CYSA+ CERTIFICATION // FULL GLOSSARY – ALL 4 DOMAINS (complete)

CYSA+
COMPLETE GLOSSARY

> All four exam domains · every term from the official CompTIA CySA+ glossary
> Security Operations · Vulnerability Management · Incident Response & Management · Reporting & Communication

LIVE REFERENCE
DOMAIN 1
DOMAIN 2
DOMAIN 3
DOMAIN 4
QUERY>
0terms loaded
4domains
0domain 1
0domain 2
0domain 3
0domain 4
DOMAIN 01
Security Operations
APT
Advanced Persistent Threat
APT
Definition
A type of cyber-attack where a threat actor gains unauthorized access to a network and remains undetected for an extended period.
Example
A state-sponsored group infiltrates a government agency's network and remains undetected for months while gathering sensitive intelligence.
CSI
Closed source intelligence
CLASSIFIED
Definition
Collects and analyzes classified or restricted information primarily used by the government.
Example
A government agency gathers sensitive information on potential threats from foreign adversaries to safeguard national security.
CASB
Cloud Access Security Broker
CASB
Definition
A solution that acts as a gatekeeper between users and cloud services, providing visibility, control, and data protection.
Example
An organization employs a third-party CASB to monitor user access to cloud apps and enforce security policies.
DLP
Data Loss Prevention
DLP
Definition
A security strategy that prevents unauthorized disclosure of sensitive data.
Example
Software scans outgoing emails for credit card numbers and automatically blocks or encrypts them before leaving the network.
DMARC
DMARC
DMARC
Definition
Email authentication protocol that prevents spoofing and phishing by verifying sender identity and aligning DKIM/SPF.
Example
Company configures DMARC policies aligned with DKIM/SPF to prevent unauthorized use of their domain.
DKIM
DomainKeys Identified Mail
DKIM
Definition
Security method that digitally signs outgoing emails, allowing recipients to verify authenticity and detect tampering.
Example
Organization signs all outgoing emails so recipients can confirm they came from an authorized sender and were not altered.
EDR
Endpoint Detection and Response
EDR
Definition
Security solution that monitors endpoints to detect and respond to suspicious activity.
Example
Deploys software on employee computers to monitor unusual activities like unauthorized file access attempts.
FED
Federation
FEDERATION
Definition
Links multiple identity management systems, enabling secure access with a single set of credentials.
Example
User from one org accesses an application hosted by another using their existing login credentials.
HAK
Hacktivists
HACKTIVIST
Definition
Individuals/groups who use hacking to promote social/political causes.
Example
A group hacks a company's website and defaces it to protest unethical business practices.
#
Hashing
HASH
Definition
Mathematical process that transforms data into a fixed-size hash value (one-way).
Example
Website stores user passwords in hashed form so that even if database is breached, passwords aren't exposed.
HNY
Honeypot
DECOY
Definition
Decoy system created to lure attackers and collect information on their tactics.
Example
Company deploys a decoy server with vulnerable software to monitor attacker behavior.
IoC
Indicators of Compromise
IoC
Definition
Artifacts suggesting a possible security breach or malicious activity.
Example
Analyst detects unusual outbound traffic to a malicious IP indicating potential malware infection.
INS
Insider threat
INSIDER
Definition
Security risk posed by individuals within an organization (malicious or negligent).
Example
Employee with authorized access deliberately leaks confidential data to competitors.
INTG
Intelligence gathering
RECON
Definition
Collecting information about a target to identify potential attack vectors and vulnerabilities.
Example
Hacker researches publicly available info about a company's network to prepare a targeted attack.
PEN
Internal network pen test
INT PEN
Definition
Simulates behavior of malicious insiders or stolen‑credential attackers from inside the network.
Example
Ethical hackers try to access sensitive info using stolen credentials and insider knowledge.
LOG
Log analysis
LOG
Definition
Collecting and analyzing log data from systems to identify anomalies and attacks.
