Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hidden communications channel on a system that allows for the bypassing of the system security policy






2. This is an open international standard for applications that use wireless communications.






3. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






4. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






5. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






6. A network that uses standard protocols (TCP/IP)






7. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






8. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






9. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






10. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






11. After implementing countermeasures - accepting risk for the amount of vulnerability left over






12. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






13. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






14. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






15. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






16. Basic Input/Output System






17. In a separation of duties model - this is where code is checked in and out






18. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






19. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






20. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






21. Occupant Emergency Plan - Employees are the most important!






22. Common Object Request Broker Architecture.






23. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






24. A card that holds information that must be authenticated to before it can reveal the information that it is holding






25. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






26. Scanning the airwaves for radio transmissions






27. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






28. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






29. A network that uses proprietary protocols






30. Providing verification to a system






31. Data storage formats and equipment that allow the stored data to be accessed in any order






32. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






33. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






34. The output of a hash function is a digest.






35. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






36. The frequency with which a threat is expected to occur.






37. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






38. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






39. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






40. These can be used to verify that public keys belong to certain individuals.






41. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






42. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






43. A sandbox. Emulates an operating environment.






44. Chief Executive Officer






45. Network devices that operate at layer 3. This device separates broadcast domains.






46. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






47. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






48. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






49. Same as a block cipher except that it is applied to a data stream one bit at a time






50. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests