Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Certified Information Systems Security Professional CISSP/Acronyms/Part 10

Acronym study

CISSP Acronyms — Part 10 of 10

Terms 271–295 of 295 CISSP acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 9Part 10 of 10

Term 271

Threat actor

A threat actor is any person or group that intentionally causes harm to digital systems, networks, or data.

Full entry →
Full Threat actor glossary entry →

Term 272

Threat analytics

Threat analytics is the process of using threat intelligence, machine learning, and behavioral data to identify, assess, and predict cybersecurity threats in real time.

Full entry →
Full Threat analytics glossary entry →

Term 273

Threat Explorer

A Microsoft 365 security tool that provides real-time interactive reports to investigate and analyze threats detected by Microsoft Defender for Office 365.

Full entry →
Full Threat Explorer glossary entry →

Term 274

Threat hunting

Threat hunting is a proactive cybersecurity practice where analysts actively search networks, endpoints, and logs for hidden threats that have evaded automated security tools.

Full entry →
Full Threat hunting glossary entry →

Term 275

Threat intelligence

Threat intelligence is evidence-based knowledge about existing or emerging cyber threats that helps organizations defend against attacks.

Full entry →
Full Threat intelligence glossary entry →

Term 276

Threat modelling

Threat modelling is a structured approach to identifying, evaluating, and documenting potential security threats to a system so that defenses can be built proactively.

Full entry →
Full Threat modelling glossary entry →

Term 277

Threat protection

Threat protection is the set of security measures and technologies used to detect, prevent, and respond to cyberattacks and unauthorized access to systems and data.

Full entry →
Full Threat protection glossary entry →

Term 278

Threat vector

A threat vector is the path or method a cyber attacker uses to gain unauthorized access to a computer system or network.

Full entry →
Full Threat vector glossary entry →

Term 279

TLS

Transport Layer Security (TLS) is a cryptographic protocol that encrypts data sent over the internet to keep it private and ensure it hasn’t been tampered with.

Full entry →
Full TLS glossary entry →

Term 280

Tokenization

Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.

Full entry →
Full Tokenization glossary entry →

Term 281

Trusted computing base

The trusted computing base is the entire set of hardware, firmware, and software components that are critical to a system's security, meaning that any flaw in these components can break the entire security policy.

Full entry →
Full Trusted computing base glossary entry →

Term 282

Trusted Platform Module

A Trusted Platform Module (TPM) is a dedicated microcontroller chip that securely stores cryptographic keys, passwords, and certificates to protect a computer's hardware and ensure system integrity.

Full entry →
Full Trusted Platform Module glossary entry →

Term 283

User Access Administrator

A User Access Administrator is an IT professional responsible for managing who can access what resources in an organization, including creating, modifying, and revoking user accounts and permissions across systems.

Full entry →
Full User Access Administrator glossary entry →

Term 284

Virtualization security

Virtualization security is the practice of protecting virtualized environments including virtual machines, hypervisors, virtual networks, and related infrastructure from threats and vulnerabilities.

Full entry →
Full Virtualization security glossary entry →

Term 285

VPN

A VPN (Virtual Private Network) creates a secure, encrypted tunnel between your device and a remote server, protecting your data and hiding your online activity.

Full entry →
Full VPN glossary entry →

Term 286

VPN concentrator

A VPN concentrator is a network device that manages, encrypts, and routes multiple VPN connections from remote users or sites into a single secure gateway.

Full entry →
Full VPN concentrator glossary entry →

Term 287

VPN Gateway

A VPN Gateway is a network device or service that creates an encrypted tunnel between two or more networks over the internet, allowing secure communication.

Full entry →
Full VPN Gateway glossary entry →

Term 288

Vulnerability

A vulnerability is a weakness in a system, network, or software that could be exploited by a threat to cause harm or unauthorized access.

Full entry →
Full Vulnerability glossary entry →

Term 289

Vulnerability assessment

A vulnerability assessment is a systematic review of security weaknesses in an information system, evaluating if the system is susceptible to any known vulnerabilities, assigning severity levels, and recommending remediation or mitigation.

Full entry →
Full Vulnerability assessment glossary entry →

Term 290

Vulnerability management

Vulnerability management is the continuous process of identifying, classifying, prioritizing, and remediating security weaknesses in an organization's IT environment.

Full entry →
Full Vulnerability management glossary entry →

Term 291

Vulnerability scan

A vulnerability scan is an automated process that checks systems, networks, and applications for known security weaknesses or misconfigurations.

Full entry →
Full Vulnerability scan glossary entry →

Term 292

Web Application Firewall

A Web Application Firewall (WAF) is a security tool that monitors, filters, and blocks HTTP traffic to and from a web application to protect it from common attacks.

Full entry →
Full Web Application Firewall glossary entry →

Term 293

Windows Defender Firewall

Windows Defender Firewall is a built-in security feature in Microsoft Windows that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Full entry →
Full Windows Defender Firewall glossary entry →

Term 294

Wireless access point

A wireless access point is a networking device that allows Wi-Fi-enabled devices to connect to a wired network, typically a local area network (LAN), acting as a bridge between wireless and wired communication.

Full entry →
Full Wireless access point glossary entry →

Term 295

XDR

XDR, or Extended Detection and Response, is a unified security platform that collects and correlates data across multiple security layers—endpoints, networks, servers, cloud workloads, and email—to improve threat detection and enable faster response.

Full entry →
Full XDR glossary entry →
← Part 9All parts →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10current

Study resources

All CISSP Acronyms→CISSP Practice Tests→CISSP Study Guide→Exam Domains→