Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Microsoft Security, Compliance, and Identity Fundamentals SC-900/Acronyms/Part 15

Acronym study

SC-900 Acronyms — Part 15 of 29

Terms 421–450 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 14Part 15 of 29Part 16 →

Term 421

Least privilege

Least privilege is a security principle that means giving users, systems, or programs only the minimum permissions they need to do their job and nothing more.

Full entry →
Full Least privilege glossary entry →

Term 422

Legal requirement

A legal requirement is a mandatory rule or standard set by law or regulation that an organization must follow, often concerning data protection, privacy, or security practices.

Full entry →
Full Legal requirement glossary entry →

Term 423

Lessons learned

Lessons learned is the process of capturing, analyzing, and documenting knowledge gained from past incidents or projects to improve future security operations and prevent recurrence of problems.

Full entry →
Full Lessons learned glossary entry →

Term 424

License assignment

License assignment is the process of linking a purchased software license to a specific user or device so that they are authorized to use the software.

Full entry →
Full License assignment glossary entry →

Term 425

Lightweight Directory Access Protocol

Lightweight Directory Access Protocol (LDAP) is a standard protocol used to access and manage directory information over a network, such as user credentials and permissions.

Full entry →
Full Lightweight Directory Access Protocol glossary entry →

Term 426

Line-of-business app

A line-of-business app is a software application that is essential for running a specific core business process, such as accounting, inventory management, or customer relationship management.

Full entry →
Full Line-of-business app glossary entry →

Term 427

LLDP

LLDP (Link Layer Discovery Protocol) is a vendor-neutral protocol used by network devices to advertise their identity, capabilities, and neighbors on a local Ethernet network.

Full entry →
Full LLDP glossary entry →

Term 428

Log management

Log management is the process of collecting, storing, analyzing, and disposing of log data generated by computer systems, networks, and applications to ensure security, compliance, and operational health.

Full entry →
Full Log management glossary entry →

Term 429

Log retention

Log retention is the practice of storing log data for a defined period to meet security, compliance, and operational needs.

Full entry →
Full Log retention glossary entry →

Term 430

Log source

A log source is any system, device, or application that generates and records event data, such as timestamps and activities, for monitoring and security analysis.

Full entry →
Full Log source glossary entry →

Term 431

MAC

MAC (Media Access Control) is a unique hardware identifier assigned to network interfaces for communication on a local network segment.

Full entry →
Full MAC glossary entry →

Term 432

MAC filtering

MAC filtering is a security practice that allows or denies network access to devices based on their unique Media Access Control (MAC) address.

Full entry →
Full MAC filtering glossary entry →

Term 433

Macie

Amazon Macie is a fully managed data security and privacy service that uses machine learning and pattern matching to discover, classify, and protect sensitive data stored in Amazon Web Services (AWS).

Full entry →
Full Macie glossary entry →

Term 434

Malware

Malware is any software intentionally designed to cause damage, disrupt operations, steal data, or gain unauthorized access to computer systems.

Full entry →
Full Malware glossary entry →

Term 435

Malware analysis

Malware analysis is the process of examining malicious software to understand its behavior, origin, and impact, enabling defenders to detect, contain, and prevent future attacks.

Full entry →
Full Malware analysis glossary entry →

Term 436

Malware symptoms

Malware symptoms are the observable signs on a computer or network that indicate a malicious program may have infected the system, such as slow performance, unexpected pop-ups, or unusual network activity.

Full entry →
Full Malware symptoms glossary entry →

Term 437

MAM

Mobile Application Management (MAM) is a set of technologies and policies that allow IT administrators to manage and secure corporate applications on mobile devices without managing the entire device.

Full entry →
Full MAM glossary entry →

Term 438

Man-in-the-middle attack

A cyberattack where an attacker secretly intercepts and potentially alters communication between two parties who believe they are directly communicating with each other.

Full entry →
Full Man-in-the-middle attack glossary entry →

Term 439

Managed Detection and Response

A cybersecurity service that continuously monitors an organization's network and systems to detect threats and respond to them quickly.

Full entry →
Full Managed Detection and Response glossary entry →

Term 440

Managed identity

A managed identity is an automatically managed service principal in Azure that allows your code to authenticate to any service that supports Azure AD authentication without storing credentials.

Full entry →
Full Managed identity glossary entry →

Term 441

Management group

A Management group is a container in Microsoft Azure that helps you organize and manage access, policies, and compliance across multiple Azure subscriptions.

Full entry →
Full Management group glossary entry →

Term 442

Mandatory vacation

Mandatory vacation is a security control that requires employees to take a consecutive period of leave so that any unauthorized activities or irregularities in their work can be detected by others.

Full entry →
Full Mandatory vacation glossary entry →

Term 443

Maximum tolerable downtime

Maximum tolerable downtime (MTD) is the total amount of time a business process or system can be unavailable before causing irreparable harm to the organization.

Full entry →
Full Maximum tolerable downtime glossary entry →

Term 444

MDM

MDM stands for Mobile Device Management, a technology that allows IT administrators to securely manage, monitor, and enforce policies on mobile devices like smartphones and tablets from a central console.

Full entry →
Full MDM glossary entry →

Term 445

Meeting policy

A meeting policy is a set of rules and configurations that control how online meetings are created, joined, and conducted within a collaboration platform.

Full entry →
Full Meeting policy glossary entry →

Term 446

Memorandum of Understanding

A Memorandum of Understanding (MOU) is a formal document that outlines the general terms and intentions of an agreement between two or more parties before a legally binding contract is signed.

Full entry →
Full Memorandum of Understanding glossary entry →

Term 447

Message center

A centralized dashboard within a software platform that displays system notifications, alerts, and messages about account status, security events, and service updates.

Full entry →
Full Message center glossary entry →

Term 448

Messaging policy

A messaging policy is a set of rules that govern how an organization's email and instant messaging systems handle, route, secure, and retain messages to ensure compliance, security, and operational efficiency.

Full entry →
Full Messaging policy glossary entry →

Term 449

Metadata

Metadata is data that describes other data, providing context such as when a file was created, who created it, or its size.

Full entry →
Full Metadata glossary entry →

Term 450

MFA

Multi-Factor Authentication (MFA) is a security method that requires a user to verify their identity using two or more different types of evidence, such as a password plus a code from a phone, before they can access an account or system.

Full entry →
Full MFA glossary entry →
← Part 14Part 16 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15currentPart 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26Part 27Part 28Part 29

Study resources

All SC-900 Acronyms→SC-900 Practice Tests→SC-900 Study Guide→Exam Domains→