Term 391
Management group
A Management group is a container in Microsoft Azure that helps you organize and manage access, policies, and compliance across multiple Azure subscriptions.
Acronym study
Terms 391–420 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 391
A Management group is a container in Microsoft Azure that helps you organize and manage access, policies, and compliance across multiple Azure subscriptions.
Term 392
Mandatory vacation is a security control that requires employees to take a consecutive period of leave so that any unauthorized activities or irregularities in their work can be detected by others.
Term 393
Maximum tolerable downtime (MTD) is the total amount of time a business process or system can be unavailable before causing irreparable harm to the organization.
Term 394
MDM stands for Mobile Device Management, a technology that allows IT administrators to securely manage, monitor, and enforce policies on mobile devices like smartphones and tablets from a central console.
Term 395
A Memorandum of Understanding (MOU) is a formal document that outlines the general terms and intentions of an agreement between two or more parties before a legally binding contract is signed.
Term 396
Memory capture is the process of preserving the contents of a computer's volatile memory (RAM) for forensic analysis during incident response.
Term 397
A centralized dashboard within a software platform that displays system notifications, alerts, and messages about account status, security events, and service updates.
Term 398
Metadata is data that describes other data, providing context such as when a file was created, who created it, or its size.
Term 399
Multi-Factor Authentication (MFA) is a security method that requires a user to verify their identity using two or more different types of evidence, such as a password plus a code from a phone, before they can access an account or system.
Term 400
A Microsoft 365 group is a membership object that provides a single identity for a set of users to collaborate across multiple Microsoft 365 services like Outlook, Teams, and SharePoint.
Term 401
Microsoft Defender is a suite of security products that protects devices, data, and identities from cyber threats like malware, phishing, and unauthorized access.
Term 402
Microsoft Defender for Endpoint is a cloud-delivered enterprise-grade security platform that protects devices, servers, and networks from advanced cyber threats by combining antivirus, endpoint detection and response, and automated investigation and remediation.
Term 403
Microsoft Defender for Office 365 is a cloud-based email and collaboration security service that protects organizations against malicious threats like phishing, malware, and spam in email messages and Office 365 apps.
Term 404
Microsoft Defender XDR is a unified security platform that automatically correlates alerts from across an organization's endpoints, email, identities, and cloud apps to stop complex attacks.
Term 405
Microsoft Entra ID is a cloud-based identity and access management service that lets employees sign in and access resources both inside and outside of your organization.
Term 406
Microsoft Purview is a unified data governance and compliance service that helps organizations discover, manage, and protect their data across on-premises, cloud, and hybrid environments.
Term 407
Microsoft Sentinel is a cloud-native security information and event management (SIEM) and security orchestration automation and response (SOAR) service that helps organizations detect, investigate, and respond to cyber threats across their entire digital estate.
Term 408
A Microsoft Store app is a software program downloaded and installed from the Microsoft Store, designed to run in a sandboxed environment with limited system access for improved security and ease of management.
Term 409
Misconfiguration is when a system, device, or software is set up incorrectly, leaving it vulnerable to attack or causing it to malfunction.
Term 410
MITRE ATT&CK is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations, used by security professionals to understand and defend against cyber threats.
Term 411
Mobile application management (MAM) is the practice of controlling and securing corporate apps and their data on employee-owned or company-provided mobile devices without managing the entire device.
Term 412
Mobile device management (MDM) is a security solution that allows IT administrators to enroll, configure, monitor, and enforce policies on smartphones, tablets, and other mobile devices used in an organization.
Term 413
A Memorandum of Understanding (MOU) is a non-binding agreement between parties outlining mutual goals and intentions for cooperation.
Term 414
MTBF (Mean Time Between Failures) is a reliability metric that estimates the average operational time between inherent failures of a hardware component or system during normal operation.
Term 415
MTD (Maximum Tolerable Downtime) is the longest period a business can function without a specific system or service before the damage becomes unacceptable.
Term 416
MTTR stands for Mean Time to Repair, a metric that measures the average time it takes to restore a failed system or component to full working order after a failure occurs.
Term 417
Multifactor Authentication (MFA) is a security method that requires you to provide two or more pieces of evidence to prove your identity before accessing an account or system.
Term 418
Multilevel security is a computer security approach that allows users with different clearance levels to access data at different classification levels on the same system, while preventing unauthorized access.
Term 419
A Mutual Non-disclosure Agreement is a legally binding contract between two parties where both agree to keep each other's confidential information private and not share it with outsiders.
Term 420
Network Access Control (NAC) is a security technology that enforces policies to control which devices and users can connect to a network.