Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

ISC2 Certified in Cybersecurity CC/Acronyms/Part 12

Acronym study

ISC2 CC Acronyms — Part 12 of 26

Terms 331–360 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 11Part 12 of 26Part 13 →

Term 331

Information protection

Information protection refers to the policies, procedures, and technologies used to safeguard data from unauthorized access, disclosure, alteration, or destruction.

Full entry →
Full Information protection glossary entry →

Term 332

Infrastructure as code

Infrastructure as code (IaC) is the practice of managing and provisioning IT infrastructure through machine-readable definition files, rather than through physical hardware configuration or interactive configuration tools.

Full entry →
Full Infrastructure as code glossary entry →

Term 333

Infrastructure as code scanning

Infrastructure as code scanning is the automated process of checking infrastructure configuration files for security misconfigurations, compliance violations, and potential vulnerabilities before deployment.

Full entry →
Full Infrastructure as code scanning glossary entry →

Term 334

Inherent risk

Inherent risk is the level of risk that exists in a process or system before any security controls or mitigations are applied.

Full entry →
Full Inherent risk glossary entry →

Term 335

Initiative

An initiative is a formal, structured effort or project undertaken by an organization to achieve a specific strategic goal, often involving changes to IT systems, policies, or processes.

Full entry →
Full Initiative glossary entry →

Term 336

Insecure deserialization

An application security vulnerability that occurs when untrusted user data is deserialized without proper validation, potentially allowing an attacker to manipulate the application or execute malicious code.

Full entry →
Full Insecure deserialization glossary entry →

Term 337

Inside global

An inside global is the public, routable IP address that represents an internal private host when it communicates with devices on the internet.

Full entry →
Full Inside global glossary entry →

Term 338

Inside local

Inside local is the IP address assigned to a device on an internal private network before any Network Address Translation (NAT) is applied.

Full entry →
Full Inside local glossary entry →

Term 339

Insider Risk Management

Insider Risk Management is the practice of identifying, assessing, and mitigating threats that originate from within an organization, such as employees, contractors, or partners who have legitimate access to systems and data.

Full entry →
Full Insider Risk Management glossary entry →

Term 340

Inspector

An inspector is a tool or role that checks systems, configurations, or data against a set of rules to ensure they are secure and compliant.

Full entry →
Full Inspector glossary entry →

Term 341

Integrity

Integrity is the assurance that data has not been altered or tampered with in an unauthorized way, preserving its accuracy and consistency from source to destination.

Full entry →
Full Integrity glossary entry →

Term 342

Interface endpoint

An interface endpoint is a private IP address inside a Virtual Private Cloud that provides direct, secure access to supported AWS services without traversing the public internet.

Full entry →
Full Interface endpoint glossary entry →

Term 343

Internet gateway

An Internet gateway is a cloud networking component that provides a connection between a virtual private cloud (VPC) and the public Internet, enabling resources in the VPC to send and receive traffic to and from the Internet.

Full entry →
Full Internet gateway glossary entry →

Term 344

Internet Key Exchange

Internet Key Exchange (IKE) is a protocol used to set up a secure, encrypted connection between two devices by automatically negotiating and exchanging encryption keys over an untrusted network like the internet.

Full entry →
Full Internet Key Exchange glossary entry →

Term 345

Internet of Things

The Internet of Things (IoT) is a network of physical devices, vehicles, appliances, and other objects embedded with sensors and software that connect to the internet to collect and exchange data.

Full entry →
Full Internet of Things glossary entry →

Term 346

Internet Protocol Security

Internet Protocol Security (IPsec) is a suite of protocols that encrypts and authenticates data packets sent over IP networks to ensure private and secure communication.

Full entry →
Full Internet Protocol Security glossary entry →

Term 347

Intrusion Detection System

An Intrusion Detection System (IDS) is a security tool that monitors network traffic or system activities for malicious actions or policy violations and sends alerts to administrators.

Full entry →
Full Intrusion Detection System glossary entry →

Term 348

Intrusion Prevention System

An Intrusion Prevention System (IPS) is a network security tool that monitors network traffic and actively blocks threats like malware and cyberattacks in real time.

Full entry →
Full Intrusion Prevention System glossary entry →

Term 349

IOA

IOA (Indicator of Attack) is a security concept that focuses on detecting the intent and sequence of actions leading up to a cyber attack, rather than just the artifacts left behind after a breach.

Full entry →
Full IOA glossary entry →

Term 350

IOC

IOC stands for Indicator of Compromise, which is forensic evidence that a system has been breached or infected by malware.

Full entry →
Full IOC glossary entry →

Term 351

IoT

IoT (Internet of Things) is a network of physical devices embedded with sensors and software to connect and exchange data over the internet.

Full entry →
Full IoT glossary entry →

Term 352

IP helper address

A Cisco IOS command that forwards broadcast traffic from one subnet to a specific server on another subnet, allowing devices to obtain IP configuration or other services without needing a router or server on their local network.

Full entry →
Full IP helper address glossary entry →

Term 353

IP Source Guard

IP Source Guard is a network security feature that blocks IP address spoofing by verifying that each packet's source IP address matches an authorized binding assigned to that switch port.

Full entry →
Full IP Source Guard glossary entry →

Term 354

IPS

An Intrusion Prevention System (IPS) is a network security device that monitors traffic in real time and automatically blocks threats before they reach your systems.

Full entry →
Full IPS glossary entry →

Term 355

IPsec

IPsec is a suite of protocols used to secure Internet Protocol (IP) communications by encrypting and authenticating each IP packet in a data stream.

Full entry →
Full IPsec glossary entry →

Term 356

iptables

iptables is a command-line firewall utility in Linux that uses rules to allow or block network traffic based on packet attributes like source IP, destination port, or protocol.

Full entry →
Full iptables glossary entry →

Term 357

ISO 27001

ISO 27001 is an international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).

Full entry →
Full ISO 27001 glossary entry →

Term 358

Isolation

Isolation is the process of separating a compromised or suspicious system from a network to prevent the spread of malware or unauthorized access.

Full entry →
Full Isolation glossary entry →

Term 359

Job rotation

Job rotation is a security governance practice where employees periodically switch roles or responsibilities to reduce risk, prevent fraud, and ensure organizational resilience.

Full entry →
Full Job rotation glossary entry →

Term 360

JWT

A JSON Web Token (JWT) is a compact, self-contained token used to securely transmit information between parties as a JSON object.

Full entry →
Full JWT glossary entry →
← Part 11Part 13 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12currentPart 13Part 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26

Study resources

All ISC2 CC Acronyms→ISC2 CC Practice Tests→ISC2 CC Study Guide→Exam Domains→