Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The intercepting of conversations by unintended recipients






2. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






3. Assuming someone's session who is unaware of what you are doing






4. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






5. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






6. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






7. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






8. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






9. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






10. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






11. Defines the objects and their attributes that exist in a database.






12. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






13. The output of a hash function is a digest.






14. A site that has some equipment in place - and can be up within days






15. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






16. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






17. Be at least 8 foot tall and have three strands of barbed wire.






18. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






19. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






20. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






21. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






22. Must be in place for you to use a biometric system






23. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






24. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






25. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






26. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






27. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






28. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






29. Internet Architecture Board. This board is responsible for protecting the Internet.






30. Object Linking and Embedding. The ability of an object to be embedded into another object.






31. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






32. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






33. Basic Input/Output System






34. A site that is ready physically but has no hardware in place - all it has is HVAC






35. An attempt to trick the system into believing that something false is real






36. Random Number Base






37. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






38. A system designed to stop piggybacking.






39. Encompasses Risk Analysis and Risk Mitigation






40. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






41. Setting up the user to access the honeypot for reasons other than the intent to harm.






42. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






43. When security is managed at many different points in an organization






44. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






45. Emanations from one wire coupling with another wire






46. A network that uses proprietary protocols






47. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






48. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






49. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






50. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests