Term 361
Incident classification
Incident classification is the process of categorizing security incidents based on type, severity, and impact to ensure appropriate response and resource allocation.
Acronym study
Terms 361–390 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 361
Incident classification is the process of categorizing security incidents based on type, severity, and impact to ensure appropriate response and resource allocation.
Term 362
Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.
Term 363
Incident management is the process of identifying, logging, prioritizing, and resolving IT service disruptions to restore normal operations as quickly as possible with minimal business impact.
Term 364
Incident response is the structured approach an organization uses to identify, contain, and recover from cybersecurity incidents like data breaches or ransomware attacks.
Term 365
The Incident response lifecycle is the structured process organizations follow to detect, contain, eradicate, and recover from cybersecurity incidents while learning from each event to improve future defenses.
Term 366
Incident severity is a classification used in IT incident management to describe the level of impact and urgency of an event, guiding response priority.
Term 367
An indicator of attack (IOA) is a sign that an attack is actively occurring or about to occur, focusing on attacker behavior and intent rather than just the artifacts left behind.
Term 368
An indicator of compromise is a piece of digital evidence—such as a suspicious file hash, IP address, or unusual network pattern—that suggests a system may have been breached by an attacker.
Term 369
An Industrial Control System (ICS) is a network of computers and devices that monitors and controls industrial machinery, such as power plants, water treatment facilities, and assembly lines.
Term 370
The Industrial Internet of Things (IIoT) is a network of physical devices, machines, and sensors in industrial settings that collect and exchange data over the internet to improve efficiency and safety.
Term 371
Information barriers are policies and technical controls that prevent the unauthorized flow of sensitive information between different parts of an organization to avoid conflicts of interest and ensure compliance.
Term 372
Information protection refers to the policies, procedures, and technologies used to safeguard data from unauthorized access, disclosure, alteration, or destruction.
Term 373
Information security management is the systematic process of developing, implementing, monitoring, and improving policies, procedures, and controls to protect an organization's information assets from threats and ensure confidentiality, integrity, and availability.
Term 374
Infrastructure as code (IaC) is the practice of managing and provisioning IT infrastructure through machine-readable definition files, rather than through physical hardware configuration or interactive configuration tools.
Term 375
Infrastructure as code scanning is the automated process of checking infrastructure configuration files for security misconfigurations, compliance violations, and potential vulnerabilities before deployment.
Term 376
Inherent risk is the level of risk that exists in a process or system before any security controls or mitigations are applied.
Term 377
An initiative is a formal, structured effort or project undertaken by an organization to achieve a specific strategic goal, often involving changes to IT systems, policies, or processes.
Term 378
An application security vulnerability that occurs when untrusted user data is deserialized without proper validation, potentially allowing an attacker to manipulate the application or execute malicious code.
Term 379
An inside global is the public, routable IP address that represents an internal private host when it communicates with devices on the internet.
Term 380
Inside local is the IP address assigned to a device on an internal private network before any Network Address Translation (NAT) is applied.
Term 381
Insider Risk Management is the practice of identifying, assessing, and mitigating threats that originate from within an organization, such as employees, contractors, or partners who have legitimate access to systems and data.
Term 382
An inspector is a tool or role that checks systems, configurations, or data against a set of rules to ensure they are secure and compliant.
Term 383
Integrity is the assurance that data has not been altered or tampered with in an unauthorized way, preserving its accuracy and consistency from source to destination.
Term 384
An interface endpoint is a private IP address inside a Virtual Private Cloud that provides direct, secure access to supported AWS services without traversing the public internet.
Term 385
An Internet gateway is a cloud networking component that provides a connection between a virtual private cloud (VPC) and the public Internet, enabling resources in the VPC to send and receive traffic to and from the Internet.
Term 386
Internet Key Exchange (IKE) is a protocol used to set up a secure, encrypted connection between two devices by automatically negotiating and exchanging encryption keys over an untrusted network like the internet.
Term 387
The Internet of Things (IoT) is a network of physical devices, vehicles, appliances, and other objects embedded with sensors and software that connect to the internet to collect and exchange data.
Term 388
Internet Protocol Security (IPsec) is a suite of protocols that encrypts and authenticates data packets sent over IP networks to ensure private and secure communication.
Term 389
An Intrusion Detection System (IDS) is a security tool that monitors network traffic or system activities for malicious actions or policy violations and sends alerts to administrators.
Term 390
An Intrusion Prevention System (IPS) is a network security tool that monitors network traffic and actively blocks threats like malware and cyberattacks in real time.