Term 271
Key management
Key management is the process of creating, storing, distributing, using, rotating, and destroying cryptographic keys securely throughout their entire lifecycle.
Acronym study
Terms 271–300 of 610 SY0-701 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 271
Key management is the process of creating, storing, distributing, using, rotating, and destroying cryptographic keys securely throughout their entire lifecycle.
Term 272
Key rotation is the process of replacing an old cryptographic key with a new one to maintain security and limit the damage from a potential key compromise.
Term 273
Key stretching is a technique that makes a weak password or key stronger by processing it through a slow, resource-intensive function to deter brute-force attacks.
Term 274
A kill chain is a step-by-step model that describes the stages of a cyberattack, from initial reconnaissance to the final objective, helping defenders understand and disrupt each phase.
Term 275
KMS encryption is a managed service that creates, stores, and controls cryptographic keys used to encrypt data in the cloud.
Term 276
Kubernetes RBAC is a security mechanism that controls who can access and perform actions on resources in a Kubernetes cluster based on their role.
Term 277
Kubernetes security is the practice of protecting containerized applications, the Kubernetes cluster itself, and the underlying infrastructure from unauthorized access, data breaches, and system vulnerabilities.
Term 278
A KVM switch is a hardware device that allows you to control multiple computers from a single keyboard, monitor, and mouse.
Term 279
Latency routing is a DNS-based traffic management method that directs user requests to the server location which can provide the lowest network latency for that specific user.
Term 280
Lateral movement is the technique attackers use to move through a network from one compromised system to another, seeking sensitive data or higher privileges.
Term 281
A Layer 2 switch is a network device that forwards data frames based on the MAC addresses found in the frame headers, operating within a single local area network segment.
Term 282
A network device that combines the high-speed switching of a Layer 2 switch with the routing capabilities of a router, allowing it to forward traffic based on both MAC and IP addresses.
Term 283
LDAP is a protocol used to access and manage directory information over a network, such as user accounts and permissions.
Term 284
LDAPS is a secure version of LDAP that encrypts all directory service communications using SSL or TLS.
Term 285
LDAPS encrypts LDAP traffic using SSL/TLS to secure directory queries and authentication over a network.
Term 286
Least privilege is a security principle that means giving users, systems, or programs only the minimum permissions they need to do their job and nothing more.
Term 287
Lightweight Directory Access Protocol (LDAP) is a standard protocol used to access and manage directory information over a network, such as user credentials and permissions.
Term 288
Living off the land is an attack technique where cybercriminals use the legitimate tools and software already installed on a computer system to carry out malicious activities, making them harder to detect.
Term 289
A load balancer is a device or software that distributes incoming network traffic across multiple servers so no single server gets overwhelmed.
Term 290
A local route is a routing table entry for a directly connected network interface IP address, created automatically when an IP address is assigned to that interface.
Term 291
A logic bomb is a piece of malicious code that lies dormant inside a system until a specific condition or event triggers it to execute harmful actions.
Term 292
MAC (Media Access Control) is a unique hardware identifier assigned to network interfaces for communication on a local network segment.
Term 293
A MAC address is a unique hardware identifier assigned to a network interface card that allows devices to communicate on a local network.
Term 294
A MAC address table is a data structure stored in a network switch that maps each of its ports to the MAC addresses of connected devices, enabling the switch to forward frames only to the correct destination.
Term 295
MAC filtering is a security practice that allows or denies network access to devices based on their unique Media Access Control (MAC) address.
Term 296
Malware is any software intentionally designed to cause damage, disrupt operations, steal data, or gain unauthorized access to computer systems.
Term 297
Malware analysis is the process of examining malicious software to understand its behavior, origin, and impact, enabling defenders to detect, contain, and prevent future attacks.
Term 298
Malware symptoms are the observable signs on a computer or network that indicate a malicious program may have infected the system, such as slow performance, unexpected pop-ups, or unusual network activity.
Term 299
A cybersecurity service that continuously monitors an organization's network and systems to detect threats and respond to them quickly.
Term 300
A Management VLAN is a dedicated virtual local area network used to secure and separate administrative access to network devices like switches and routers from regular user data traffic.