Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

ISC2 Certified in Cybersecurity CC/Acronyms/Part 7

Acronym study

ISC2 CC Acronyms — Part 7 of 26

Terms 181–210 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 6Part 7 of 26Part 8 →

Term 181

Defender for Cloud Apps

Defender for Cloud Apps is a Microsoft cloud access security broker (CASB) that helps you discover, protect, and govern your cloud applications and data across multiple cloud environments.

Full entry →
Full Defender for Cloud Apps glossary entry →

Term 182

Defender for Endpoint

Microsoft Defender for Endpoint is a cloud-delivered enterprise security solution designed to protect devices from cyber threats using behavioral analysis, machine learning, and automated investigation.

Full entry →
Full Defender for Endpoint glossary entry →

Term 183

Defender for Identity

Defender for Identity is a cloud-based security solution that detects, investigates, and responds to advanced identity threats targeting on-premises Active Directory and cloud identities.

Full entry →
Full Defender for Identity glossary entry →

Term 184

Defender for Office 365

Microsoft Defender for Office 365 is a cloud-based email security service that protects organizations against advanced threats like phishing, malware, and business email compromise by scanning emails, attachments, and links in real time.

Full entry →
Full Defender for Office 365 glossary entry →

Term 185

Defense in depth

Defense in depth is a cybersecurity strategy that uses multiple layers of security controls to protect information and systems, so if one layer fails, another layer is already in place to stop the attack.

Full entry →
Full Defense in depth glossary entry →

Term 186

Denial-of-service

A Denial-of-service (DoS) attack is an attempt to make a computer, network, or online service unavailable to its intended users by overwhelming it with fake traffic or requests.

Full entry →
Full Denial-of-service glossary entry →

Term 187

Dependency scanning

Dependency scanning is the automated process of checking software components for known security vulnerabilities and outdated versions.

Full entry →
Full Dependency scanning glossary entry →

Term 188

Detection

Detection is the process of identifying potential security incidents or anomalies by analyzing system data, logs, and network traffic.

Full entry →
Full Detection glossary entry →

Term 189

Detection engineering

Detection engineering is the practice of designing, building, and refining security monitoring rules and signals to identify malicious activity in an IT environment.

Full entry →
Full Detection engineering glossary entry →

Term 190

Detective control

A detective control is a security measure that identifies and reports unwanted or suspicious activity after it has already occurred.

Full entry →
Full Detective control glossary entry →

Term 191

Deterrent control

A deterrent control is a security measure designed to discourage potential attackers from attempting to breach a system or commit a violation, relying on the perceived threat of consequences.

Full entry →
Full Deterrent control glossary entry →

Term 192

Device risk

Device risk is the chance that a computer, phone, or other endpoint could cause a security problem or data leak because it is not properly managed or protected.

Full entry →
Full Device risk glossary entry →

Term 193

DevSecOps

DevSecOps is a software development practice that integrates security into every phase of the DevOps lifecycle, making security a shared responsibility from the start.

Full entry →
Full DevSecOps glossary entry →

Term 194

DHCP pool

A DHCP pool is a reserved set of IP addresses that a DHCP server can assign to devices on a network automatically when they request a connection.

Full entry →
Full DHCP pool glossary entry →

Term 195

DHCP server

A DHCP server is a network device or service that automatically assigns IP addresses and other network configuration parameters to devices on a network, eliminating the need for manual configuration.

Full entry →
Full DHCP server glossary entry →

Term 196

DHCP snooping

DHCP snooping is a network security feature that filters untrusted DHCP messages to prevent rogue DHCP servers from giving out false IP addresses.

Full entry →
Full DHCP snooping glossary entry →

Term 197

Diamond model

The Diamond model is a framework for analyzing cybersecurity intrusions by examining four key components: adversary, capability, infrastructure, and victim.

Full entry →
Full Diamond model glossary entry →

Term 198

Digital identity

A digital identity is the online representation of a person, device, or entity used to authenticate and authorize access to digital resources.

Full entry →
Full Digital identity glossary entry →

Term 199

Digital Rights Management

Digital Rights Management (DRM) is a set of technologies used to control how digital content like music, movies, ebooks, or software is accessed, copied, or shared.

Full entry →
Full Digital Rights Management glossary entry →

Term 200

Direct Connect

AWS Direct Connect is a cloud service that lets you create a dedicated private network link from your on-premises data center to AWS, bypassing the public internet for more consistent and secure connectivity.

Full entry →
Full Direct Connect glossary entry →

Term 201

Disaster recovery

Disaster recovery is a set of policies, procedures, and tools that help an organization restore critical IT systems and data after a disruptive event.

Full entry →
Full Disaster recovery glossary entry →

Term 202

Disaster recovery plan

A Disaster Recovery Plan (DRP) is a documented, structured approach that outlines how an organization can quickly resume critical IT systems and operations after a disruptive event.

Full entry →
Full Disaster recovery plan glossary entry →

Term 203

Disk image

A disk image is a sector-by-sector copy of an entire storage device, such as a hard drive or SSD, used in incident response to preserve forensic evidence exactly as it existed at a point in time.

Full entry →
Full Disk image glossary entry →

Term 204

Distributed Denial-of-service

A cyberattack where many compromised computers flood a target system with traffic, making it unavailable to legitimate users.

Full entry →
Full Distributed Denial-of-service glossary entry →

Term 205

DLP

Data Loss Prevention — security technology that detects and prevents unauthorised transmission of sensitive data outside an organisation.

Full entry →
Full DLP glossary entry →

Term 206

DLP policy

A DLP policy is a set of rules that an organization uses to prevent sensitive data from being lost, stolen, or accidentally exposed, whether it is in use, in motion, or at rest.

Full entry →
Full DLP policy glossary entry →

Term 207

DMZ

A DMZ (demilitarized zone) is a network segment that sits between an internal private network and the public internet, hosting publicly accessible services while keeping the internal network isolated.

Full entry →
Full DMZ glossary entry →

Term 208

DNS

DNS is the system that translates human-friendly domain names like example.com into machine-readable IP addresses so computers can find each other on a network.

Full entry →
Full DNS glossary entry →

Term 209

DNS log

A DNS log is a record of all Domain Name System queries and responses that pass through a server, providing a trail of which domains were requested, by whom, and when.

Full entry →
Full DNS log glossary entry →

Term 210

DNS over HTTPS

DNS over HTTPS is a protocol that sends Domain Name System queries and responses over the encrypted HTTPS protocol to protect user privacy and prevent tampering.

Full entry →
Full DNS over HTTPS glossary entry →
← Part 6Part 8 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7currentPart 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26

Study resources

All ISC2 CC Acronyms→ISC2 CC Practice Tests→ISC2 CC Study Guide→Exam Domains→