Term 271
Threat actor
A threat actor is any person or group that intentionally causes harm to digital systems, networks, or data.
Acronym study
Terms 271–295 of 295 CISSP acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 271
A threat actor is any person or group that intentionally causes harm to digital systems, networks, or data.
Term 272
Threat analytics is the process of using threat intelligence, machine learning, and behavioral data to identify, assess, and predict cybersecurity threats in real time.
Term 273
A Microsoft 365 security tool that provides real-time interactive reports to investigate and analyze threats detected by Microsoft Defender for Office 365.
Term 274
Threat hunting is a proactive cybersecurity practice where analysts actively search networks, endpoints, and logs for hidden threats that have evaded automated security tools.
Term 275
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats that helps organizations defend against attacks.
Term 276
Threat modelling is a structured approach to identifying, evaluating, and documenting potential security threats to a system so that defenses can be built proactively.
Term 277
Threat protection is the set of security measures and technologies used to detect, prevent, and respond to cyberattacks and unauthorized access to systems and data.
Term 278
A threat vector is the path or method a cyber attacker uses to gain unauthorized access to a computer system or network.
Term 279
Transport Layer Security (TLS) is a cryptographic protocol that encrypts data sent over the internet to keep it private and ensure it hasn’t been tampered with.
Term 280
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
Term 281
The trusted computing base is the entire set of hardware, firmware, and software components that are critical to a system's security, meaning that any flaw in these components can break the entire security policy.
Term 282
A Trusted Platform Module (TPM) is a dedicated microcontroller chip that securely stores cryptographic keys, passwords, and certificates to protect a computer's hardware and ensure system integrity.
Term 283
A User Access Administrator is an IT professional responsible for managing who can access what resources in an organization, including creating, modifying, and revoking user accounts and permissions across systems.
Term 284
Virtualization security is the practice of protecting virtualized environments including virtual machines, hypervisors, virtual networks, and related infrastructure from threats and vulnerabilities.
Term 285
A VPN (Virtual Private Network) creates a secure, encrypted tunnel between your device and a remote server, protecting your data and hiding your online activity.
Term 286
A VPN concentrator is a network device that manages, encrypts, and routes multiple VPN connections from remote users or sites into a single secure gateway.
Term 287
A VPN Gateway is a network device or service that creates an encrypted tunnel between two or more networks over the internet, allowing secure communication.
Term 288
A vulnerability is a weakness in a system, network, or software that could be exploited by a threat to cause harm or unauthorized access.
Term 289
A vulnerability assessment is a systematic review of security weaknesses in an information system, evaluating if the system is susceptible to any known vulnerabilities, assigning severity levels, and recommending remediation or mitigation.
Term 290
Vulnerability management is the continuous process of identifying, classifying, prioritizing, and remediating security weaknesses in an organization's IT environment.
Term 291
A vulnerability scan is an automated process that checks systems, networks, and applications for known security weaknesses or misconfigurations.
Term 292
A Web Application Firewall (WAF) is a security tool that monitors, filters, and blocks HTTP traffic to and from a web application to protect it from common attacks.
Term 293
Windows Defender Firewall is a built-in security feature in Microsoft Windows that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Term 294
A wireless access point is a networking device that allows Wi-Fi-enabled devices to connect to a wired network, typically a local area network (LAN), acting as a bridge between wireless and wired communication.
Term 295
XDR, or Extended Detection and Response, is a unified security platform that collects and correlates data across multiple security layers—endpoints, networks, servers, cloud workloads, and email—to improve threat detection and enable faster response.