 714
A user is any person, system, or device that interacts with an IT service, resource, or identity system, typically authenticated through credentials and authorized to perform specific actions.
Term 715
A User Access Administrator is an IT professional responsible for managing who can access what resources in an organization, including creating, modifying, and revoking user accounts and permissions across systems.
Term 716
A user account is a digital identity that allows a person to access a computer system, network, or application with specific permissions and settings.
Term 717
User Account Control (UAC) is a Windows security feature that prevents unauthorized changes to the operating system by prompting for permission before allowing actions that affect system settings or installed programs.
Term 718
User behaviour analytics (UBA) is a cybersecurity process that monitors and analyzes patterns in how users interact with systems to detect abnormal actions that may indicate a security threat.
Term 719
Unified Threat Management (UTM) is a comprehensive security appliance that combines multiple security functions like firewall, antivirus, intrusion prevention, and VPN into a single device.
Term 720
Verify explicitly means that a system must actively confirm a user's identity or permissions before granting access, rather than trusting implied or cached credentials.