Term 481
NAT Gateway
A NAT Gateway is a managed AWS service that allows instances in a private subnet to connect to the internet or other AWS services while preventing the internet from initiating connections back to those instances.
Acronym study
Terms 481–510 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 481
A NAT Gateway is a managed AWS service that allows instances in a private subnet to connect to the internet or other AWS services while preventing the internet from initiating connections back to those instances.
Term 482
A NAT instance is a virtual machine that forwards traffic from a private subnet to the internet, performing Network Address Translation (NAT) so that private instances can reach the internet without exposing them to inbound connections.
Term 483
NAT overload is a form of network address translation that allows many devices on a private network to share a single public IP address by using unique port numbers to track each connection.
Term 484
A legally binding contract that restricts the sharing of confidential information with unauthorized parties.
Term 485
Need to know is a security principle that restricts access to information or resources only to individuals who require that access to perform their job duties.
Term 486
NetFlow is a network protocol developed by Cisco that collects and monitors IP traffic data to provide visibility into network usage, performance, and security.
Term 487
A Network Access Analyzer is a security tool that monitors and analyzes who and what is trying to connect to a network, checking for unauthorized access and policy violations.
Term 488
Network Access Control is a security solution that enforces policies to control which devices and users can connect to a network, ensuring only authorized and compliant endpoints gain access.
Term 489
A Network ACL is a virtual firewall that controls inbound and outbound traffic at the subnet level in a cloud network, acting as a stateless packet filter.
Term 490
Network monitoring is the practice of continuously observing a computer network for issues like slow performance, failures, or security threats to keep it running smoothly and reliably.
Term 491
A network perimeter is the boundary between an organization's internal trusted network and external untrusted networks like the internet, where security controls are deployed to protect internal assets.
Term 492
Network security is the practice of protecting a computer network from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, ensuring the confidentiality, integrity, and availability of data and resources.
Term 493
A Network Security Group is a set of rules that controls inbound and outbound traffic to Azure resources like virtual machines and subnets.
Term 494
Network segmentation is the practice of dividing a computer network into smaller, isolated parts to improve performance, contain security threats, and simplify management.
Term 495
Network telemetry is the automated process of collecting, transmitting, and analyzing data from network devices to monitor performance, detect issues, and improve security in real time.
Term 496
Network Time Security (NTS) is a protocol that secures time synchronization between devices by authenticating time servers and encrypting time data.
Term 497
nftables is a modern Linux kernel packet classification framework that replaces the older iptables, ip6tables, arptables, and ebtables tools for configuring network packet filtering, NAT, and firewall rules.
Term 498
The NIST Cybersecurity Framework is a set of voluntary guidelines, standards, and best practices created by the National Institute of Standards and Technology to help organizations manage and reduce cybersecurity risk.
Term 499
Non-repudiation is a security principle that ensures a party in a digital transaction cannot deny their involvement or the authenticity of their digital signature.
Term 500
Network Time Protocol is a networking protocol used to synchronize the clocks of computers and devices over a network to a common time reference.
Term 501
A numbered ACL is an access control list on a router or firewall that uses a number to identify the list and define rules for permitting or denying traffic based on source and destination IP addresses, ports, and protocols.
Term 502
OAuth is an open standard for access delegation that allows users to grant third-party applications limited access to their resources without sharing their credentials.
Term 503
OAuth abuse is the exploitation of the OAuth authorization framework by attackers to gain unauthorized access to user data or systems by manipulating tokens, redirects, or consent processes.
Term 504
Office 365 is a cloud-based subscription service from Microsoft that provides access to productivity applications like Word, Excel, and Outlook, along with other cloud services, for a monthly or annual fee.
Term 505
OIDC federation is a method that lets users log into multiple applications or services using a single identity from a trusted provider, based on the OpenID Connect protocol.
Term 506
An On-Demand Instance is a virtual server you can rent by the hour or second with no long-term commitment, paying only for what you use.
Term 507
A one-time password is a temporary, single-use code that authenticates a user for one login session or transaction.
Term 508
OneDrive for Business is a cloud-based file storage and synchronization service from Microsoft, part of Microsoft 365, that lets users store, access, and share work files securely from anywhere.
Term 509
OpenID Connect is an identity layer on top of OAuth 2.0 that allows applications to verify a user's identity and obtain basic profile information in a standardized way.
Term 510
OpenSSH is a suite of tools that lets you securely connect to and manage remote computers over an unsecured network like the internet.