Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Scanning the airwaves for radio transmissions






2. Network device that operates at layer 1. Concentrator.






3. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






4. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






5. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






6. A mechanism by which connections to TCP services on a system are allowed or disallowed






7. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






8. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






9. These viruses usually infect both boot records and files.






10. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






11. A system designed to stop piggybacking.






12. Encompasses Risk Analysis and Risk Mitigation






13. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






14. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






15. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






16. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






17. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






18. Random Number Base






19. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






20. A gas used in fire suppression. Not human safe. Chemical reaction.






21. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






22. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






23. Once authenticated - the level of access you have to a system






24. Distributed Component Object Model. Microsoft's implementation of CORBA.






25. Signal degradation as it moves farther from its source






26. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






27. Good for distance - longer than 100M






28. Public Key Infrastructure






29. The frequency with which a threat is expected to occur.






30. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






31. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






32. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






33. The ability to have more than one thread associated with a process






34. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






35. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






36. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






37. Emanations from one wire coupling with another wire






38. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






39. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






40. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






41. A network that uses standard protocols (TCP/IP)






42. Involving the measurement of quantity or amount.






43. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






44. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






45. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






46. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






47. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






48. After implementing countermeasures - accepting risk for the amount of vulnerability left over






49. 'If you cant see it - its secure'. Bad policy to live by.






50. The physical part of a computer - as distinguished from the computer software that executes within the hardware.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests