Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






2. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






3. Must be in place for you to use a biometric system






4. A site that has some equipment in place - and can be up within days






5. Confidentiality - Integrity - and Availability






6. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






7. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






8. Good for distance - longer than 100M






9. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






10. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






11. Enticing people to hit your honeypot to see how they try to access your system.






12. Encompasses Risk Analysis and Risk Mitigation






13. Involving the measurement of quantity or amount.






14. The person that determines the permissions to files. The data owner.






15. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






16. A hidden communications channel on a system that allows for the bypassing of the system security policy






17. A system designed to stop piggybacking.






18. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






19. In cryptography - it is a block cipher






20. Basic Input/Output System






21. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






22. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






23. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






24. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






25. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






26. A gas used in fire suppression. Not human safe. Chemical reaction.






27. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






28. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






29. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






30. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






31. Relating to quality or kind. This assigns a level of importance to something.






32. White hat l0pht






33. To not be legal (as far as law is concerned) or ethical






34. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






35. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






36. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






37. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






38. The output of a hash function is a digest.






39. Also known as a tunnel)






40. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






41. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






42. Providing verification to a system






43. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






44. Emanations from one wire coupling with another wire






45. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






46. A network that uses proprietary protocols






47. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






48. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






49. Chief Executive Officer






50. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests