Term 181
DAST
DAST (Dynamic Application Security Testing) is a security testing method that finds vulnerabilities in running web applications by simulating real attacks from the outside.
Acronym study
Terms 181–210 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 181
DAST (Dynamic Application Security Testing) is a security testing method that finds vulnerabilities in running web applications by simulating real attacks from the outside.
Term 182
Data classification is the process of organizing data into categories based on its sensitivity, value, and criticality to an organization, so that appropriate security controls can be applied.
Term 183
An entity that determines the purposes and means of processing personal data.
Term 184
A data custodian is the person or team responsible for the safe handling, storage, and transport of data on behalf of the data owner.
Term 185
Data lifecycle management is the process of managing data from its creation to its deletion, ensuring it is stored, used, and disposed of in a way that meets security, compliance, and business needs.
Term 186
Data Loss Prevention (DLP) is a set of tools and processes that help organizations stop sensitive information from being shared, leaked, or stolen, whether accidentally or on purpose.
Term 187
Data masking is a security technique that replaces sensitive data with realistic but fictional data so it can be used safely in non-production environments.
Term 188
A senior-level person who is accountable for the classification, protection, and appropriate use of a specific set of data within an organization.
Term 189
The part of a network device that actually forwards data packets from one interface to another based on decisions made by the control plane.
Term 190
A data processor is a person or organization that processes personal data on behalf of a data controller, following the controller's instructions and under their authority.
Term 191
Data protection refers to the practices and technologies used to safeguard personal and sensitive information from unauthorized access, loss, or corruption.
Term 192
Data remanence is the residual representation of data that remains on a storage medium even after attempts to erase or remove it.
Term 193
Data retention is the practice of keeping data for a specific period to meet legal, business, or compliance needs, and then securely disposing of it.
Term 194
Data sanitization is the process of deliberately, permanently, and irreversibly removing or destroying data stored on a device or media so that it cannot be recovered or reconstructed by any known method.
Term 195
Data security is the practice of protecting digital information from unauthorized access, corruption, or theft throughout its lifecycle.
Term 196
A DDoS (Distributed Denial-of-Service) attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic from multiple compromised systems.
Term 197
A deauthentication attack is a wireless network exploit where an attacker sends fake disconnection frames to force devices off a Wi-Fi network, often used to capture handshake data or disrupt connectivity.
Term 198
Decryption is the process of converting encrypted or scrambled data back into its original, readable form using a specific key or method.
Term 199
A configuration in IT systems where security services or appliances operate in an isolated, single-purpose environment to prevent interference with other functions and reduce attack surface.
Term 200
Microsoft Defender for Cloud is a cloud security posture management (CSPM) and cloud workload protection platform (CWPP) that provides unified security management and threat protection across hybrid and multi-cloud environments.
Term 201
Defender for Cloud Apps is a Microsoft cloud access security broker (CASB) that helps you discover, protect, and govern your cloud applications and data across multiple cloud environments.
Term 202
Microsoft Defender for Endpoint is a cloud-delivered enterprise security solution designed to protect devices from cyber threats using behavioral analysis, machine learning, and automated investigation.
Term 203
Defender for Identity is a cloud-based security solution that detects, investigates, and responds to advanced identity threats targeting on-premises Active Directory and cloud identities.
Term 204
Microsoft Defender for Office 365 is a cloud-based email security service that protects organizations against advanced threats like phishing, malware, and business email compromise by scanning emails, attachments, and links in real time.
Term 205
A Defender policy is a set of security rules configured in Microsoft 365 Defender that controls how endpoint detection and response (EDR), antivirus, firewall, and other protection features behave on managed devices.
Term 206
Defense in depth is a cybersecurity strategy that uses multiple layers of security controls to protect information and systems, so if one layer fails, another layer is already in place to stop the attack.
Term 207
A Denial-of-service (DoS) attack is an attempt to make a computer, network, or online service unavailable to its intended users by overwhelming it with fake traffic or requests.
Term 208
Dependency scanning is the automated process of checking software components for known security vulnerabilities and outdated versions.
Term 209
Deprovisioning is the process of removing a user's access to systems and data when they no longer need it, typically when they leave an organization or change roles.
Term 210
Detection engineering is the practice of designing, building, and refining security monitoring rules and signals to identify malicious activity in an IT environment.