Example
Security team examines web server logs for SQL injection patterns or brute‑force attempts.
MFA
Multifactor Authentication
MFA
Definition
Requires at least two verification factors to access a system.
Example
User enters password + unique code sent to their phone to log into an online account.
NSA
Nation-state actor
NATION
Definition
Threat entity sponsored/controlled by a government, engaged in espionage or disruption.
Example
Foreign government conducts cyber‑attacks to steal sensitive info from another country.
OSINT
Open-source intelligence
OSINT
Definition
Collecting/analyzing publicly available data to gain insights.
Example
Organization monitors social media to assess customer sentiment and track trends.
OTI
Operational threat intelligence
OP INTEL
Definition
Focuses on current/emerging risks that could impact daily operations.
Example
Org monitors cyber‑attacks targeting its industry to proactively defend.
ORG
Organized crime
CYBERCRIME
Definition
Groups coordinating criminal activities (fraud, extortion) for financial profit.
Example
Hackers breach a company, steal customer data, and sell it on the black market.
PCAP
Packet capture
PCAP
Definition
Intercepting and recording network traffic for analysis.
Example
Network admin uses software to capture traffic and identify suspicious activity.
PII
Personally Identifiable Information
PII
Definition
Data that can identify an individual (name, SSN, address). Protected by privacy laws.
Example
Customers provide full name and credit card details for online purchase.
PAM
Privileged Access Management
PAM
Definition
Controls and monitors access to privileged accounts (admin, root).
Example
IT admin requests temporary access using standard credentials + MFA before elevation.
PKI
Public Key Infrastructure
PKI
Definition
System of hardware, software, policies managing digital certificates and key pairs.
Example
Website uses SSL certificate to create secure HTTPS connection.
RISK
Risk management
RISK
Definition
Identifying, assessing, and prioritizing risks; implementing controls to mitigate.
Example
Business analyzes threats/vulnerabilities and implements security measures accordingly.
SBX
Sandboxing
SANDBOX
Definition
Isolating applications/processes from the rest of the system to prevent harm.
Example
Opening email attachment in virtual environment to check for malware.
SK
Script kiddie
SCRIPTKIDDIE
Definition
Person who uses existing hacking tools/scripts without deep understanding.
Example
Individual uses pre‑existing tool to launch a DDoS attack on a website.
SASE
Secure Access Secure Edge
SASE
Definition
Cloud‑based architecture improving network security and app performance (SWG, FWaaS, SD‑WAN).
Example
Examples: secure web gateways, firewalls as a service, software‑defined WAN.
SPF
Sender Policy Framework
SPF
Definition
Email validation that lets receiving server verify sending server is authorized.
Example
Company publishes SPF records in DNS designating which servers are authorized to send email.
SSO
Single Sign-On
SSO
Definition
Access control enabling one login to access multiple systems.
Example
User logs into company network once and is automatically granted access to internal apps.
SDN
Software-Defined Networking
SDN
Definition
Software‑controlled network architecture driven by APIs.
Example
Virtualized network functions, network slicing for 5G, dynamic bandwidth allocation.
STI
Strategic threat intelligence
STRATEGIC
Definition
High‑level, long‑term threat analysis that impacts organizational strategy.
Example
Organization analyzes potential risks to develop a long‑term security strategy.
TAC
Tactical threat intelligence
TACTICAL
Definition
Intelligence on immediate threats and adversary tactics to inform defense.
Example
Security team analyzes recent attacks on similar orgs to adjust defenses.
TECH
Technical threat intelligence
TECH
Definition
Detailed technical data about threats: tools, techniques, procedures (TTPs).
Example
Analyzes malware samples or network traffic to identify IoCs and strengthen defenses.
TA
Threat actor
ACTOR
Definition
Individual/group responsible for launching cyber attacks.
Example
Hacker attempting to infiltrate a company to steal data for personal gain.
