Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

ISC2 Certified in Cybersecurity CC/Acronyms/Part 18

Acronym study

ISC2 CC Acronyms — Part 18 of 26

Terms 511–540 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 17Part 18 of 26Part 19 →

Term 511

Public Key Infrastructure

Public Key Infrastructure is a system of policies, roles, hardware, and software that manages digital certificates and public-key encryption to secure communications and verify identities online.

Full entry →
Full Public Key Infrastructure glossary entry →

Term 512

Public subnet

A public subnet is a segment of a cloud Virtual Private Cloud (VPC) or traditional network that has a direct route to the internet via an Internet Gateway, allowing resources within it to send and receive traffic from the public internet.

Full entry →
Full Public subnet glossary entry →

Term 513

Purple team

A purple team is a collaborative approach in cybersecurity where the offensive (red) and defensive (blue) teams work together to improve an organization's security posture by sharing insights and tactics.

Full entry →
Full Purple team glossary entry →

Term 514

Qualitative risk analysis

Qualitative risk analysis is a subjective, scenario-based approach to prioritizing information security risks by evaluating their likelihood and potential impact using predefined scales rather than numerical calculations.

Full entry →
Full Qualitative risk analysis glossary entry →

Term 515

Quantitative risk analysis

Quantitative risk analysis is a structured process that uses numerical data and statistical methods to calculate the potential financial impact of risks on an organization's assets and projects.

Full entry →
Full Quantitative risk analysis glossary entry →

Term 516

Quarantine

Quarantine is a security process that isolates a potentially malicious file, email, or device from the rest of the system to prevent harm while it is analyzed or remediated.

Full entry →
Full Quarantine glossary entry →

Term 517

Radio Frequency Identification

Radio Frequency Identification (RFID) is a wireless technology that uses radio waves to automatically identify and track tags attached to objects, people, or animals without requiring direct line-of-sight.

Full entry →
Full Radio Frequency Identification glossary entry →

Term 518

RADIUS

RADIUS is a network protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service.

Full entry →
Full RADIUS glossary entry →

Term 519

Ransomware

Ransomware is a type of malicious software that encrypts a victim's files or locks them out of their system, demanding payment, usually in cryptocurrency, to restore access.

Full entry →
Full Ransomware glossary entry →

Term 520

Rapid Security Response

A Rapid Security Response is an emergency software patch from Apple that fixes critical security flaws in iOS, iPadOS, macOS, and other Apple operating systems without requiring a full system update.

Full entry →
Full Rapid Security Response glossary entry →

Term 521

RBAC

RBAC is a method of restricting network access based on the roles of individual users within an organization, where permissions are assigned to roles rather than to individuals directly.

Full entry →
Full RBAC glossary entry →

Term 522

Reader role

A Reader role is a predefined set of permissions in identity and governance systems that allows a user to view resources and data but not create, modify, or delete anything.

Full entry →
Full Reader role glossary entry →

Term 523

Records Management

Records management is the systematic control of an organization's records, from creation or receipt through processing, distribution, maintenance, storage, retrieval, and disposal, ensuring integrity, compliance, and availability.

Full entry →
Full Records Management glossary entry →

Term 524

Recovery

Recovery is the process of restoring systems, data, and operations after a security incident, failure, or disaster to return to normal functioning.

Full entry →
Full Recovery glossary entry →

Term 525

Recovery key

A recovery key is a unique code or physical device used to regain access to an encrypted system or account when the primary authentication method, such as a password or biometric, is lost or unavailable.

Full entry →
Full Recovery key glossary entry →

Term 526

Red team

A red team is a group of security professionals who simulate real-world attacks on an organization's systems, people, and facilities to test the effectiveness of its defenses.

Full entry →
Full Red team glossary entry →

Term 527

Redundancy

Redundancy is the practice of adding extra components or systems so that if one fails, another can take over without interruption.

Full entry →
Full Redundancy glossary entry →

Term 528

Reference monitor

A trusted, always-active component of a computer's operating system that enforces security policies by checking every access request to files, memory, or devices before allowing it.

Full entry →
Full Reference monitor glossary entry →

Term 529

Regulatory requirement

A regulatory requirement is a rule issued by a government or industry authority that organizations must follow, often to protect data, ensure safety, or maintain fair practices.

Full entry →
Full Regulatory requirement glossary entry →

Term 530

Remediation script

A remediation script is an automated set of instructions that detects and fixes common IT security or configuration issues without manual intervention.

Full entry →
Full Remediation script glossary entry →

Term 531

Remote Authentication Dial-in User Service

RADIUS is a network protocol that provides centralized authentication, authorization, and accounting for users trying to connect to a network service.

Full entry →
Full Remote Authentication Dial-in User Service glossary entry →

Term 532

Reserved Instance

A Reserved Instance is a billing discount applied to your usage of virtual machines or other compute resources when you commit to using a specific configuration for a one- or three-year term.

Full entry →
Full Reserved Instance glossary entry →

Term 533

Residual risk

Residual risk is the level of risk that remains after all security controls and countermeasures have been applied.

Full entry →
Full Residual risk glossary entry →

Term 534

Resource group

A logical container in Microsoft Azure that holds related resources for an application or solution, enabling unified management, security, and billing.

Full entry →
Full Resource group glossary entry →

Term 535

Resource hierarchy

Resource hierarchy is the structured, parent-child ordering of cloud resources that governs access control, policy inheritance, and resource organization across a cloud platform.

Full entry →
Full Resource hierarchy glossary entry →

Term 536

Resource lock

A resource lock is a cloud governance feature that prevents accidental deletion or modification of critical cloud resources by applying a read-only or delete-only restriction at the resource, resource group, or subscription level.

Full entry →
Full Resource lock glossary entry →

Term 537

Retention label

A retention label is a tag applied to emails, documents, or files in Microsoft 365 that tells the system how long to keep the item and what to do with it when the time is up.

Full entry →
Full Retention label glossary entry →

Term 538

Retention policy

A retention policy is a set of rules that determines how long an organization keeps its data and what happens to it when the retention period expires.

Full entry →
Full Retention policy glossary entry →

Term 539

Reverse engineering

Reverse engineering is the process of deconstructing a system, software, or hardware to understand its design, functionality, and operation, often for analysis, replication, or improvement.

Full entry →
Full Reverse engineering glossary entry →

Term 540

RFID

RFID uses radio waves to wirelessly identify and track tags attached to objects, enabling automatic data capture without line-of-sight.

Full entry →
Full RFID glossary entry →
← Part 17Part 19 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15Part 16Part 17Part 18currentPart 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26

Study resources

All ISC2 CC Acronyms→ISC2 CC Practice Tests→ISC2 CC Study Guide→Exam Domains→