Term 211
DNS over TLS
DNS over TLS encrypts DNS queries using the Transport Layer Security protocol to prevent eavesdropping and tampering.
Acronym study
Terms 211–240 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 211
DNS over TLS encrypts DNS queries using the Transport Layer Security protocol to prevent eavesdropping and tampering.
Term 212
DNS poisoning is a cyberattack that corrupts a DNS resolver's cache with false information, redirecting users to malicious websites without their knowledge.
Term 213
DNSSEC adds cryptographic signatures to DNS records to ensure data authenticity and integrity, preventing cache poisoning and spoofing attacks.
Term 214
DoH encrypts DNS queries within HTTPS traffic to prevent eavesdropping and manipulation of domain name resolution.
Term 215
A set of protocols that add digital signatures to DNS data to verify its authenticity and integrity.
Term 216
DMARC is an email authentication protocol that helps prevent spoofing and phishing by verifying that incoming email really comes from the domain it claims to be from and tells receiving servers what to do if verification fails.
Term 217
DomainKeys Identified Mail is an email authentication method that allows a domain to cryptographically sign its outgoing messages so receiving servers can verify the sender's domain is legitimate and the message was not tampered with.
Term 218
A cyberattack that floods a target with traffic or requests to exhaust its resources, making it unavailable to legitimate users.
Term 219
DNS over TLS (DoT) encrypts DNS queries using TLS, ensuring privacy and integrity between clients and resolvers.
Term 220
Due care is the legal and ethical duty of an organization to take reasonable steps to protect sensitive information and IT systems from harm.
Term 221
Due diligence is the process of systematically reviewing and verifying information, policies, and procedures to identify and manage risks before making a decision or taking an action in an IT or security context.
Term 222
Dumpster diving is the practice of searching through trash to find discarded information or equipment that can be used to compromise security.
Term 223
Dynamic ARP Inspection is a security feature that validates ARP packets on a network to prevent man-in-the-middle attacks by ensuring that only legitimate ARP messages are forwarded.
Term 224
A dynamic group is a group in Microsoft Entra ID (Azure AD) whose membership is automatically updated based on user or device attributes, rather than being manually assigned.
Term 225
Dynamic NAT is a method of mapping multiple private IP addresses to a pool of public IP addresses automatically, allowing many devices to share a limited number of public addresses.
Term 226
EAL, or Evaluation Assurance Level, is a numeric rating from 1 to 7 that measures how thoroughly a computer product has been tested for security, with higher numbers indicating more rigorous testing.
Term 227
EAP is a flexible authentication framework used in network access control, supporting multiple methods like passwords, certificates, and tokens.
Term 228
EAPoL is a network authentication protocol that encapsulates EAP frames over IEEE 802 LANs, enabling port-based access control.
Term 229
eDiscovery is the process of identifying, collecting, and producing electronic information for legal cases or investigations.
Term 230
Endpoint Detection and Response (EDR) is a cybersecurity technology that continuously monitors endpoint devices to detect, investigate, and respond to advanced threats.
Term 231
An EDR alert is a notification generated by Endpoint Detection and Response software when it detects potentially malicious activity or an anomaly on a device like a laptop, server, or workstation.
Term 232
A Cisco IOS command that sets a password to protect privileged EXEC mode (enable mode) using a strong, one-way cryptographic hash (MD5 by default), replacing the weaker 'enable password' command.
Term 233
The Encrypting File System (EFS) is a Windows feature that encrypts individual files and folders on an NTFS volume so that only authorized users can read them.
Term 234
Encryption is the process of converting readable data into a secret code to prevent unauthorized access.
Term 235
Encryption at rest is the practice of securing stored data by converting it into an unreadable format using cryptographic algorithms, so that even if physical or digital access to the storage medium is obtained, the data remains confidential.
Term 236
Encryption in transit is the process of scrambling data as it moves between two points over a network so that anyone who intercepts it cannot read it.
Term 237
An encryption key is a string of random characters used by an algorithm to lock (encrypt) and unlock (decrypt) data, ensuring only authorized parties can read it.
Term 238
End-of-life means a product or service is no longer being sold, updated, or supported by the manufacturer, and users should plan to upgrade or replace it.
Term 239
End-of-support means a company will no longer provide updates, security patches, or technical help for a product, leaving it open to risks.
Term 240
An End-user License Agreement (EULA) is a legal contract between a software creator and the person who installs or uses the software, outlining what the user can and cannot do with it.