HUNT
Threat hunting
HUNT
Definition
Proactive search for threats inside the network using advanced analytics.
Example
Security team uses machine learning to monitor network for suspicious activity.
TI
Threat intelligence
TI
Definition
Knowledge about potential threats to help defend against attacks.
Example
Company uses real‑time monitoring and analysis to detect and prevent threats.
TIG
Threat intelligence gathering
INTEL GATH
Definition
Collecting/analyzing threat information to improve security posture.
Example
Security team leverages open‑source and technical intel to monitor for attacks.
UBA
User behavior analysis
UBA
Definition
Machine‑learning approach to detect anomalies in user activity.
Example
Software flags unusual behavior like accessing sensitive info outside work hours.
DOMAIN 02
Vulnerability Management
ACT
Active scanning
ACTIVE
Definition
Actively probing systems to uncover vulnerabilities.
Example
Penetration tester uses active scanning to identify exploitable weaknesses.
ADV
Adversary emulation
EMULATION
Definition
Simulating real‑world attacker tactics to evaluate defenses.
Example
Organization performs emulation based on known cybercriminal techniques.
AGT
Agent scanning
AGENT
Definition
Uses installed agents on systems to gather security data.
Example
Security tool installed on each device for continuous monitoring.
AGTL
Agentless scanning
AGENTLESS
Definition
Scanning without requiring agents on target systems.
Example
Evaluating cloud services where installing agents is not feasible.
ASM
Attack surface management
ASM
Definition
Continuous process of identifying/reducing a system's attack surface.
Example
Regularly updating software and removing unused services.
AUTH
Authentication
AUTH
Definition
Verifying the identity of a user or system.
Example
Website requires username/password before granting access.
BAC
Broken access control
BAC
Definition
Flaw allowing unauthorized users to access restricted resources.
Example
Web app allows users to view other users' private data.
BB
Bug bounty
BOUNTY
Definition
Program rewarding individuals for finding/reporting vulnerabilities.
Example
Tech company runs bug bounty to encourage ethical hackers.
CC
Compensating control
COMP
Definition
Alternative measures when primary controls cannot be implemented.
Example
If strong encryption can't be implemented, use secure access controls.
CRED
Credentialed scanning
CRED
Definition
Scanning using valid credentials to gain deeper access to vulnerabilities.
Example
Conduct credential scans to validate user permissions and detect misconfigurations.
CSRF
Cross-site forgery
CSRF
Definition
Attack tricking a user into executing unwanted actions on an authenticated site.
Example
Attacker tricks user into unknowingly transferring funds.
XSS
Cross-site scripting
XSS
Definition
Injecting malicious scripts into web pages viewed by others.
Example
Attacker injects script to steal session cookies from users.
CRYP
Cryptographic failures
CRYPTO
Definition
Vulnerabilities in cryptographic algorithms/implementations.
Example
Using outdated encryption methods that can be easily cracked.
POIS
Data poisoning
POISON
Definition
Injecting false data into a machine learning model to manipulate output.
Example
Attacker submits false training data to manipulate predictions.
DIR
Directory traversal
TRAV
Definition
Vulnerability allowing access to files outside intended directory.
Example
Attacker manipulates file paths to access sensitive files.
DYN
Dynamic scanning
DAST
Definition
Testing a running application to find vulnerabilities during execution.
Example
QA team performs dynamic scans while web apps are live.
DOMAIN 03
Incident Response and Management
BC
Business Continuity
BC
Definition
Planning to maintain essential functions during and after a disaster.
Example
Plan outlines steps to maintain customer service during prolonged IT outage.
COC
Chain of custody
COC
Definition
Documentation of evidence from acquisition to court presentation.
Example
Maintaining transparent chain of custody to ensure integrity of electronic evidence.
CKC
Cyber kill chain
KILLCHAIN
Definition
Model outlining stages of a cyberattack, from reconnaissance to objective.
