Term 1
Access review
An access review is a periodic audit process where administrators check and confirm which users have permissions to what resources, ensuring only authorized people retain access.
Acronym study
Terms 1–30 of 129 MS-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 1
An access review is a periodic audit process where administrators check and confirm which users have permissions to what resources, ensuring only authorized people retain access.
Term 2
An Administrative unit is a container in Microsoft Entra ID that allows you to delegate administrative permissions over a subset of users, groups, or devices, rather than the entire directory.
Term 3
An alert is a notification that something unusual or potentially harmful has happened in a computer system or network.
Term 4
An anti-malware policy is a set of rules and procedures that an organization enforces to prevent, detect, and remove malicious software from its computers and networks.
Term 5
An anti-phishing policy is a set of rules and technical controls that organizations use to detect, block, and respond to email or message-based attacks that trick users into revealing sensitive information.
Term 6
An anti-spam policy is a set of rules and filters used by email systems to automatically detect and block unwanted, unsolicited, or harmful messages before they reach a user's inbox.
Term 7
An app protection policy is a set of rules that controls how data is handled and secured within mobile applications, ensuring corporate information stays safe even on personal devices.
Term 8
An assigned license is a software or service license that has been specifically allocated to a particular user or device, granting that entity the right to use the licensed product.
Term 9
Attack simulation training is a Microsoft 365 security tool that lets IT administrators run realistic phishing and password-attack campaigns against their own users to identify vulnerabilities and improve security awareness.
Term 10
Attack surface reduction is a set of security practices that minimizes the number of ways an attacker can access or exploit a system by removing unnecessary features, locking down configurations, and controlling software behavior.
Term 11
An audit log is a chronological record of security-relevant events and user activities within a system, used for monitoring, compliance, and forensic analysis.
Term 12
Autopilot is a Microsoft cloud-based deployment technology that automates the setup and configuration of new Windows devices, reducing manual IT effort and enabling users to be productive from the first boot.
Term 13
Azure AD Connect is a Microsoft tool that synchronizes on-premises Active Directory identities with Azure Active Directory for unified cloud and on-premises access.
Term 14
B2B collaboration is a feature in Microsoft Entra ID that lets organizations securely share access to their apps and resources with external business partners using their own identity systems.
Term 15
B2C identity refers to an identity management system designed for businesses to manage and authenticate external consumers, such as customers or partners, across applications and services.
Term 16
A Cloud CDN is a network of servers spread around the world that stores copies of your website or app content so it loads faster for users no matter where they are.
Term 17
A managed domain name system service that translates human-readable domain names into IP addresses, enabling reliable and scalable network routing in cloud environments.
Term 18
Cloud Interconnect is a service that provides a dedicated, private, high-bandwidth connection between your on-premises network and a cloud provider's network, bypassing the public internet for improved reliability, security, and performance.
Term 19
Cloud Load Balancing is the process of distributing incoming network traffic across multiple servers or resources in the cloud to ensure no single resource is overwhelmed, improving availability and reliability.
Term 20
Cloud productivity refers to the use of internet-based software applications and services that enable individuals and teams to create, collaborate, manage, and share work from anywhere, on any device, without requiring local installation or maintenance of the underlying infrastructure.
Term 21
Cloud security posture management is the continuous process of monitoring cloud environments to detect misconfigurations, compliance violations, and security risks, and automatically remediating them to maintain a strong security posture.
Term 22
Cloud storage is a service that lets you save data on remote servers accessed over the internet instead of on your computer's hard drive.
Term 23
A Cloud VPN is a service that securely connects your private network to a cloud provider's network over the public internet using encryption and authentication.
Term 24
A cloud-only identity is a user account that exists solely in a cloud-based identity provider and has no counterpart in any on-premises directory service.
Term 25
Collaboration in Microsoft 365 refers to the integrated tools and services that enable people to work together in real time, share information, and coordinate tasks from anywhere.
Term 26
Company Portal is a Microsoft app that gives employees a secure, self-service way to enroll devices, access company apps, and manage work resources from any device.
Term 27
A Compliance Manager is a tool or service that helps organizations assess, monitor, and improve their adherence to regulatory standards, industry frameworks, and internal policies.
Term 28
A compliance policy is a set of rules that ensures devices, users, and applications meet an organization's security and regulatory requirements before they can access corporate resources.
Term 29
Conditional access is a security framework that evaluates signals like user location, device health, and risk level to grant or block access to resources in real time.
Term 30
A Conditional Access policy is a set of rules in Microsoft Entra ID that automatically grants or blocks access to cloud apps based on signals like user identity, location, device health, and risk level.