Term 61
Compliance state
Compliance state is the current status of a system, application, or device indicating whether it meets a defined set of security policies, regulatory requirements, or configuration standards.
Acronym study
Terms 61–90 of 295 CISSP acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 61
Compliance state is the current status of a system, application, or device indicating whether it meets a defined set of security policies, regulatory requirements, or configuration standards.
Term 62
Conditional access is a security framework that evaluates signals like user location, device health, and risk level to grant or block access to resources in real time.
Term 63
Conditional Access integration is a security framework that evaluates signals such as user identity, location, device state, and application sensitivity to grant or block access to resources before a session is established.
Term 64
A Conditional Access policy is a set of rules in Microsoft Entra ID that automatically grants or blocks access to cloud apps based on signals like user identity, location, device health, and risk level.
Term 65
Container security is the practice of protecting containerized applications and their underlying infrastructure from threats throughout the entire lifecycle.
Term 66
A security measure that acts after an incident to limit damage, restore operations, and prevent recurrence.
Term 67
A countermeasure is any action, device, procedure, or technique that reduces a threat, vulnerability, or risk to an acceptable level.
Term 68
A covert channel is a hidden communication path that allows data to be transferred in ways that violate a system's security policy, often by using resources not intended for communication.
Term 69
Discretionary Access Control is a security model where the owner of a resource decides who can access it and what permissions they have.
Term 70
Data classification is the process of organizing data into categories based on its sensitivity, value, and criticality to an organization, so that appropriate security controls can be applied.
Term 71
An entity that determines the purposes and means of processing personal data.
Term 72
A data custodian is the person or team responsible for the safe handling, storage, and transport of data on behalf of the data owner.
Term 73
Data masking is a security technique that replaces sensitive data with realistic but fictional data so it can be used safely in non-production environments.
Term 74
A senior-level person who is accountable for the classification, protection, and appropriate use of a specific set of data within an organization.
Term 75
A data processor is a person or organization that processes personal data on behalf of a data controller, following the controller's instructions and under their authority.
Term 76
Data protection refers to the practices and technologies used to safeguard personal and sensitive information from unauthorized access, loss, or corruption.
Term 77
Data remanence is the residual representation of data that remains on a storage medium even after attempts to erase or remove it.
Term 78
Data retention is the practice of keeping data for a specific period to meet legal, business, or compliance needs, and then securely disposing of it.
Term 79
Data sanitization is the process of deliberately, permanently, and irreversibly removing or destroying data stored on a device or media so that it cannot be recovered or reconstructed by any known method.
Term 80
Data security is the practice of protecting digital information from unauthorized access, corruption, or theft throughout its lifecycle.
Term 81
A configuration in IT systems where security services or appliances operate in an isolated, single-purpose environment to prevent interference with other functions and reduce attack surface.
Term 82
A Defender policy is a set of security rules configured in Microsoft 365 Defender that controls how endpoint detection and response (EDR), antivirus, firewall, and other protection features behave on managed devices.
Term 83
A detective control is a security measure that identifies and reports unwanted or suspicious activity after it has already occurred.
Term 84
A deterrent control is a security measure designed to discourage potential attackers from attempting to breach a system or commit a violation, relying on the perceived threat of consequences.
Term 85
Device compliance is the process of ensuring that a device meets an organization's security and configuration policies before it can access network resources.
Term 86
Device risk is the chance that a computer, phone, or other endpoint could cause a security problem or data leak because it is not properly managed or protected.
Term 87
DevSecOps is a software development practice that integrates security into every phase of the DevOps lifecycle, making security a shared responsibility from the start.
Term 88
A digital certificate is an electronic document that verifies the identity of a person, device, or website and enables secure encrypted communication over the internet.
Term 89
Disk encryption is the process of converting data on a storage device into a coded form that can only be read with the correct decryption key, protecting it from unauthorized access.
Term 90
A DLP policy is a set of rules that an organization uses to prevent sensitive data from being lost, stolen, or accidentally exposed, whether it is in use, in motion, or at rest.