Term 211
Hashing
Hashing is a one-way mathematical function that converts any input data into a fixed-length string of characters, called a hash or digest, which is used to verify data integrity and store passwords securely.
Acronym study
Terms 211–240 of 610 SY0-701 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 211
Hashing is a one-way mathematical function that converts any input data into a fixed-length string of characters, called a hash or digest, which is used to verify data integrity and store passwords securely.
Term 212
HMAC (Hash-based Message Authentication Code) is a mechanism that uses a cryptographic hash function together with a secret key to verify both the integrity and authenticity of a message.
Term 213
A host firewall is a software-based security tool that runs directly on an individual device, such as a laptop, server, or desktop, to monitor and control incoming and outgoing network traffic based on a set of security rules.
Term 214
An HSM (Hardware Security Module) is a dedicated hardware device that securely generates, stores, and manages cryptographic keys used to protect sensitive data.
Term 215
Hypertext Transfer Protocol (HTTP) is the foundational communication protocol used to transfer web pages and other data between a web browser and a web server over the internet.
Term 216
Hypertext Transfer Protocol Secure, or HTTPS, is the secure version of HTTP that encrypts data between a web browser and a website using SSL/TLS to protect sensitive information like passwords and credit card numbers.
Term 217
A hypervisor is software that creates and runs virtual machines by allowing multiple operating systems to share a single hardware host.
Term 218
Identity and Access Management (IAM) is a framework of policies and technologies that ensures the right individuals have the appropriate access to technology resources.
Term 219
An IAM group is a collection of IAM users in a cloud or identity system that simplifies permission management by allowing you to assign policies to multiple users at once.
Term 220
An IAM misconfiguration occurs when identity and access management settings are incorrectly set, granting too many or too few permissions to users or services, which can lead to security breaches or operational failures.
Term 221
An IAM policy is a set of rules that determines who can access specific cloud resources and what actions they are allowed to perform.
Term 222
An IAM role is a set of permissions that an entity can assume temporarily to access cloud resources securely.
Term 223
An IAM user is an identity created in AWS Identity and Access Management that represents a person or service interacting with AWS resources, with its own credentials and permissions.
Term 224
ICMP is a network-layer protocol used by network devices to send error messages and operational information about network connectivity.
Term 225
An ICS is a system of networked devices used to monitor and control industrial processes, such as manufacturing or power generation.
Term 226
Identity is the unique set of attributes that defines a user, device, or service in a computer system, determining what they can access and do.
Term 227
Identity and access management (IAM) is the security discipline that ensures the right individuals access the right resources at the right times for the right reasons.
Term 228
A security model where trust is determined by user identity and context rather than the network location, treating identity itself as the primary boundary for access control.
Term 229
An IDS is a security system that monitors network or system traffic for suspicious activity and alerts administrators to potential threats, but does not actively block them.
Term 230
IIoT (Industrial Internet of Things) connects industrial machines and sensors to networks for data collection, analysis, and automation in manufacturing, energy, and utilities.
Term 231
Impersonation is a security attack where an attacker pretends to be a legitimate person or system to gain unauthorized access, steal data, or commit fraud.
Term 232
An inbound ACL is a set of rules applied to network traffic entering an interface that decides whether to allow or block that traffic based on criteria like source IP, destination port, or protocol.
Term 233
An incident is a security event that violates an organization's policies or threatens its data, systems, or operations, requiring a structured response.
Term 234
Incident classification is the process of categorizing security incidents based on type, severity, and impact to ensure appropriate response and resource allocation.
Term 235
Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.
Term 236
Incident management is the process of identifying, logging, prioritizing, and resolving IT service disruptions to restore normal operations as quickly as possible with minimal business impact.
Term 237
Incident response is the structured approach an organization uses to identify, contain, and recover from cybersecurity incidents like data breaches or ransomware attacks.
Term 238
The Incident response lifecycle is the structured process organizations follow to detect, contain, eradicate, and recover from cybersecurity incidents while learning from each event to improve future defenses.
Term 239
Incident severity is a classification used in IT incident management to describe the level of impact and urgency of an event, guiding response priority.
Term 240
An Industrial Control System (ICS) is a network of computers and devices that monitors and controls industrial machinery, such as power plants, water treatment facilities, and assembly lines.