Term 451
RTO
Recovery Time Objective is the maximum acceptable time to restore a system or data after a disaster, defining how quickly normal operations must resume.
Acronym study
Terms 451–480 of 610 SY0-701 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 451
Recovery Time Objective is the maximum acceptable time to restore a system or data after a disaster, defining how quickly normal operations must resume.
Term 452
Rule-based access control (RuBAC) is a method of managing access to resources by evaluating a set of predefined rules that combine conditions such as time, location, device, and user attributes to allow or deny access.
Term 453
Rules of engagement are the documented guidelines that define the scope, boundaries, and authorized actions a security tester may take during a penetration test or security assessment.
Term 454
A runbook is a documented set of step-by-step procedures that IT teams use to handle routine operations, incidents, and maintenance tasks consistently and efficiently.
Term 455
An S3 bucket policy is a JSON-based resource-based access control document that defines who can access an Amazon S3 bucket and its objects, and what actions they can perform.
Term 456
An S3 lifecycle policy is a set of rules that automatically transitions objects between storage classes or deletes them after a specified time to optimize cost and manage data lifecycles.
Term 457
Salting is the process of adding a unique, random string of data to each password before it is hashed, so that even identical passwords produce completely different hash values.
Term 458
Security Assertion Markup Language (SAML) is an open standard that allows one system to securely tell another system that a user is who they say they are, without sharing the user's password.
Term 459
SASE (Secure Access Service Edge) is a network architecture that combines wide-area networking (WAN) and security services into a single, cloud-delivered platform.
Term 460
SCADA is an industrial control system that monitors and controls infrastructure processes like power grids, water treatment, and pipelines.
Term 461
A screened subnet is a network architecture that places a buffer network, often called a DMZ, between an internal trusted network and an external untrusted network, using two firewalls to control traffic.
Term 462
Secure Access Service Edge (SASE) is a cloud-based security framework that combines network connectivity and security services into a single, unified service to protect users and devices wherever they are.
Term 463
Secure Boot is a security feature that ensures a device starts up using only trusted software that is digitally signed by the manufacturer.
Term 464
Secure by design means building security into a system from the very beginning of its creation, instead of trying to add it later as an afterthought.
Term 465
Secure defaults means that a system or software is shipped with the most secure settings already enabled, so the user does not have to harden the system themselves.
Term 466
Secure Shell (SSH) is a network protocol that provides a secure, encrypted way to access and manage remote computers over an unsecured network.
Term 467
Secure Sockets Layer is a cryptographic protocol that encrypts data transmitted between a web browser and a server to protect it from eavesdropping and tampering.
Term 468
A secure web gateway (SWG) is a security solution that protects users and organizations from web-based threats by filtering internet traffic, enforcing security policies, and blocking access to malicious or unauthorized websites.
Term 469
Security in IT is the practice of protecting systems, networks, and data from unauthorized access, damage, or theft.
Term 470
Security Assertion Markup Language is an open standard that allows different computer systems to securely share authentication and authorization information about a user.
Term 471
A security assessment is a systematic evaluation of an organization’s systems, networks, and applications to identify vulnerabilities, threats, and risks, and to recommend improvements.
Term 472
Security awareness is the ongoing practice of educating people within an organization about cybersecurity risks, safe behaviors, and their individual responsibilities to protect information assets.
Term 473
A security baseline is a documented minimum set of security configurations and settings that must be applied to a system, device, or network to ensure a known secure starting point.
Term 474
Security Command Center is a centralized cloud security management platform that helps organizations detect, investigate, and respond to threats across their cloud infrastructure.
Term 475
A security control is a safeguard or countermeasure designed to protect the confidentiality, integrity, and availability of information systems and data.
Term 476
Security defaults is a set of basic security settings in Microsoft Entra ID that automatically enables common protections like multifactor authentication for all users in a tenant.
Term 477
Security governance is the framework of rules, policies, and processes that an organization uses to align its cybersecurity activities with its business goals and legal obligations.
Term 478
A security group is a virtual firewall that controls inbound and outbound traffic to AWS resources, such as EC2 instances, based on defined rules.
Term 479
Security Hub is a cloud security posture management service that aggregates and prioritizes security alerts and compliance checks from multiple AWS services into a single place.
Term 480
A system that collects, analyzes, and reports on security data from across an IT environment to detect and respond to threats.