IT Certification Glossary

A CVE (Common Vulnerabilities and Exposures) is a publicly disclosed cybersecurity vulnerability with a unique identifier in the format CVE-YYYY-NNNNN. The CVE program is maintained by MITRE Corporation and provides the canonical reference for vulnerability tracking.

IAM (Identity and Access Management) is the framework for managing digital identities and controlling user access to resources. In cloud platforms, IAM defines who can do what on which resources, enforced via roles, policies, and groups.

MFA (Multi-Factor Authentication) requires two or more independent credentials to verify identity - typically combining something you know (password), something you have (phone or hardware token), and something you are (biometric).

Port 22 is the default TCP port for SSH (Secure Shell), an encrypted protocol for remote administration, secure file transfer (SFTP), and tunneled connections. SSH replaces unencrypted alternatives like Telnet (port 23), rlogin, and rsh.

A VPC (Virtual Private Cloud) is a logically isolated network within a cloud provider, where you define IP address ranges, subnets, route tables, and gateways. It's the cloud equivalent of a traditional on-premises network.

Zero Trust is a security model where no user, device, or service is implicitly trusted - every access request is verified continuously regardless of network location. Replaces the traditional 'trusted internal network' model with identity-based access controls.