Example
Helps orgs identify and mitigate threats at each stage.
DIAM
Diamond model of intrusion analysis
DIAMOND
Definition
Framework describing cyber intrusions via adversary, capability, infrastructure, victim.
Example
Analysts examine each aspect of a breach using the diamond model.
DR
Disaster Recovery
DR
Definition
Restoring systems and data after a catastrophic event.
Example
Data backups and redundant systems to facilitate recovery.
FOR
Forensic investigation
FORENSIC
Definition
Examining digital evidence to investigate/understand incidents.
Example
Forensic investigators extract data from compromised devices.
IR
Incident response
IR
Definition
Structured approach to managing security incidents.
Example
Well‑coordinated response minimizes impact of cyber incident.
IRP
Incident response plan
IRP
Definition
Protocols for managing incidents during pen testing, including containment, mitigation.
Example
Step‑by‑step procedures to respond to data breaches effectively.
IoC
Indicators of Compromise
IoC
Definition
Evidence suggesting a system may be compromised.
Example
Unusual network traffic, unauthorized file changes indicate breach.
ATT&CK
MITRE ATT&CK
ATT&CK
Definition
Framework describing adversary actions/techniques based on real observations.
Example
Security teams use it to map adversary behaviors and improve detection.
OSS
OSS TMM
OSS TMM
Definition
Guidelines for conducting thorough security testing.
Example
Structured approach to identifying vulnerabilities in software.
OWASP
OWASP
OWASP
Definition
Open community enhancing software security.
Example
Developers refer to OWASP Top Ten for critical web app risks.
PLAY
Playbooks
PLAYBOOK
Definition
Detailed guides outlining actions to respond to threats.
Example
Cybersecurity teams use playbooks to streamline decision‑making.
RCA
Root cause analysis
RCA
Definition
Technique to identify underlying cause of an incident.
Example
After breach, RCA identifies vulnerabilities that were exploited.
TTX
Tabletop exercise
TTX
Definition
Training simulation to evaluate and enhance response strategies.
Example
Organizations conduct tabletop exercises to prepare staff for potential attacks.
DOMAIN 04
Reporting and Communication
BPI
Business process interruption
BPI
Definition
Unplanned disruption that interrupts or delays operations.
Example
Earthquake leads to major disruption, impacting production schedules.
CC
Compensating controls
COMP
Definition
Alternative measures when primary controls are ineffective.
Example
When primary security fails, compensating controls maintain data protection.
COMP
Compliance reports
COMP
Definition
Documentation demonstrating compliance with regulations and policies.
Example
Annual compliance report submitted to showcase adherence to industry standards.
DEG
Degrading functionality
DEGRADE
Definition
Decline in system performance impairing usability.
Example
As software ages, users encounter degrading functionality.
KPI
Key Performance Indicators
KPI
Definition
Metrics assessing performance in achieving objectives.
Example
Sales department monitors quarterly revenue targets.
LEG
Legacy systems
LEGACY
Definition
Older technology still in use, may not integrate well with newer systems.
Example
Compatibility challenges integrating legacy systems with latest software.
MOU
Memorandum of Understanding
MOU
Definition
Formal agreement establishing a clear course of action or mutual understanding.
Example
MOU outlines collaboration without creating legally binding commitment.
GOV
Organizational governance
GOV
Definition
Rules/practices guiding accountability, fairness, transparency.
Example
Governance policies reviewed annually to ensure compliance.
PTCH
Patching
PATCH
Definition
Updating software to address vulnerabilities and enhance performance.
Example
IT implements regular patching schedule to safeguard against breaches.
PROP
Proprietary systems
PROP
Definition
Systems developed/owned by a specific company with usage limitations.
Example
Must purchase licenses from vendor for support and updates.
SLA
Service-Level Agreement
SLA
Definition
Contract outlining agreed service levels between provider and customer.
Example
SLA defines guaranteed response time for technical support.

no matching terms — adjust search or filter