Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

ISC2 Certified in Cybersecurity CC/Acronyms/Part 9

Acronym study

ISC2 CC Acronyms — Part 9 of 26

Terms 241–270 of 754 ISC2 CC acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 8Part 9 of 26Part 10 →

Term 241

Endpoint detection and response

Endpoint detection and response (EDR) is a cybersecurity solution that continuously monitors endpoint devices for suspicious activity and automatically responds to threats to stop attacks in real time.

Full entry →
Full Endpoint detection and response glossary entry →

Term 242

Endpoint protection

Endpoint protection is a security approach that safeguards devices like laptops, phones, and servers from malicious threats by monitoring, detecting, and blocking attacks at the device level.

Full entry →
Full Endpoint protection glossary entry →

Term 243

Endpoint security policy

An endpoint security policy is a set of rules that controls how devices like laptops, phones, and servers connect to a network and what security protections they must have to keep data safe.

Full entry →
Full Endpoint security policy glossary entry →

Term 244

Endpoint telemetry

Endpoint telemetry is the automated collection and transmission of security-relevant data from devices like laptops, servers, and phones to a central monitoring system for threat detection and analysis.

Full entry →
Full Endpoint telemetry glossary entry →

Term 245

Enterprise risk management

Enterprise risk management is the systematic process of identifying, assessing, and responding to risks that could affect an organization’s ability to achieve its objectives.

Full entry →
Full Enterprise risk management glossary entry →

Term 246

EOL

End of Life (EOL) is the date when a vendor stops selling, supporting, or patching a product, requiring migration to avoid security and compliance risks.

Full entry →
Full EOL glossary entry →

Term 247

EOS

EOS (End of Support) marks the date when a vendor stops providing technical assistance, patches, and firmware updates for a product.

Full entry →
Full EOS glossary entry →

Term 248

Eradication

Eradication is the phase in incident response where the root cause of a security breach is completely removed from the system to prevent the attack from happening again.

Full entry →
Full Eradication glossary entry →

Term 249

Escalation path

An escalation path is a predefined process that determines how an incident or issue is raised to higher-level support or management when it cannot be resolved at the current level.

Full entry →
Full Escalation path glossary entry →

Term 250

ESP

ESP (Encapsulating Security Payload) is a core protocol in IPsec that provides confidentiality, data integrity, and authentication for VPN traffic by encrypting and optionally authenticating the payload of IP packets.

Full entry →
Full ESP glossary entry →

Term 251

ESP

ESP (Encapsulating Security Payload) provides confidentiality, data origin authentication, connectionless integrity, and anti-replay protection for IP packets.

Full entry →
Full ESP glossary entry →

Term 252

Evaluation assurance level

A rating from the Common Criteria that measures how thoroughly a computer product or system has been tested and verified for security.

Full entry →
Full Evaluation assurance level glossary entry →

Term 253

Event

An event is any identifiable occurrence or action in a computer system, network, or application that can be logged, monitored, or analyzed for security or operational purposes.

Full entry →
Full Event glossary entry →

Term 254

Event log

An event log is a file or record that stores a chronological list of events, changes, errors, or security incidents occurring on a computer system or network.

Full entry →
Full Event log glossary entry →

Term 255

Evidence handling

Evidence handling is the process of properly collecting, preserving, documenting, and storing digital evidence to maintain its integrity and admissibility in legal or administrative proceedings.

Full entry →
Full Evidence handling glossary entry →

Term 256

Evidence preservation

Evidence preservation is the process of protecting and maintaining digital data in its original state so it can be used in legal or investigative proceedings without being altered or corrupted.

Full entry →
Full Evidence preservation glossary entry →

Term 257

Evil twin

An evil twin attack is a rogue wireless access point that impersonates a legitimate network to intercept or manipulate user traffic.

Full entry →
Full Evil twin glossary entry →

Term 258

Exposure

Exposure is the measure of potential loss or harm to an organization's assets when a vulnerability is exploited by a threat, often expressed as the window of time or degree of access an attacker has.

Full entry →
Full Exposure glossary entry →

Term 259

Exposure factor

Exposure factor is the percentage of an asset's value that would be lost if a specific threat event occurs, used to calculate the single loss expectancy in risk analysis.

Full entry →
Full Exposure factor glossary entry →

Term 260

Extended ACL

An extended access control list (ACL) is a set of rules that filters network traffic based on source and destination IP addresses, protocol type, and port numbers, providing more granular control than a standard ACL.

Full entry →
Full Extended ACL glossary entry →

Term 261

Extended Detection and Response

Extended Detection and Response (XDR) is a security approach that collects and analyzes data from multiple sources like endpoints, networks, servers, and email to detect and stop threats more effectively.

Full entry →
Full Extended Detection and Response glossary entry →

Term 262

Extensible Authentication Protocol

Extensible Authentication Protocol (EAP) is a flexible authentication framework used in network access control, particularly in wireless and point-to-point connections, that supports multiple authentication methods without requiring changes to the underlying protocol.

Full entry →
Full Extensible Authentication Protocol glossary entry →

Term 263

Extensible Authentication Protocol over LAN

EAP over LAN (EAPoL) is a protocol that carries authentication messages between a device and a network access point before the device is allowed to connect to the network.

Full entry →
Full Extensible Authentication Protocol over LAN glossary entry →

Term 264

Facial Recognition Technology

Facial recognition technology is a biometric security method that identifies or verifies a person by analyzing and comparing patterns of their facial features.

Full entry →
Full Facial Recognition Technology glossary entry →

Term 265

fail2ban

Fail2ban is a security tool that monitors log files for repeated authentication failures and temporarily bans the offending IP addresses using firewall rules.

Full entry →
Full fail2ban glossary entry →

Term 266

Failover

Failover is the automatic switching to a backup system when the primary system fails, ensuring continuous operation and minimal downtime.

Full entry →
Full Failover glossary entry →

Term 267

Failover routing

Failover routing is a network design that automatically redirects traffic to a backup path when the primary path fails, keeping services available.

Full entry →
Full Failover routing glossary entry →

Term 268

False negative

A false negative is when a security tool fails to detect a real threat, mistakenly treating it as harmless.

Full entry →
Full False negative glossary entry →

Term 269

False positive

A false positive is an alert or result that indicates a security threat or vulnerability exists when in fact there is no real issue.

Full entry →
Full False positive glossary entry →

Term 270

File Transfer Protocol Secure

File Transfer Protocol Secure (FTPS) is a secure version of FTP that adds encryption using TLS or SSL to protect data during file transfers.

Full entry →
Full File Transfer Protocol Secure glossary entry →
← Part 8Part 10 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9currentPart 10Part 11Part 12Part 13Part 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26

Study resources

All ISC2 CC Acronyms→ISC2 CC Practice Tests→ISC2 CC Study Guide→Exam Domains→