Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When security is managed at many different points in an organization






2. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






3. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






4. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






5. A network entity that provides a single entrance / exit point to the Internet.






6. Setting up the user to access the honeypot for reasons other than the intent to harm.






7. In the broadest sense - a fraud is a deception made for personal gain






8. Someone who hacks






9. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






10. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






11. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






12. Transferring your risk to someone else - typically an insurance company






13. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






14. Same as a block cipher except that it is applied to a data stream one bit at a time






15. Internet Relay Chat.






16. Signal degradation as it moves farther from its source






17. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






18. The intercepting of conversations by unintended recipients






19. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






20. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






21. Random Number Base






22. Threat to physical security.






23. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






24. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






25. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






26. Dialing fixed sets telephone numbers looking for open modem connections to machines






27. The practice of obtaining confidential information by manipulation of legitimate users.






28. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






29. To not be legal (as far as law is concerned) or ethical






30. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






31. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






32. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






33. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






34. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






35. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






36. The real cost of acquiring/maintaining/developing a system






37. Object Linking and Embedding. The ability of an object to be embedded into another object.






38. Once authenticated - the level of access you have to a system






39. Also known as a tunnel)






40. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






41. A gas used in fire suppression. Not human safe. Chemical reaction.






42. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






43. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






44. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






45. Accepting all packets






46. Common Object Request Broker Architecture.






47. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






48. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






49. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






50. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests