Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Random Number Base






2. Distributed Component Object Model. Microsoft's implementation of CORBA.






3. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






4. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






5. When two or more processes are linked and execute multiple programs simultaneously






6. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






7. Someone who hacks






8. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






9. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






10. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






11. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






12. A network that uses standard protocols (TCP/IP)






13. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






14. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






15. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






16. Scanning the airwaves for radio transmissions






17. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






18. The process of reducing your risks to an acceptable level based on your risk analysis






19. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






20. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






21. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






22. In a separation of duties model - this is where code is checked in and out






23. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






24. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






25. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






26. Common Object Request Broker Architecture.






27. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






28. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






29. Reasonable doubt






30. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






31. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






32. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






33. Closed Circuit Television






34. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






35. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






36. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






37. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






38. The ability to have more than one thread associated with a process






39. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






40. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






41. Transferring your risk to someone else - typically an insurance company






42. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






43. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






44. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






45. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






46. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






47. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






48. Assuming someone's session who is unaware of what you are doing






49. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






50. These viruses usually infect both boot records and files.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests