Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Microsoft Security, Compliance, and Identity Fundamentals SC-900/Acronyms/Part 13

Acronym study

SC-900 Acronyms — Part 13 of 29

Terms 361–390 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 12Part 13 of 29Part 14 →

Term 361

Incident classification

Incident classification is the process of categorizing security incidents based on type, severity, and impact to ensure appropriate response and resource allocation.

Full entry →
Full Incident classification glossary entry →

Term 362

Incident documentation

Incident documentation is the practice of recording every detail of a cybersecurity or IT incident, from detection to resolution, to ensure accurate analysis, legal compliance, and process improvement.

Full entry →
Full Incident documentation glossary entry →

Term 363

Incident management

Incident management is the process of identifying, logging, prioritizing, and resolving IT service disruptions to restore normal operations as quickly as possible with minimal business impact.

Full entry →
Full Incident management glossary entry →

Term 364

Incident response

Incident response is the structured approach an organization uses to identify, contain, and recover from cybersecurity incidents like data breaches or ransomware attacks.

Full entry →
Full Incident response glossary entry →

Term 365

Incident response lifecycle

The Incident response lifecycle is the structured process organizations follow to detect, contain, eradicate, and recover from cybersecurity incidents while learning from each event to improve future defenses.

Full entry →
Full Incident response lifecycle glossary entry →

Term 366

Incident severity

Incident severity is a classification used in IT incident management to describe the level of impact and urgency of an event, guiding response priority.

Full entry →
Full Incident severity glossary entry →

Term 367

Indicator of attack

An indicator of attack (IOA) is a sign that an attack is actively occurring or about to occur, focusing on attacker behavior and intent rather than just the artifacts left behind.

Full entry →
Full Indicator of attack glossary entry →

Term 368

Indicator of compromise

An indicator of compromise is a piece of digital evidence—such as a suspicious file hash, IP address, or unusual network pattern—that suggests a system may have been breached by an attacker.

Full entry →
Full Indicator of compromise glossary entry →

Term 369

Industrial Control System

An Industrial Control System (ICS) is a network of computers and devices that monitors and controls industrial machinery, such as power plants, water treatment facilities, and assembly lines.

Full entry →
Full Industrial Control System glossary entry →

Term 370

Industrial Internet of Things

The Industrial Internet of Things (IIoT) is a network of physical devices, machines, and sensors in industrial settings that collect and exchange data over the internet to improve efficiency and safety.

Full entry →
Full Industrial Internet of Things glossary entry →

Term 371

Information barriers

Information barriers are policies and technical controls that prevent the unauthorized flow of sensitive information between different parts of an organization to avoid conflicts of interest and ensure compliance.

Full entry →
Full Information barriers glossary entry →

Term 372

Information protection

Information protection refers to the policies, procedures, and technologies used to safeguard data from unauthorized access, disclosure, alteration, or destruction.

Full entry →
Full Information protection glossary entry →

Term 373

Information security management

Information security management is the systematic process of developing, implementing, monitoring, and improving policies, procedures, and controls to protect an organization's information assets from threats and ensure confidentiality, integrity, and availability.

Full entry →
Full Information security management glossary entry →

Term 374

Infrastructure as code

Infrastructure as code (IaC) is the practice of managing and provisioning IT infrastructure through machine-readable definition files, rather than through physical hardware configuration or interactive configuration tools.

Full entry →
Full Infrastructure as code glossary entry →

Term 375

Infrastructure as code scanning

Infrastructure as code scanning is the automated process of checking infrastructure configuration files for security misconfigurations, compliance violations, and potential vulnerabilities before deployment.

Full entry →
Full Infrastructure as code scanning glossary entry →

Term 376

Inherent risk

Inherent risk is the level of risk that exists in a process or system before any security controls or mitigations are applied.

Full entry →
Full Inherent risk glossary entry →

Term 377

Initiative

An initiative is a formal, structured effort or project undertaken by an organization to achieve a specific strategic goal, often involving changes to IT systems, policies, or processes.

Full entry →
Full Initiative glossary entry →

Term 378

Insecure deserialization

An application security vulnerability that occurs when untrusted user data is deserialized without proper validation, potentially allowing an attacker to manipulate the application or execute malicious code.

Full entry →
Full Insecure deserialization glossary entry →

Term 379

Inside global

An inside global is the public, routable IP address that represents an internal private host when it communicates with devices on the internet.

Full entry →
Full Inside global glossary entry →

Term 380

Inside local

Inside local is the IP address assigned to a device on an internal private network before any Network Address Translation (NAT) is applied.

Full entry →
Full Inside local glossary entry →

Term 381

Insider Risk Management

Insider Risk Management is the practice of identifying, assessing, and mitigating threats that originate from within an organization, such as employees, contractors, or partners who have legitimate access to systems and data.

Full entry →
Full Insider Risk Management glossary entry →

Term 382

Inspector

An inspector is a tool or role that checks systems, configurations, or data against a set of rules to ensure they are secure and compliant.

Full entry →
Full Inspector glossary entry →

Term 383

Integrity

Integrity is the assurance that data has not been altered or tampered with in an unauthorized way, preserving its accuracy and consistency from source to destination.

Full entry →
Full Integrity glossary entry →

Term 384

Interface endpoint

An interface endpoint is a private IP address inside a Virtual Private Cloud that provides direct, secure access to supported AWS services without traversing the public internet.

Full entry →
Full Interface endpoint glossary entry →

Term 385

Internet gateway

An Internet gateway is a cloud networking component that provides a connection between a virtual private cloud (VPC) and the public Internet, enabling resources in the VPC to send and receive traffic to and from the Internet.

Full entry →
Full Internet gateway glossary entry →

Term 386

Internet Key Exchange

Internet Key Exchange (IKE) is a protocol used to set up a secure, encrypted connection between two devices by automatically negotiating and exchanging encryption keys over an untrusted network like the internet.

Full entry →
Full Internet Key Exchange glossary entry →

Term 387

Internet of Things

The Internet of Things (IoT) is a network of physical devices, vehicles, appliances, and other objects embedded with sensors and software that connect to the internet to collect and exchange data.

Full entry →
Full Internet of Things glossary entry →

Term 388

Internet Protocol Security

Internet Protocol Security (IPsec) is a suite of protocols that encrypts and authenticates data packets sent over IP networks to ensure private and secure communication.

Full entry →
Full Internet Protocol Security glossary entry →

Term 389

Intrusion Detection System

An Intrusion Detection System (IDS) is a security tool that monitors network traffic or system activities for malicious actions or policy violations and sends alerts to administrators.

Full entry →
Full Intrusion Detection System glossary entry →

Term 390

Intrusion Prevention System

An Intrusion Prevention System (IPS) is a network security tool that monitors network traffic and actively blocks threats like malware and cyberattacks in real time.

Full entry →
Full Intrusion Prevention System glossary entry →
← Part 12Part 14 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13currentPart 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26Part 27Part 28Part 29

Study resources

All SC-900 Acronyms→SC-900 Practice Tests→SC-900 Study Guide→Exam Domains→