Cisco Secure Access Control System (ACS or CSACS) server is Cisco’s Authentication, Authorization and Accounting (AAA) server, allowing to centralize network devices users permissions and auditing.
It supports TACACS+ (Cisco proprietary) and RADIUS (open standard, usable with non-Cisco devices) protocols. It has its own users store, which is useful for lab tests, but in real life it will most likely be connected to a Microsoft Active Directory server to centralize users credential management.
ACS is in the process of being replaced by its successor Identity Service Engine (ISE).
For some time, the two products were to be used together, with ACS handling authentication and authorization while ISE was focusing on hosts policy-compliance checking.
For CCNA-Security students, as for now only ACS is really covered by the curriculum. ISE is just mentioned from time to time so you know what it is and why it is used.