Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

ISC2 Certified in Cybersecurity CC/Acronyms/Part 16

Acronym study

ISC2 CC Acronyms — Part 16 of 26

Terms 451–480 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 15Part 16 of 26Part 17 →

Term 451

OT

Operational Technology (OT) is hardware and software that monitors and controls physical devices, processes, and infrastructure in industrial environments.

Full entry →
Full OT glossary entry →

Term 452

Outbound ACL

An Outbound ACL is a set of rules applied to traffic leaving a network interface that decides which packets are allowed to exit and which are blocked.

Full entry →
Full Outbound ACL glossary entry →

Term 453

Outside global

An Outside global address is the publicly routable IP address assigned to a device on the external network (usually the internet) as seen from the perspective of a network device performing Network Address Translation (NAT).

Full entry →
Full Outside global glossary entry →

Term 454

Outside local

Outside local is the IP address that a device on the inside of a private network appears to have from the perspective of hosts located outside the network, typically after Network Address Translation (NAT) has been applied.

Full entry →
Full Outside local glossary entry →

Term 455

OWASP Top 10

The OWASP Top 10 is a regularly updated list of the most critical security risks to web applications, published by the Open Web Application Security Project (OWASP) to help developers and security professionals prioritize and mitigate common vulnerabilities.

Full entry →
Full OWASP Top 10 glossary entry →

Term 456

Owner role

The Owner role is an access control entity that holds full administrative rights over a resource, including the ability to grant or revoke permissions for other users.

Full entry →
Full Owner role glossary entry →

Term 457

Packet capture

Packet capture is the process of intercepting and recording data packets traveling over a computer network for analysis.

Full entry →
Full Packet capture glossary entry →

Term 458

PAM

Privileged Access Management (PAM) is a security framework that controls, monitors, and audits access to critical systems and accounts with elevated permissions.

Full entry →
Full PAM glossary entry →

Term 459

Password manager

A password manager is a software application that securely stores and manages login credentials, allowing users to generate, retrieve, and autofill complex passwords without needing to remember each one.

Full entry →
Full Password manager glossary entry →

Term 460

Password policy

A set of rules designed to enhance computer security by encouraging users to create strong, secure passwords and store them properly.

Full entry →
Full Password policy glossary entry →

Term 461

Passwordless authentication

Passwordless authentication is a method of verifying a user's identity without requiring them to enter a password, using alternative factors like biometrics, hardware tokens, or one-time codes.

Full entry →
Full Passwordless authentication glossary entry →

Term 462

PAT

PAT (Port Address Translation) is a method of network address translation that maps multiple private IP addresses to a single public IP address by using different port numbers for each connection.

Full entry →
Full PAT glossary entry →

Term 463

Patch management

Patch management is the process of identifying, acquiring, testing, and deploying software updates (patches) to fix vulnerabilities, bugs, or improve performance in IT systems.

Full entry →
Full Patch management glossary entry →

Term 464

Patch Manager

A Patch Manager is a tool or service that automates the process of finding, downloading, testing, and installing software updates across multiple computers to keep them secure and stable.

Full entry →
Full Patch Manager glossary entry →

Term 465

Payment Card Industry Data Security Standards

A set of security rules that any company that handles credit card payments must follow to protect cardholder data from theft and fraud.

Full entry →
Full Payment Card Industry Data Security Standards glossary entry →

Term 466

PCI DSS

The Payment Card Industry Data Security Standard is a set of security requirements designed to protect credit card data during storage, processing, and transmission.

Full entry →
Full PCI DSS glossary entry →

Term 467

Penetration test

A penetration test is a simulated cyberattack against a computer system, network, or application to identify security weaknesses that an attacker could exploit.

Full entry →
Full Penetration test glossary entry →

Term 468

Penetration testing

Penetration testing is a simulated cyberattack on a computer system, network, or application to find security weaknesses before real attackers can exploit them.

Full entry →
Full Penetration testing glossary entry →

Term 469

Permission boundary

A permission boundary is the defined limit that controls which users, processes, or systems can access specific resources in a computing environment.

Full entry →
Full Permission boundary glossary entry →

Term 470

Personal Identification Number

A Personal Identification Number (PIN) is a short numeric code used to verify a user's identity before granting access to a system, device, or account.

Full entry →
Full Personal Identification Number glossary entry →

Term 471

Personal Identity Verification

Personal Identity Verification, or PIV, is a US federal government standard for using smart cards to securely verify a person's identity for access to physical and digital resources.

Full entry →
Full Personal Identity Verification glossary entry →

Term 472

Personally identifiable information

Personally identifiable information (PII) is any data that can be used to identify, contact, or locate a specific individual, either alone or when combined with other information.

Full entry →
Full Personally identifiable information glossary entry →

Term 473

PHI

PHI stands for Protected Health Information, which is any health data that can identify an individual and is protected by the Health Insurance Portability and Accountability Act (HIPAA).

Full entry →
Full PHI glossary entry →

Term 474

Phishing

Phishing is a type of cyber attack where criminals impersonate legitimate organizations or individuals to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal data.

Full entry →
Full Phishing glossary entry →

Term 475

Physical control

Physical controls are tangible security measures like locks, fences, and biometric scanners used to protect buildings, hardware, and sensitive data from unauthorized physical access or harm.

Full entry →
Full Physical control glossary entry →

Term 476

PII

PII stands for Personally Identifiable Information, which is any data that can be used to identify a specific individual.

Full entry →
Full PII glossary entry →

Term 477

PIM

Privileged Identity Management, a Microsoft Azure Active Directory tool that manages, monitors, and controls access to privileged roles on a just-in-time basis.

Full entry →
Full PIM glossary entry →

Term 478

Playbook

A playbook is a documented set of predefined steps, scripts, and decision trees used by IT teams to automate, standardize, and respond consistently to common tasks or incidents.

Full entry →
Full Playbook glossary entry →

Term 479

Policy

A policy is a set of rules or guidelines that defines how an organization manages, secures, and operates its IT systems and services.

Full entry →
Full Policy glossary entry →

Term 480

Policy as code

Policy as code is the practice of representing and managing security, compliance, and governance rules as executable code, enabling automated validation and enforcement across infrastructure and software development workflows.

Full entry →
Full Policy as code glossary entry →
← Part 15Part 17 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15Part 16currentPart 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26

Study resources

All ISC2 CC Acronyms→ISC2 CC Practice Tests→ISC2 CC Study Guide→Exam Domains→