Term 1
Acceptable use policy
An acceptable use policy is a set of rules that an organization creates to define how employees and other users may use its computer systems, networks, and data.
Acronym study
Terms 1–30 of 324 MS-102 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 1
An acceptable use policy is a set of rules that an organization creates to define how employees and other users may use its computer systems, networks, and data.
Term 2
An accepted domain in Microsoft 365 is any SMTP domain for which the organization can send and receive email messages.
Term 3
Access control is the security practice of determining who or what is allowed to view, use, or enter a resource, and under what conditions.
Term 4
An access key is a unique identifier and secret code pair used to authenticate requests to cloud storage services, ensuring only authorized users or applications can access data.
Term 5
An access port is a switch port that connects to a single end device, like a computer or printer, and carries traffic for only one VLAN.
Term 6
An access review is a periodic audit process where administrators check and confirm which users have permissions to what resources, ensuring only authorized people retain access.
Term 7
A digital key that a computer system gives you to prove your identity and grant you permission to access specific resources or perform actions.
Term 8
An administrative role is a predefined or custom set of permissions in Microsoft 365 that controls what tasks a person can perform in the tenant, such as managing users, resetting passwords, or overseeing security settings.
Term 9
An administrative template is a file used by Windows group policy to control registry-based settings for applications and the operating system, allowing administrators to enforce configuration policies across a network.
Term 10
An Administrative unit is a container in Microsoft Entra ID that allows you to delegate administrative permissions over a subset of users, groups, or devices, rather than the entire directory.
Term 11
An alerting policy is a set of rules that defines when to send notifications about a system condition that needs attention.
Term 12
Anti-malware is software that detects, prevents, and removes malicious software from computers, networks, and devices.
Term 13
An anti-malware policy is a set of rules and procedures that an organization enforces to prevent, detect, and remove malicious software from its computers and networks.
Term 14
An anti-phishing policy is a set of rules and technical controls that organizations use to detect, block, and respond to email or message-based attacks that trick users into revealing sensitive information.
Term 15
An anti-spam policy is a set of rules and filters used by email systems to automatically detect and block unwanted, unsolicited, or harmful messages before they reach a user's inbox.
Term 16
API security is the practice of protecting application programming interfaces from attacks by ensuring only authorized users and applications can access data and functions.
Term 17
App deployment is the process of making a software application available for use by end users, often involving distribution, installation, configuration, and updates across multiple devices or servers.
Term 18
An app protection policy is a set of rules that controls how data is handled and secured within mobile applications, ensuring corporate information stays safe even on personal devices.
Term 19
An Application Security Group (ASG) is a cloud networking feature that groups virtual machines logically and allows you to apply security rules based on the application workload, rather than individual IP addresses.
Term 20
Asymmetric encryption is a cryptographic method that uses a pair of keys—a public key for encryption and a private key for decryption—to securely exchange data without sharing a secret.
Term 21
Attack simulation training is a Microsoft 365 security tool that lets IT administrators run realistic phishing and password-attack campaigns against their own users to identify vulnerabilities and improve security awareness.
Term 22
Attack surface reduction is a set of security practices that minimizes the number of ways an attacker can access or exploit a system by removing unnecessary features, locking down configurations, and controlling software behavior.
Term 23
An audit is a systematic, independent review of IT systems, processes, and controls to verify compliance with policies, standards, and regulations.
Term 24
An audit log is a chronological record of security-relevant events and user activities within a system, used for monitoring, compliance, and forensic analysis.
Term 25
An audit trail is a chronological record of events, changes, or activities in a system that provides evidence of who did what, when, and from where.
Term 26
Authentication strength is a measure of how resistant a login process is to unauthorized access, combining the type, number, and quality of credentials required.
Term 27
Autopilot is a Microsoft cloud-based deployment technology that automates the setup and configuration of new Windows devices, reducing manual IT effort and enabling users to be productive from the first boot.
Term 28
An Autopilot profile is a collection of configuration settings that dictates how a new Windows device will be set up and delivered to an end user with minimal IT intervention.
Term 29
Azure AD Connect is a Microsoft tool that synchronizes on-premises Active Directory identities with Azure Active Directory for unified cloud and on-premises access.
Term 30
Azure Firewall is a cloud-based network security service that protects your virtual networks in Microsoft Azure by filtering traffic based on rules you define.