Term 361
Personal Identity Verification
Personal Identity Verification, or PIV, is a US federal government standard for using smart cards to securely verify a person's identity for access to physical and digital resources.
Acronym study
Terms 361–390 of 610 SY0-701 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 361
Personal Identity Verification, or PIV, is a US federal government standard for using smart cards to securely verify a person's identity for access to physical and digital resources.
Term 362
PHI stands for Protected Health Information, which is any health data that can identify an individual and is protected by the Health Insurance Portability and Accountability Act (HIPAA).
Term 363
Phishing is a type of cyber attack where criminals impersonate legitimate organizations or individuals to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal data.
Term 364
Piggybacking is the act of an unauthorized person following an authorized person into a restricted area or system by taking advantage of their access.
Term 365
PII stands for Personally Identifiable Information, which is any data that can be used to identify a specific individual.
Term 366
Pivoting is a post-exploitation technique where an attacker uses a compromised system as a relay to access other systems on a network that were not directly reachable.
Term 367
Public Key Infrastructure (PKI) is a framework of policies, hardware, software, and procedures that creates, manages, distributes, uses, stores, and revokes digital certificates to enable secure communications over networks.
Term 368
A playbook is a documented set of predefined steps, scripts, and decision trees used by IT teams to automate, standardize, and respond consistently to common tasks or incidents.
Term 369
A PMKID attack is a wireless network attack that exploits a vulnerability in the RSN IE (Robust Security Network Information Element) of Wi-Fi Protected Access (WPA/WPA2) networks to recover the Pre-Shared Key (PSK) without needing to capture the full four-way handshake.
Term 370
Point-to-point OSPF is a network configuration where Open Shortest Path First routing protocol operates over a direct link between exactly two routers, treating the link as a simple connection without the need for a designated router or backup designated router.
Term 371
A policy is a set of rules or guidelines that defines how an organization manages, secures, and operates its IT systems and services.
Term 372
Policy as code is the practice of representing and managing security, compliance, and governance rules as executable code, enabling automated validation and enforcement across infrastructure and software development workflows.
Term 373
Policy assignment is the process of attaching a set of rules or permissions to a specific resource, user, or group so that those rules are enforced in a cloud or IT environment.
Term 374
A policy definition is a formal rule or set of rules that specifies allowed or denied actions on resources within an IT environment, often used for governance, compliance, and security control.
Term 375
Policy enforcement is the process of implementing and ensuring compliance with defined security rules and configurations across an IT environment.
Term 376
Policy inheritance is the mechanism by which policies applied to a parent container in a hierarchical system automatically apply to all child objects within that container, unless explicitly blocked or overridden.
Term 377
Port security is a network switch feature that restricts which devices can connect to a port based on the device's MAC address, preventing unauthorized access.
Term 378
Post-exploitation is the phase of a penetration test that begins after an attacker has gained initial access to a system, focusing on maintaining access, escalating privileges, moving laterally, and achieving the test's objectives.
Term 379
Post-quantum cryptography refers to cryptographic algorithms designed to resist the computational power of future quantum computers, which could break current public-key systems.
Term 380
A Potentially Unwanted Program (PUP) is software that you did not intend to install and that can cause unwanted behavior on your system, such as showing excessive ads or slowing down performance.
Term 381
Power over Ethernet (PoE) is a technology that allows electrical power and data to be transmitted over a single Ethernet cable to devices like IP cameras, wireless access points, and VoIP phones.
Term 382
PPTP is an outdated VPN protocol that encapsulates PPP frames in IP packets for secure remote access, but is now considered insecure.
Term 383
A secret password or passphrase that two devices share beforehand to prove they are allowed to connect and communicate securely.
Term 384
Pretexting is a social engineering attack where the attacker fabricates a believable scenario or false identity to trick a victim into revealing sensitive information or performing an action.
Term 385
Privacy and security refer to the practices and technologies used to protect sensitive data from unauthorized access while ensuring individuals' rights over their personal information are respected.
Term 386
Privacy risk management is the ongoing process of identifying, assessing, and responding to risks that could compromise the confidentiality, integrity, or availability of personal data.
Term 387
A private DNS zone is a hosted DNS namespace that is only resolvable from within specific virtual networks or private environments, not from the public internet.
Term 388
Private Google Access lets virtual machines in a Google Cloud VPC reach Google APIs and services using private IP addresses, without needing public internet access.
Term 389
A private IP address is a non-internet-routable address used within a local network to identify devices and allow them to communicate with each other without direct exposure to the public internet.
Term 390
A private subnet is a segmented portion of a cloud or on-premises network that is not directly accessible from the public internet, used to host internal resources securely.