Term 301
Shift left security
Shift left security is the practice of integrating security testing and controls earlier in the software development lifecycle, rather than waiting until after deployment.
Acronym study
Terms 301–330 of 352 MD-102 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 301
Shift left security is the practice of integrating security testing and controls earlier in the software development lifecycle, rather than waiting until after deployment.
Term 302
Side-loading is the process of installing software on a mobile device from a source other than the official app store.
Term 303
SIEM (Security Information and Event Management) is a system that collects and analyzes log data from across an IT environment to detect and respond to security threats in real time.
Term 304
A SIEM query is a search command used in a Security Information and Event Management system to find, filter, and analyze security-related log data from across an organization's IT environment.
Term 305
A SIM card is a small, removable chip in mobile devices that securely stores the subscriber identity to connect to a cellular network.
Term 306
Single sign-on (SSO) is an authentication method that allows a user to log in once and gain access to multiple applications or systems without re-entering credentials.
Term 307
A smartphone is a handheld mobile device that combines cellular communication with computing capabilities, running an operating system that supports third-party applications, internet connectivity, and a touchscreen interface.
Term 308
SO-DIMM is a compact memory module used in laptops, small form factor PCs, and other space-constrained devices to provide system RAM.
Term 309
Spear phishing is a targeted cyberattack in which a criminal sends a fraudulent email that appears to come from a trusted source, aiming to trick a specific person or organization into revealing sensitive data or installing malware.
Term 310
An SSL VPN is a virtual private network that uses the Secure Sockets Layer protocol to create an encrypted tunnel for remote users to securely access network resources over the internet.
Term 311
A storage firewall is a security appliance or software that controls access to storage systems, protecting data from unauthorized access, malware, and insider threats by inspecting and filtering storage protocol traffic.
Term 312
A stored access policy is a server-side set of rules that defines permissions for accessing data or resources, applied consistently each time a request is made.
Term 313
Symmetric encryption is a cryptographic method where the same secret key is used to both encrypt and decrypt data, ensuring confidentiality between two parties.
Term 314
A tablet is a portable computing device with a touchscreen interface, typically larger than a smartphone but smaller than a laptop, used for browsing, media consumption, and light productivity tasks.
Term 315
A Teams policy is a set of rules in Microsoft Teams that controls how users can communicate, collaborate, and access features within the application.
Term 316
Tenant attach is a Microsoft device management feature that links on-premises Configuration Manager hierarchies to the Microsoft Intune cloud service for unified endpoint management.
Term 317
Tethering is sharing your phone's internet connection with another device, like a laptop or tablet, so it can go online.
Term 318
A threat is any potential danger that could harm a computer system, network, or data, whether from a malicious hacker, a natural disaster, or an accidental mistake.
Term 319
A threat actor is any person or group that intentionally causes harm to digital systems, networks, or data.
Term 320
Threat analytics is the process of using threat intelligence, machine learning, and behavioral data to identify, assess, and predict cybersecurity threats in real time.
Term 321
A Microsoft 365 security tool that provides real-time interactive reports to investigate and analyze threats detected by Microsoft Defender for Office 365.
Term 322
Threat hunting is a proactive cybersecurity practice where analysts actively search networks, endpoints, and logs for hidden threats that have evaded automated security tools.
Term 323
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats that helps organizations defend against attacks.
Term 324
Threat modelling is a structured approach to identifying, evaluating, and documenting potential security threats to a system so that defenses can be built proactively.
Term 325
Threat protection is the set of security measures and technologies used to detect, prevent, and respond to cyberattacks and unauthorized access to systems and data.
Term 326
A threat vector is the path or method a cyber attacker uses to gain unauthorized access to a computer system or network.
Term 327
TPM (Trusted Platform Module) is a dedicated hardware chip on a computer's motherboard that stores cryptographic keys, passwords, and certificates to secure the system against unauthorized access and tampering.
Term 328
An Update ring is a policy-based group in Windows 10/11 deployment that controls the timing, pace, and scope of feature updates and quality updates pushed to devices across an organization.
Term 329
A User Access Administrator is an IT professional responsible for managing who can access what resources in an organization, including creating, modifying, and revoking user accounts and permissions across systems.
Term 330
Virtualization security is the practice of protecting virtualized environments including virtual machines, hypervisors, virtual networks, and related infrastructure from threats and vulnerabilities.