Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Microsoft Security, Compliance, and Identity Fundamentals SC-900/Acronyms/Part 4

Acronym study

SC-900 Acronyms — Part 4 of 29

Terms 91–120 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 3Part 4 of 29Part 5 →

Term 91

BCP

BCP is a proactive process that creates a framework to ensure critical business functions continue during and after a disruptive event.

Full entry →
Full BCP glossary entry →

Term 92

Bell-LaPadula

A formal security model that prevents users from reading information at a higher classification level than their own and from writing information down to a lower classification level.

Full entry →
Full Bell-LaPadula glossary entry →

Term 93

BeyondCorp

BeyondCorp is a zero-trust security model developed by Google that shifts access control from the network perimeter to individual users and devices, enabling secure work from any location without a traditional VPN.

Full entry →
Full BeyondCorp glossary entry →

Term 94

Biba

Biba is a security model that uses a lattice-based system to enforce integrity, ensuring that data cannot be corrupted by unauthorized or less trustworthy subjects.

Full entry →
Full Biba glossary entry →

Term 95

Bicep

Bicep is a domain-specific language (DSL) used to declare Azure resources in a declarative, modular way, similar to how you write code but for infrastructure.

Full entry →
Full Bicep glossary entry →

Term 96

Billing account

A billing account in Google Cloud is a container for all the charges generated by using cloud resources, linked to a payment method and used to track and pay for your usage.

Full entry →
Full Billing account glossary entry →

Term 97

Binary Authorization

Binary Authorization is a security control that ensures only trusted container images are deployed in a Kubernetes or cloud environment.

Full entry →
Full Binary Authorization glossary entry →

Term 98

Biometrics

Biometrics is the technology that uses unique physical or behavioral traits, like fingerprints or voice patterns, to verify a person's identity.

Full entry →
Full Biometrics glossary entry →

Term 99

BitLocker

BitLocker is a full-disk encryption feature built into Windows that protects data by encrypting the entire drive so that unauthorized users cannot access files without the correct recovery key.

Full entry →
Full BitLocker glossary entry →

Term 100

BitLocker policy

A BitLocker policy is a set of configuration rules that IT administrators use to manage how BitLocker Drive Encryption is enabled, enforced, and recovered on Windows devices within an organization.

Full entry →
Full BitLocker policy glossary entry →

Term 101

Blue team

The Blue team is the group of cybersecurity professionals responsible for defending an organization's systems, networks, and data against attacks and maintaining the security posture.

Full entry →
Full Blue team glossary entry →

Term 102

Blueprint

A blueprint in IT certification is a document that outlines the topics, skills, and weighting for an exam, telling you exactly what to study.

Full entry →
Full Blueprint glossary entry →

Term 103

Branch policy

A branch policy is a set of rules and conditions enforced on a Git branch to control how code changes are proposed, reviewed, and merged, ensuring code quality and protecting critical branches.

Full entry →
Full Branch policy glossary entry →

Term 104

Brewer-Nash

Brewer-Nash is a security model that prevents conflicts of interest by restricting access to data based on the user's past access history and organizational membership.

Full entry →
Full Brewer-Nash glossary entry →

Term 105

Bring Your Own Device

A policy allowing employees to use their personal laptops, smartphones, or tablets for work tasks instead of using company-issued equipment.

Full entry →
Full Bring Your Own Device glossary entry →

Term 106

Broken access control

Broken access control is a security vulnerability that occurs when an application does not properly enforce restrictions on what authenticated users are allowed to do, allowing them to access unauthorized data or perform unauthorized actions.

Full entry →
Full Broken access control glossary entry →

Term 107

Budgets

Budgets in cloud computing are monitoring tools that allow you to set spending limits and receive alerts when your costs approach or exceed those limits.

Full entry →
Full Budgets glossary entry →

Term 108

Business continuity plan

A Business continuity plan (BCP) is a documented strategy that outlines how an organization will continue critical operations during and after a disruptive event.

Full entry →
Full Business continuity plan glossary entry →

Term 109

Business Continuity Planning

Business Continuity Planning is the process of creating a strategy to keep an organization's essential functions running during and after a major disruption.

Full entry →
Full Business Continuity Planning glossary entry →

Term 110

Business impact analysis

A systematic process used to identify and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident, or emergency.

Full entry →
Full Business impact analysis glossary entry →

Term 111

BYOD

BYOD (Bring Your Own Device) is a policy allowing employees to use their personal devices for work tasks, increasing flexibility but introducing security and management challenges.

Full entry →
Full BYOD glossary entry →

Term 112

Captive portal

A captive portal is a web page that you must see and interact with before you are allowed full access to a public or guest Wi-Fi network.

Full entry →
Full Captive portal glossary entry →

Term 113

CDP

CDP is a Cisco proprietary protocol used by network devices to share information about themselves with directly connected neighbors, helping network administrators discover and understand the topology.

Full entry →
Full CDP glossary entry →

Term 114

Certificate authority

A trusted entity that issues digital certificates to verify the identity of websites, devices, and users in secure online communications.

Full entry →
Full Certificate authority glossary entry →

Term 115

Certificate pinning

Certificate pinning is a security technique that associates a specific digital certificate or public key with a particular server, so that an app or system will only trust that exact certificate, rejecting any others even if they are issued by a trusted certificate authority.

Full entry →
Full Certificate pinning glossary entry →

Term 116

Certificate signing request

A Certificate Signing Request (CSR) is a specially formatted message sent by an applicant to a Certificate Authority (CA) to request a digital certificate that binds their public key to their identity.

Full entry →
Full Certificate signing request glossary entry →

Term 117

Certificate warning

A certificate warning is a security alert a web browser or application displays when it cannot fully trust the digital certificate presented by a website or service.

Full entry →
Full Certificate warning glossary entry →

Term 118

Change management

Change management is the structured process of planning, approving, implementing, and reviewing changes to IT systems to minimize risk and disruption.

Full entry →
Full Change management glossary entry →

Term 119

CIA triad

The CIA triad is a foundational security model that guides organizations in protecting data through confidentiality, integrity, and availability.

Full entry →
Full CIA triad glossary entry →

Term 120

Clark-Wilson

A security model that enforces data integrity by ensuring that only authorized, well-formed transactions change data, and that those changes are logged and controlled.

Full entry →
Full Clark-Wilson glossary entry →
← Part 3Part 5 →

Acronym parts

Part 1Part 2Part 3Part 4currentPart 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15Part 16Part 17Part 18Part 19Part 20Part 21Part 22Part 23Part 24Part 25Part 26Part 27Part 28Part 29

Study resources

All SC-900 Acronyms→SC-900 Practice Tests→SC-900 Study Guide→Exam Domains→