Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






2. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






3. Also civil law






4. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






5. Closed Circuit Television






6. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






7. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






8. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






9. Be at least 8 foot tall and have three strands of barbed wire.






10. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






11. Also known as a tunnel)






12. A network that mimics the brain






13. A sandbox. Emulates an operating environment.






14. The ability to have more than one thread associated with a process






15. Same as a block cipher except that it is applied to a data stream one bit at a time






16. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






17. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






18. Access control method for database based on the content of the database to provide granular access






19. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






20. Accepting all packets






21. The intercepting of conversations by unintended recipients






22. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






23. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






24. Software designed to infiltrate or damage a computer system - without the owner's consent.






25. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






26. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






27. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






28. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






29. Common Object Request Broker Architecture.






30. A hidden communications channel on a system that allows for the bypassing of the system security policy






31. A site that has some equipment in place - and can be up within days






32. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






33. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






34. Data storage formats and equipment that allow the stored data to be accessed in any order






35. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






36. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






37. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






38. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






39. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






40. An instance of a scripting language






41. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






42. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






43. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






44. After implementing countermeasures - accepting risk for the amount of vulnerability left over






45. Continuation of Operations Plan






46. Scanning the airwaves for radio transmissions






47. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






48. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






49. Occupant Emergency Plan - Employees are the most important!






50. A gas used in fire suppression. Not human safe. Chemical reaction.






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests