Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Microsoft Security, Compliance, and Identity Fundamentals SC-900/Acronyms/Part 10

Acronym study

SC-900 Acronyms — Part 10 of 29

Terms 271–300 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 9Part 10 of 29Part 11 →

Term 271

Endpoint security policy

An endpoint security policy is a set of rules that controls how devices like laptops, phones, and servers connect to a network and what security protections they must have to keep data safe.

Full entry →
Full Endpoint security policy glossary entry →

Term 272

Endpoint telemetry

Endpoint telemetry is the automated collection and transmission of security-relevant data from devices like laptops, servers, and phones to a central monitoring system for threat detection and analysis.

Full entry →
Full Endpoint telemetry glossary entry →

Term 273

Enterprise Mobility and Security

Enterprise Mobility and Security is a Microsoft 365 suite of cloud services that secures and manages mobile devices, apps, and data within an organization.

Full entry →
Full Enterprise Mobility and Security glossary entry →

Term 274

Enterprise risk management

Enterprise risk management is the systematic process of identifying, assessing, and responding to risks that could affect an organization’s ability to achieve its objectives.

Full entry →
Full Enterprise risk management glossary entry →

Term 275

Entitlement management

Entitlement management is the process of controlling who has access to what resources in an organization through automated policies, approvals, and lifecycle management.

Full entry →
Full Entitlement management glossary entry →

Term 276

EOL

End of Life (EOL) is the date when a vendor stops selling, supporting, or patching a product, requiring migration to avoid security and compliance risks.

Full entry →
Full EOL glossary entry →

Term 277

EOS

EOS (End of Support) marks the date when a vendor stops providing technical assistance, patches, and firmware updates for a product.

Full entry →
Full EOS glossary entry →

Term 278

Eradication

Eradication is the phase in incident response where the root cause of a security breach is completely removed from the system to prevent the attack from happening again.

Full entry →
Full Eradication glossary entry →

Term 279

ESP

ESP (Encapsulating Security Payload) is a core protocol in IPsec that provides confidentiality, data integrity, and authentication for VPN traffic by encrypting and optionally authenticating the payload of IP packets.

Full entry →
Full ESP glossary entry →

Term 280

ESP

ESP (Encapsulating Security Payload) provides confidentiality, data origin authentication, connectionless integrity, and anti-replay protection for IP packets.

Full entry →
Full ESP glossary entry →

Term 281

Evaluation assurance level

A rating from the Common Criteria that measures how thoroughly a computer product or system has been tested and verified for security.

Full entry →
Full Evaluation assurance level glossary entry →

Term 282

Event

An event is any identifiable occurrence or action in a computer system, network, or application that can be logged, monitored, or analyzed for security or operational purposes.

Full entry →
Full Event glossary entry →

Term 283

Event log

An event log is a file or record that stores a chronological list of events, changes, errors, or security incidents occurring on a computer system or network.

Full entry →
Full Event log glossary entry →

Term 284

Evil twin

An evil twin attack is a rogue wireless access point that impersonates a legitimate network to intercept or manipulate user traffic.

Full entry →
Full Evil twin glossary entry →

Term 285

Exchange Online

Exchange Online is Microsoft's cloud-based email, calendar, and contact hosting service that is part of the Microsoft 365 suite, allowing organizations to manage corporate messaging without maintaining their own mail servers.

Full entry →
Full Exchange Online glossary entry →

Term 286

Exchange role

An Exchange role is a specific set of server functions within Microsoft Exchange Server that handles a portion of the email messaging system, such as mailbox management, client access, or message transport.

Full entry →
Full Exchange role glossary entry →

Term 287

Exposure

Exposure is the measure of potential loss or harm to an organization's assets when a vulnerability is exploited by a threat, often expressed as the window of time or degree of access an attacker has.

Full entry →
Full Exposure glossary entry →

Term 288

Exposure factor

Exposure factor is the percentage of an asset's value that would be lost if a specific threat event occurs, used to calculate the single loss expectancy in risk analysis.

Full entry →
Full Exposure factor glossary entry →

Term 289

Extended ACL

An extended access control list (ACL) is a set of rules that filters network traffic based on source and destination IP addresses, protocol type, and port numbers, providing more granular control than a standard ACL.

Full entry →
Full Extended ACL glossary entry →

Term 290

Extended Detection and Response

Extended Detection and Response (XDR) is a security approach that collects and analyzes data from multiple sources like endpoints, networks, servers, and email to detect and stop threats more effectively.

Full entry →
Full Extended Detection and Response glossary entry →

Term 291

Extensible Authentication Protocol

Extensible Authentication Protocol (EAP) is a flexible authentication framework used in network access control, particularly in wireless and point-to-point connections, that supports multiple authentication methods without requiring changes to the underlying protocol.

Full entry →
Full Extensible Authentication Protocol glossary entry →

Term 292

Extensible Authentication Protocol over LAN

EAP over LAN (EAPoL) is a protocol that carries authentication messages between a device and a network access point before the device is allowed to connect to the network.

Full entry →
Full Extensible Authentication Protocol over LAN glossary entry →

Term 293

External identity

External identity refers to a digital identity that originates from a source outside your organization, such as a social media account or another company's directory, and is used to grant access to your applications or resources.

Full entry →
Full External identity glossary entry →

Term 294

Facial Recognition Technology

Facial recognition technology is a biometric security method that identifies or verifies a person by analyzing and comparing patterns of their facial features.

Full entry →
Full Facial Recognition Technology glossary entry →

Term 295

fail2ban

Fail2ban is a security tool that monitors log files for repeated authentication failures and temporarily bans the offending IP addresses using firewall rules.

Full entry →
Full fail2ban glossary entry →

Term 296

Failover

Failover is the automatic switching to a backup system when the primary system fails, ensuring continuous operation and minimal downtime.

Full entry →
Full Failover glossary entry →

Term 297

Failover routing

Failover routing is a network design that automatically redirects traffic to a backup path when the primary path fails, keeping services available.

Full entry →
Full Failover routing glossary entry →

Term 298

False negative

A false negative is when a security tool fails to detect a real threat, mistakenly treating it as harmless.

Full entry →
Full False negative glossary entry →

Term 299

False positive

A false positive is an alert or result that indicates a security threat or vulnerability exists when in fact there is no real issue.

Full entry →
Full False positive glossary entry →

Term 300

Feature update policy

A feature update policy is a set of rules that controls how and when new features and capabilities are deployed to software, ensuring consistency, security, and minimal disruption across an organization.

Full entry →
Full Feature update policy glossary entry →
← Part 9Part 11 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10currentPart 11Part 12Part 13Part 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26Part 27Part 28Part 29

Study resources

All SC-900 Acronyms→SC-900 Practice Tests→SC-900 Study Guide→Exam Domains→