Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Security+ SY0-701/Acronyms/Part 16

Acronym study

SY0-701 Acronyms — Part 16 of 21

Terms 451–480 of 610 SY0-701 acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.

← Part 15Part 16 of 21Part 17 →

Term 451

RTO

Recovery Time Objective is the maximum acceptable time to restore a system or data after a disaster, defining how quickly normal operations must resume.

Full entry →
Full RTO glossary entry →

Term 452

Rule-based access control

Rule-based access control (RuBAC) is a method of managing access to resources by evaluating a set of predefined rules that combine conditions such as time, location, device, and user attributes to allow or deny access.

Full entry →
Full Rule-based access control glossary entry →

Term 453

Rules of engagement

Rules of engagement are the documented guidelines that define the scope, boundaries, and authorized actions a security tester may take during a penetration test or security assessment.

Full entry →
Full Rules of engagement glossary entry →

Term 454

Runbook

A runbook is a documented set of step-by-step procedures that IT teams use to handle routine operations, incidents, and maintenance tasks consistently and efficiently.

Full entry →
Full Runbook glossary entry →

Term 455

S3 bucket policy

An S3 bucket policy is a JSON-based resource-based access control document that defines who can access an Amazon S3 bucket and its objects, and what actions they can perform.

Full entry →
Full S3 bucket policy glossary entry →

Term 456

S3 lifecycle policy

An S3 lifecycle policy is a set of rules that automatically transitions objects between storage classes or deletes them after a specified time to optimize cost and manage data lifecycles.

Full entry →
Full S3 lifecycle policy glossary entry →

Term 457

Salting

Salting is the process of adding a unique, random string of data to each password before it is hashed, so that even identical passwords produce completely different hash values.

Full entry →
Full Salting glossary entry →

Term 458

SAML

Security Assertion Markup Language (SAML) is an open standard that allows one system to securely tell another system that a user is who they say they are, without sharing the user's password.

Full entry →
Full SAML glossary entry →

Term 459

SASE

SASE (Secure Access Service Edge) is a network architecture that combines wide-area networking (WAN) and security services into a single, cloud-delivered platform.

Full entry →
Full SASE glossary entry →

Term 460

SCADA

SCADA is an industrial control system that monitors and controls infrastructure processes like power grids, water treatment, and pipelines.

Full entry →
Full SCADA glossary entry →

Term 461

Screened subnet

A screened subnet is a network architecture that places a buffer network, often called a DMZ, between an internal trusted network and an external untrusted network, using two firewalls to control traffic.

Full entry →
Full Screened subnet glossary entry →

Term 462

Secure Access Service Edge

Secure Access Service Edge (SASE) is a cloud-based security framework that combines network connectivity and security services into a single, unified service to protect users and devices wherever they are.

Full entry →
Full Secure Access Service Edge glossary entry →

Term 463

Secure boot

Secure Boot is a security feature that ensures a device starts up using only trusted software that is digitally signed by the manufacturer.

Full entry →
Full Secure boot glossary entry →

Term 464

Secure by design

Secure by design means building security into a system from the very beginning of its creation, instead of trying to add it later as an afterthought.

Full entry →
Full Secure by design glossary entry →

Term 465

Secure defaults

Secure defaults means that a system or software is shipped with the most secure settings already enabled, so the user does not have to harden the system themselves.

Full entry →
Full Secure defaults glossary entry →

Term 466

Secure Shell

Secure Shell (SSH) is a network protocol that provides a secure, encrypted way to access and manage remote computers over an unsecured network.

Full entry →
Full Secure Shell glossary entry →

Term 467

Secure Sockets Layer

Secure Sockets Layer is a cryptographic protocol that encrypts data transmitted between a web browser and a server to protect it from eavesdropping and tampering.

Full entry →
Full Secure Sockets Layer glossary entry →

Term 468

Secure web gateway

A secure web gateway (SWG) is a security solution that protects users and organizations from web-based threats by filtering internet traffic, enforcing security policies, and blocking access to malicious or unauthorized websites.

Full entry →
Full Secure web gateway glossary entry →

Term 469

Security

Security in IT is the practice of protecting systems, networks, and data from unauthorized access, damage, or theft.

Full entry →
Full Security glossary entry →

Term 470

Security Assertion Markup Language

Security Assertion Markup Language is an open standard that allows different computer systems to securely share authentication and authorization information about a user.

Full entry →
Full Security Assertion Markup Language glossary entry →

Term 471

Security assessment

A security assessment is a systematic evaluation of an organization’s systems, networks, and applications to identify vulnerabilities, threats, and risks, and to recommend improvements.

Full entry →
Full Security assessment glossary entry →

Term 472

Security awareness

Security awareness is the ongoing practice of educating people within an organization about cybersecurity risks, safe behaviors, and their individual responsibilities to protect information assets.

Full entry →
Full Security awareness glossary entry →

Term 473

Security baseline

A security baseline is a documented minimum set of security configurations and settings that must be applied to a system, device, or network to ensure a known secure starting point.

Full entry →
Full Security baseline glossary entry →

Term 474

Security Command Center

Security Command Center is a centralized cloud security management platform that helps organizations detect, investigate, and respond to threats across their cloud infrastructure.

Full entry →
Full Security Command Center glossary entry →

Term 475

Security control

A security control is a safeguard or countermeasure designed to protect the confidentiality, integrity, and availability of information systems and data.

Full entry →
Full Security control glossary entry →

Term 476

Security defaults

Security defaults is a set of basic security settings in Microsoft Entra ID that automatically enables common protections like multifactor authentication for all users in a tenant.

Full entry →
Full Security defaults glossary entry →

Term 477

Security governance

Security governance is the framework of rules, policies, and processes that an organization uses to align its cybersecurity activities with its business goals and legal obligations.

Full entry →
Full Security governance glossary entry →

Term 478

Security group

A security group is a virtual firewall that controls inbound and outbound traffic to AWS resources, such as EC2 instances, based on defined rules.

Full entry →
Full Security group glossary entry →

Term 479

Security Hub

Security Hub is a cloud security posture management service that aggregates and prioritizes security alerts and compliance checks from multiple AWS services into a single place.

Full entry →
Full Security Hub glossary entry →

Term 480

Security Information and Event Management

A system that collects, analyzes, and reports on security data from across an IT environment to detect and respond to threats.

Full entry →
Full Security Information and Event Management glossary entry →
← Part 15Part 17 →

Acronym parts

Part 1Part 2Part 3Part 4Part 5Part 6Part 7Part 8Part 9Part 10Part 11Part 12Part 13Part 14Part 15Part 16currentPart 17Part 18Part 19Part 20Part 21

Study resources

All SY0-701 Acronyms→SY0-701 Practice Tests→SY0-701 Study Guide→Exam Domains→