Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Data storage formats and equipment that allow the stored data to be accessed in any order






2. The process of reducing your risks to an acceptable level based on your risk analysis






3. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






4. Scanning the airwaves for radio transmissions






5. The real cost of acquiring/maintaining/developing a system






6. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






7. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






8. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






9. A network that uses proprietary protocols






10. These can be used to verify that public keys belong to certain individuals.






11. Providing verification to a system






12. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






13. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






14. Dynamic Host Configuration Protocol.






15. Be at least 8 foot tall and have three strands of barbed wire.






16. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






17. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






18. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






19. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






20. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






21. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






22. The person that determines the permissions to files. The data owner.






23. Continuation of Operations Plan






24. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






25. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






26. When security is managed at many different points in an organization






27. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






28. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






29. A military standard defining controls for emanation protection






30. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






31. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






32. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






33. The output of a hash function is a digest.






34. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






35. Common Object Request Broker Architecture.






36. A RFC standard. A mechanism for performing commands on a remote system






37. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






38. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






39. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






40. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






41. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






42. Occupant Emergency Plan - Employees are the most important!






43. Making individuals accountable for their actions on a system typically through the use of auditing






44. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






45. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






46. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






47. In cryptography - it is a block cipher






48. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






49. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






50. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests