Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When one key of a two-key pair has more encryption pattern than the other






2. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






3. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






4. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






5. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






6. Occupant Emergency Plan - Employees are the most important!






7. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






8. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






9. A mechanism by which connections to TCP services on a system are allowed or disallowed






10. Animals with teeth. Not as discriminate as guards






11. Also civil law






12. Involving the measurement of quantity or amount.






13. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






14. Motivational tools for employee awareness to get them to report security flaws in an organization






15. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






16. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






17. Component Object Model.






18. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






19. Network device that operates at layer 1. Concentrator.






20. When security is managed at a central point in an organization






21. Someone who hacks






22. Defines the objects and their attributes that exist in a database.






23. Providing verification to a system






24. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






25. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






26. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






27. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






28. Setting up the user to access the honeypot for reasons other than the intent to harm.






29. The process of reducing your risks to an acceptable level based on your risk analysis






30. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






31. More discriminate than dogs






32. Dynamic Host Configuration Protocol.






33. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






34. This is an open international standard for applications that use wireless communications.






35. To not be legal (as far as law is concerned) or ethical






36. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






37. A gas used in fire suppression. Not human safe. Chemical reaction.






38. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






39. Method of authenticating to a system. Something that you supply and something you know.






40. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






41. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






42. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






43. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






44. A sandbox. Emulates an operating environment.






45. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






46. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






47. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






48. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






49. Internet Architecture Board. This board is responsible for protecting the Internet.






50. Signal degradation as it moves farther from its source






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests