In Nessus, the collection of plugin groups and their configurations used during a scan is referred to as what?

The main idea here is how Nessus stores and applies the settings that control what gets scanned. All the plugin choices (including which plugin families to enable or disable) plus other scan options like port ranges, credentials, performance settings, and scan targets are saved together in a single unit called a Scan Policy. When you start a scan, you select this policy, and Nessus uses it to determine which plugins to run and how to run the scan. That makes the scan policy the best fit for the described concept. A Scan Profile isn’t the standard Nessus term for the running configuration, and while a Policy Bundle or a Policy Set can group multiple policies for sharing or organization, they aren’t the specific configuration applied to a single scan during execution.