Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Someone whose hacking is primarily targeted at the phone systems






2. When security is managed at many different points in an organization






3. The frequency with which a threat is expected to occur.






4. To not be legal (as far as law is concerned) or ethical






5. Motivational tools for employee awareness to get them to report security flaws in an organization






6. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






7. Signal degradation as it moves farther from its source






8. A technique to eliminate data redundancy.






9. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






10. Accepting all packets






11. Providing verification to a system






12. Something used to put out a fire. Can be in Classes A - B - C - D - or H






13. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






14. A gas used in fire suppression. Not human safe. Chemical reaction.






15. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






16. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






17. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






18. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






19. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






20. A military standard defining controls for emanation protection






21. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






22. A network entity that provides a single entrance / exit point to the Internet.






23. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






24. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






25. The practice of obtaining confidential information by manipulation of legitimate users.






26. Distributed Component Object Model. Microsoft's implementation of CORBA.






27. Software designed to infiltrate or damage a computer system - without the owner's consent.






28. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






29. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






30. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






31. Network device that operates at layer 1. Concentrator.






32. Good for distance - longer than 100M






33. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






34. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






35. The process of reducing your risks to an acceptable level based on your risk analysis






36. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






37. Public Key Infrastructure






38. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






39. More discriminate than dogs






40. A war dialing utility






41. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






42. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






43. Internet Relay Chat.






44. Must be in place for you to use a biometric system






45. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






46. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






47. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






48. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






49. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






50. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests