Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






2. The person that determines the permissions to files. The data owner.






3. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






4. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






5. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






6. A technique to eliminate data redundancy.






7. A RFC standard. A mechanism for performing commands on a remote system






8. After implementing countermeasures - accepting risk for the amount of vulnerability left over






9. Must be in place for you to use a biometric system






10. Ethernet - Cat5 - Twisted to allow for longer runs.






11. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






12. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






13. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






14. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






15. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






16. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






17. In cryptography - it is a block cipher






18. The process of reducing your risks to an acceptable level based on your risk analysis






19. Animals with teeth. Not as discriminate as guards






20. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






21. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






22. Entails planning and system actions to ensure that a project is following good quality management practices






23. The art of breaking code. Testing the strength of an algorithm.






24. To not be legal (as far as law is concerned) or ethical






25. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






26. The intercepting of conversations by unintended recipients






27. Rolling command center with UPS - satellite - uplink - power - etc.






28. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






29. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






30. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






31. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






32. Occupant Emergency Plan - Employees are the most important!






33. The user






34. Basic Input/Output System






35. Computer Incident Response Team






36. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






37. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






38. Access control method for database based on the content of the database to provide granular access






39. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






40. A system designed to stop piggybacking.






41. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






42. Component Object Model.






43. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






44. A site that has some equipment in place - and can be up within days






45. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






46. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






47. Method of authenticating to a system. Something that you supply and something you know.






48. Be at least 8 foot tall and have three strands of barbed wire.






49. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






50. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests