ISC2 glossary
Key ISC2 certification terms and acronyms.
Definitions are AI-assisted and reviewed for general accuracy — verify critical details against ISC2's official documentation.
ACLAccess Control List
A set of rules associated with a resource or network device that specifies which users or traffic are permitted or denied.
ALEAnnualized Loss Expectancy
Expected monetary loss for an asset due to a specific risk over a one-year period; calculated as SLE × ARO.
AROAnnualized Rate of Occurrence
Estimated frequency with which a specific threat is expected to occur within a one-year period.
BCPBusiness Continuity Plan
Documented plan for maintaining essential business functions during and after a disaster or significant disruption.
BCPBusiness Continuity Plan
A documented plan that enables an organization to maintain critical functions during and after a disruptive event.
CIA TriadConfidentiality, Integrity, Availability
The three core principles of information security: keeping data secret, accurate, and accessible to authorized users.
CIA Triad
Core information security model comprising Confidentiality, Integrity, and Availability as the three fundamental security objectives.
COBITControl Objectives for Information and Related Technologies
IT governance and management framework developed by ISACA that aligns IT goals with business objectives.
DACDiscretionary Access Control
Access control model where the resource owner decides who is granted access to their objects.
DACDiscretionary Access Control
An access control model where the resource owner decides who can access their objects.
DIACAPDepartment of Defense Information Assurance Certification and Accreditation Process
Former U.S. DoD process for certifying and accrediting information systems; superseded by RMF.
DMZDemilitarized Zone
A network segment placed between the internal network and the internet, hosting publicly accessible services while isolating the internal network.
DRPDisaster Recovery Plan
A subset of BCP focused on restoring IT systems and data after a disaster or major outage.
DRPDisaster Recovery Plan
Subset of BCP focused specifically on restoring IT systems and infrastructure after a disruptive event.
Encryption
The process of converting plaintext data into ciphertext using an algorithm and key so only authorized parties can read it.
FIPS 140-2Federal Information Processing Standard 140-2
U.S. government standard specifying security requirements for cryptographic modules used to protect sensitive information.
Firewall
A network security device or software that monitors and filters incoming and outgoing traffic based on defined security rules.
IDSIntrusion Detection System
A system that monitors network or host activity and alerts administrators when suspicious behavior is detected.
IDSIntrusion Detection System
System that monitors network or host activity and generates alerts when suspicious or malicious behavior is detected.
Incident Response
A structured process for preparing for, detecting, containing, eradicating, and recovering from cybersecurity incidents.
IPSIntrusion Prevention System
Inline security system that monitors traffic and actively blocks or rejects detected threats in real time.
IPSIntrusion Prevention System
A system that monitors traffic and actively blocks or rejects malicious activity in real time.
IPSECInternet Protocol Security
Suite of protocols that authenticates and encrypts IP packets to provide secure communication over IP networks.
Kerberos
Network authentication protocol using tickets and a trusted third-party Key Distribution Center to authenticate entities.
Least Privilege
A security principle stating that users and systems should be granted only the minimum access rights needed to perform their functions.
MACMandatory Access Control
An access control model where the system enforces access based on classification labels, not owner discretion.
MACMandatory Access Control
Access control model where the operating system enforces access based on sensitivity labels and clearance levels, not owner discretion.
MFAMulti-Factor Authentication
Authentication that requires two or more distinct factors: something you know, have, or are.
NISTNational Institute of Standards and Technology
A U.S. federal agency that publishes widely adopted cybersecurity frameworks, guidelines, and standards such as SP 800 series.
OWASPOpen Worldwide Application Security Project
Nonprofit foundation producing freely available articles, tools, and standards focused on improving software security.
Patch Management
The process of identifying, acquiring, testing, and applying software updates to remediate vulnerabilities in systems.
PIIPersonally Identifiable Information
Any data that can be used to identify a specific individual, such as name, SSN, or email address.
PKIPublic Key Infrastructure
Framework of policies, hardware, software, and procedures for creating, managing, distributing, and revoking digital certificates.
RBACRole-Based Access Control
Access control model that assigns permissions to roles rather than individuals, and users are assigned to roles.
RBACRole-Based Access Control
An access control model that assigns permissions to roles, and users are granted access by being assigned to roles.
RPORecovery Point Objective
Maximum acceptable amount of data loss measured in time; defines how far back in time recovery must reach.
RPORecovery Point Objective
The maximum acceptable amount of data loss measured in time; defines how current backup data must be.
RTORecovery Time Objective
The maximum acceptable time to restore a system or process after a disruption before business impact becomes unacceptable.
RTORecovery Time Objective
Maximum acceptable duration of time within which a business process must be restored after a disaster.
SDLCSoftware Development Life Cycle
Structured process for planning, creating, testing, deploying, and maintaining software applications.
SIEMSecurity Information and Event Management
A platform that aggregates and correlates log and event data from multiple sources to detect and alert on security threats.
SLAService Level Agreement
A formal contract defining the expected service availability, performance metrics, and responsibilities between a provider and customer.
SLESingle Loss Expectancy
Monetary value expected to be lost in a single occurrence of a specific risk event.
SOCSecurity Operations Center
A centralized team and facility that continuously monitors, detects, and responds to cybersecurity incidents.
SOC 2System and Organization Controls 2
Auditing standard developed by AICPA assessing a service organization's controls related to security, availability, processing integrity, confidentiality, and privacy.
Social Engineering
Manipulating people into divulging confidential information or performing actions that compromise security, rather than exploiting technical vulnerabilities.
SSL/TLSSecure Sockets Layer / Transport Layer Security
Cryptographic protocols providing authentication, integrity, and confidentiality for data in transit over a network.
STRIDESpoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege
Threat modeling methodology that classifies threats into six categories to identify security risks in a system.
TCBTrusted Computing Base
Totality of protection mechanisms within a computer system, including hardware, firmware, and software, responsible for enforcing a security policy.
VPNVirtual Private Network
A technology that creates an encrypted tunnel over a public network to securely connect remote users or sites.