Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






2. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






3. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






4. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






5. Personal - Network - and Application






6. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






7. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






8. Someone who hacks






9. The art of breaking code. Testing the strength of an algorithm.






10. Chief Information Officer






11. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






12. Threat to physical security.






13. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






14. After implementing countermeasures - accepting risk for the amount of vulnerability left over






15. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






16. Relating to quality or kind. This assigns a level of importance to something.






17. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






18. Dynamic Host Configuration Protocol.






19. Access control method for database based on the content of the database to provide granular access






20. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






21. Entails planning and system actions to ensure that a project is following good quality management practices






22. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






23. Internet Architecture Board. This board is responsible for protecting the Internet.






24. Providing verification to a system






25. A RFC standard. A mechanism for performing commands on a remote system






26. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






27. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






28. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






29. Once authenticated - the level of access you have to a system






30. Chief Executive Officer






31. A war dialing utility






32. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






33. Also civil law






34. Software designed to infiltrate or damage a computer system - without the owner's consent.






35. When one key of a two-key pair has more encryption pattern than the other






36. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






37. When security is managed at many different points in an organization






38. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






39. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






40. Method of authenticating to a system. Something that you supply and something you know.






41. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






42. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






43. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






44. The real cost of acquiring/maintaining/developing a system






45. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






46. Network Address Translation






47. When security is managed at a central point in an organization






48. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






49. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






50. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests