Term 151
Compliance scan
A compliance scan is an automated security assessment that checks systems, networks, and applications against a defined set of regulatory or organizational standards to verify adherence to required policies.
Acronym study
Terms 151–180 of 863 SC-900 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 151
A compliance scan is an automated security assessment that checks systems, networks, and applications against a defined set of regulatory or organizational standards to verify adherence to required policies.
Term 152
Compliance state is the current status of a system, application, or device indicating whether it meets a defined set of security policies, regulatory requirements, or configuration standards.
Term 153
Conditional access is a security framework that evaluates signals like user location, device health, and risk level to grant or block access to resources in real time.
Term 154
Conditional Access integration is a security framework that evaluates signals such as user identity, location, device state, and application sensitivity to grant or block access to resources before a session is established.
Term 155
A Conditional Access policy is a set of rules in Microsoft Entra ID that automatically grants or blocks access to cloud apps based on signals like user identity, location, device health, and risk level.
Term 156
Confidentiality means keeping sensitive information secret and accessible only to authorized people or systems.
Term 157
The CIA Triad is a foundational security model that ensures data is kept secret, unaltered, and accessible when needed.
Term 158
A configuration backup is a saved copy of a device's settings, such as router interfaces, firewall rules, or switch VLANs, that can be restored if the device fails or is misconfigured.
Term 159
Configuration drift is the gradual, unplanned change in a system's configuration settings over time, causing it to deviate from its original or desired state.
Term 160
A configuration profile is a set of settings and policies that can be applied remotely to devices to enforce security, compliance, and customization rules.
Term 161
Container Analysis is the process of examining container images and running containers for security vulnerabilities, misconfigurations, and compliance issues before deployment.
Term 162
A container escape is a security exploit where an attacker breaks out of the isolated environment of a container to gain unauthorized access to the host operating system or other containers.
Term 163
Container scanning is the automated process of inspecting container images for known security vulnerabilities, misconfigurations, and compliance issues before they are deployed.
Term 164
Container security is the practice of protecting containerized applications and their underlying infrastructure from threats throughout the entire lifecycle.
Term 165
Containment is the incident response phase where security teams isolate a compromised system or network to prevent the threat from spreading further while preserving evidence.
Term 166
The Contributor role is a built-in Azure role that grants full access to manage resources within a scope but does not allow granting access to other users.
Term 167
The control plane is the part of a network that makes decisions about how data should be forwarded, defining routes and policies without actually moving the data itself.
Term 168
Copilot for Microsoft 365 is an AI assistant integrated into Microsoft 365 apps that helps users create documents, analyze data, summarize communications, and automate tasks using natural language prompts.
Term 169
A security measure that acts after an incident to limit damage, restore operations, and prevent recurrence.
Term 170
A correlation rule is a set of conditions in a security information and event management (SIEM) system that combines multiple log events from different sources to detect complex threats or patterns that a single event would miss.
Term 171
Cost Explorer is an AWS tool that lets you visualize, understand, and manage your AWS spending and usage over time.
Term 172
Cost Management is the practice of planning, controlling, and optimizing spending on cloud resources to stay within budget and maximize value.
Term 173
A countermeasure is any action, device, procedure, or technique that reduces a threat, vulnerability, or risk to an acceptable level.
Term 174
A covert channel is a hidden communication path that allows data to be transferred in ways that violate a system's security policy, often by using resources not intended for communication.
Term 175
Cross-site request forgery (CSRF) is a web security vulnerability that tricks a user into unknowingly performing actions on a website where they are already authenticated.
Term 176
Cross-site scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users, often to steal data or hijack sessions.
Term 177
Cross-Site Request Forgery is an attack that tricks a user into performing an unwanted action on a web application where they are currently authenticated.
Term 178
A custom domain is a personalized internet address (like contoso.com) that you can use with cloud services instead of the default domain provided by the service provider.
Term 179
Customer Lockbox is a Microsoft 365 service that gives customers explicit control over granting Microsoft support engineers temporary access to their tenant data for troubleshooting and issue resolution.
Term 180
Discretionary Access Control is a security model where the owner of a resource decides who can access it and what permissions they have.