Term 1
Active reconnaissance
Active reconnaissance is the process of directly interacting with a target system or network to gather information, often through scanning and probing.
Acronym study
Terms 1–30 of 135 PT0-002 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 1
Active reconnaissance is the process of directly interacting with a target system or network to gather information, often through scanning and probing.
Term 2
A cybersecurity exercise where a team mimics the tactics, techniques, and procedures of a real attacker to test an organization's defenses without causing actual harm.
Term 3
Amazon CloudWatch is a monitoring service for AWS resources and applications that collects metrics, logs, and events to help you observe and troubleshoot your cloud infrastructure.
Term 4
An asset inventory is a comprehensive, up-to-date list of all hardware and software assets within an organization, used to identify vulnerabilities and manage security risks.
Term 5
Attack surface management is the continuous process of identifying, monitoring, and reducing all the possible entry points an attacker could use to break into an organization's IT systems.
Term 6
Attestation of findings is the formal process where an auditor or assessor confirms that the results of a security or compliance evaluation are accurate, complete, and trustworthy.
Term 7
An authenticated scan is a vulnerability scan that uses valid credentials to log into a system and examine it from the inside, providing a more thorough assessment of security weaknesses than an unauthenticated scan.
Term 8
Authorization determines what an authenticated user is allowed to do within a system, such as accessing files, running programs, or changing settings.
Term 9
AWS Budgets is a cost management tool that lets you set spending limits and receive alerts when your AWS usage and costs approach or exceed those limits.
Term 10
AWS CloudTrail is a service that records every action taken in your AWS account, like a security camera that logs who did what and when.
Term 11
AWS Config is a service that continuously records, evaluates, and reports on changes to your AWS resources so you can maintain a secure and compliant infrastructure.
Term 12
AWS Config Rules are customizable, automated checks that continuously evaluate your AWS resource configurations against desired compliance or security policies and alert you when a resource is noncompliant.
Term 13
AWS Health is a service that provides ongoing visibility into the status of your AWS resources, services, and accounts, delivering alerts and remediation guidance when issues occur.
Term 14
AWS Systems Manager is a management service that helps you view and control your AWS infrastructure, automate operational tasks, and maintain security and compliance across your cloud and on-premises resources.
Term 15
AWS X-Ray is a service that traces and analyzes requests as they travel through your distributed application, helping you identify performance bottlenecks and debug errors.
Term 16
Baiting is a social engineering attack where an attacker offers something enticing, such as a free music download or a labeled USB drive, to trick a victim into installing malware or revealing sensitive information.
Term 17
Banner grabbing is the process of connecting to a remote service to capture the banner it sends, which often reveals software type and version for reconnaissance.
Term 18
A Bash script is a text file containing a sequence of commands for the Unix shell Bash, allowing users to automate repetitive tasks and streamline system administration on Linux and macOS.
Term 19
A bind shell is a type of shell connection where the target machine opens a listening port and waits for an attacker to connect, granting remote command access.
Term 20
BloodHound is a graph-based tool that maps relationships within an Active Directory environment to identify attack paths that could lead to privilege escalation.
Term 21
The Blue team is the group of cybersecurity professionals responsible for defending an organization's systems, networks, and data against attacks and maintaining the security posture.
Term 22
A buffer overflow is a type of software vulnerability where a program writes more data to a memory buffer than it was designed to hold, causing adjacent memory to be overwritten.
Term 23
Cloud security posture management is the continuous process of monitoring cloud environments to detect misconfigurations, compliance violations, and security risks, and automatically remediating them to maintain a strong security posture.
Term 24
A feature of Amazon CloudWatch that monitors metrics and automatically takes actions when a specified threshold is breached.
Term 25
CloudWatch Container Insights is a managed monitoring service that collects, aggregates, and summarizes metrics and logs from containerized applications and microservices running on Amazon Web Services.
Term 26
CloudWatch Events is an AWS service that delivers a near real-time stream of system events describing changes in AWS resources and enables you to set up automated responses using rules.
Term 27
A service from Amazon Web Services that lets you collect, monitor, and store log files from your AWS resources and applications.
Term 28
CloudWatch Logs Insights is a fully managed service within AWS that lets you interactively search, analyze, and query log data stored in Amazon CloudWatch Logs using a purpose-built query language.
Term 29
CloudWatch Metrics are time-ordered data points that track the performance and health of AWS resources and applications, enabling monitoring and alerting.
Term 30
CloudWatch Synthetics is an AWS service that lets you create canaries—configurable scripts that run on a schedule to monitor your endpoints and APIs, simulating user behavior to detect issues before they affect real customers.