Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






2. An instance of a scripting language






3. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






4. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






5. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






6. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






7. The process of reducing your risks to an acceptable level based on your risk analysis






8. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






9. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






10. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






11. In cryptography - it is a block cipher






12. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






13. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






14. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






15. Accepting all packets






16. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






17. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






18. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






19. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






20. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






21. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






22. Chief Executive Officer






23. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






24. Relating to quality or kind. This assigns a level of importance to something.






25. Transferring your risk to someone else - typically an insurance company






26. Dynamic Host Configuration Protocol.






27. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






28. A hidden communications channel on a system that allows for the bypassing of the system security policy






29. The practice of obtaining confidential information by manipulation of legitimate users.






30. Network device that operates at layer 1. Concentrator.






31. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






32. Network Address Translation






33. A system designed to stop piggybacking.






34. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






35. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






36. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






37. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






38. This is an open international standard for applications that use wireless communications.






39. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






40. Closed Circuit Television






41. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






42. Encompasses Risk Analysis and Risk Mitigation






43. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






44. The art of breaking code. Testing the strength of an algorithm.






45. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






46. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






47. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






48. Confidentiality - Integrity - and Availability






49. Access control method for database based on the content of the database to provide granular access






50. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests