Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






2. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






3. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






4. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






5. Accepting all packets






6. Common Object Request Broker Architecture.






7. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






8. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






9. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






10. Transferring your risk to someone else - typically an insurance company






11. Must be in place for you to use a biometric system






12. When two or more processes are linked and execute multiple programs simultaneously






13. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






14. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






15. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






16. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






17. Chief Executive Officer






18. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






19. 'If you cant see it - its secure'. Bad policy to live by.






20. Disclosure - Alteration - Destruction. These things break the CIA triad






21. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






22. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






23. Computer Incident Response Team






24. A sandbox. Emulates an operating environment.






25. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






26. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






27. Threat to physical security.






28. A network entity that provides a single entrance / exit point to the Internet.






29. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






30. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






31. Also known as a tunnel)






32. These can be used to verify that public keys belong to certain individuals.






33. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






34. Rolling command center with UPS - satellite - uplink - power - etc.






35. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






36. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






37. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






38. Object Linking and Embedding. The ability of an object to be embedded into another object.






39. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






40. Distributed Component Object Model. Microsoft's implementation of CORBA.






41. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






42. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






43. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






44. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






45. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






46. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






47. Internet Architecture Board. This board is responsible for protecting the Internet.






48. Same as a block cipher except that it is applied to a data stream one bit at a time






49. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






50. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests