Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In cryptography - it is a block cipher






2. Rolling command center with UPS - satellite - uplink - power - etc.






3. Encompasses Risk Analysis and Risk Mitigation






4. Making individuals accountable for their actions on a system typically through the use of auditing






5. Using ICMP to diagram a network






6. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






7. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






8. After implementing countermeasures - accepting risk for the amount of vulnerability left over






9. A network that uses standard protocols (TCP/IP)






10. This is an open international standard for applications that use wireless communications.






11. Random Number Base






12. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






13. Emanations from one wire coupling with another wire






14. Involving the measurement of quantity or amount.






15. The real cost of acquiring/maintaining/developing a system






16. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






17. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






18. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






19. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






20. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






21. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






22. Accepting all packets






23. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






24. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






25. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






26. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






27. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






28. 'If you cant see it - its secure'. Bad policy to live by.






29. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






30. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






31. A network that mimics the brain






32. The intercepting of conversations by unintended recipients






33. Threat to physical security.






34. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






35. The practice of obtaining confidential information by manipulation of legitimate users.






36. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






37. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






38. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






39. The process of reducing your risks to an acceptable level based on your risk analysis






40. A RFC standard. A mechanism for performing commands on a remote system






41. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






42. Occupant Emergency Plan - Employees are the most important!






43. Someone who hacks






44. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






45. A hidden communications channel on a system that allows for the bypassing of the system security policy






46. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






47. A gas used in fire suppression. Not human safe. Chemical reaction.






48. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






49. In a separation of duties model - this is where code is checked in and out






50. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests