Term 1
2FA
Two-factor authentication (2FA) is a security method that requires two different types of proof before granting access to an account or system.
Acronym study
Terms 1–30 of 610 SY0-701 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 1
Two-factor authentication (2FA) is a security method that requires two different types of proof before granting access to an account or system.
Term 2
802.1X is a network access control standard that authenticates devices before they are allowed to connect to a wired or wireless network.
Term 3
AAA (Authentication, Authorization, and Accounting) is a security framework that controls who can access a network, what they are allowed to do, and tracks what they did.
Term 4
ABAC (Attribute-Based Access Control) is a method of controlling access to resources by evaluating a set of attributes (such as user role, time, location, and device) against policy rules, rather than using static roles or identities.
Term 5
An acceptable use policy is a set of rules that an organization creates to define how employees and other users may use its computer systems, networks, and data.
Term 6
Access control is the security practice of determining who or what is allowed to view, use, or enter a resource, and under what conditions.
Term 7
An Access Control List is a set of rules that decides which traffic is allowed or denied entry to a network or device.
Term 8
An access key is a unique identifier and secret code pair used to authenticate requests to cloud storage services, ensuring only authorized users or applications can access data.
Term 9
An access port is a switch port that connects to a single end device, like a computer or printer, and carries traffic for only one VLAN.
Term 10
An access review is a periodic audit process where administrators check and confirm which users have permissions to what resources, ensuring only authorized people retain access.
Term 11
A digital key that a computer system gives you to prove your identity and grant you permission to access specific resources or perform actions.
Term 12
The account lifecycle is the complete process of creating, managing, maintaining, and eventually removing a user account in an IT system.
Term 13
Accounting in IT identity and access management is the process of tracking and logging what authenticated users do on a system or network.
Term 14
An Access Control List is a set of rules that determines who or what can access specific network resources or data.
Term 15
Active reconnaissance is the process of directly interacting with a target system or network to gather information, often through scanning and probing.
Term 16
Advanced Encryption Standard (AES) is a widely used symmetric encryption algorithm that protects electronic data by converting readable information into a scrambled format that can only be unscrambled with the correct secret key.
Term 17
A cybersecurity exercise where a team mimics the tactics, techniques, and procedures of a real attacker to test an organization's defenses without causing actual harm.
Term 18
Adware is software that automatically displays or downloads unwanted advertisements, often bundled with free programs, and may track user behavior without clear consent.
Term 19
AES is a fast and secure encryption standard used worldwide to protect sensitive data by scrambling it so only authorized parties can read it.
Term 20
AH (Authentication Header) is an IPsec protocol that provides connectionless integrity, data origin authentication, and anti-replay protection for IP packets.
Term 21
AH (Authentication Header) is an IPsec protocol that provides connectionless integrity, data origin authentication, and anti-replay protection for IP packets.
Term 22
An alerting policy is a set of rules that defines when to send notifications about a system condition that needs attention.
Term 23
Anti-malware is software that detects, prevents, and removes malicious software from computers, networks, and devices.
Term 24
An anti-malware policy is a set of rules and procedures that an organization enforces to prevent, detect, and remove malicious software from its computers and networks.
Term 25
An anti-phishing policy is a set of rules and technical controls that organizations use to detect, block, and respond to email or message-based attacks that trick users into revealing sensitive information.
Term 26
An anti-spam policy is a set of rules and filters used by email systems to automatically detect and block unwanted, unsolicited, or harmful messages before they reach a user's inbox.
Term 27
API security is the practice of protecting application programming interfaces from attacks by ensuring only authorized users and applications can access data and functions.
Term 28
An app protection policy is a set of rules that controls how data is handled and secured within mobile applications, ensuring corporate information stays safe even on personal devices.
Term 29
AppArmor is a Linux kernel security module that restricts programs to a predefined set of resources using mandatory access control (MAC) policies.
Term 30
An Application Gateway is a network device or cloud service that manages and secures traffic between users and web applications by applying rules, routing requests, and offloading tasks like SSL encryption.