Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network devices that operate at layer 3. This device separates broadcast domains.






2. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






3. Accepting all packets






4. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






5. Software designed to infiltrate or damage a computer system - without the owner's consent.






6. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






7. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






8. Jumping into dumpsters to retrieve information about someone/something/a company






9. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






10. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






11. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






12. Someone who hacks






13. The person that determines the permissions to files. The data owner.






14. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






15. The real cost of acquiring/maintaining/developing a system






16. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






17. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






18. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






19. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






20. Random Number Base






21. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






22. Entails planning and system actions to ensure that a project is following good quality management practices






23. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






24. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






25. In the broadest sense - a fraud is a deception made for personal gain






26. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






27. Using ICMP to diagram a network






28. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






29. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






30. Personal - Network - and Application






31. Relating to quality or kind. This assigns a level of importance to something.






32. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






33. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






34. Reasonable doubt






35. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






36. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






37. CISSPs subscribe to a code of ethics for building up the security profession






38. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






39. Distributed Component Object Model. Microsoft's implementation of CORBA.






40. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






41. Encompasses Risk Analysis and Risk Mitigation






42. Must be in place for you to use a biometric system






43. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






44. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






45. Chief Information Officer






46. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






47. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






48. A mechanism by which connections to TCP services on a system are allowed or disallowed






49. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






50. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests