Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






2. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






3. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






4. Jumping into dumpsters to retrieve information about someone/something/a company






5. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






6. Rolling command center with UPS - satellite - uplink - power - etc.






7. After implementing countermeasures - accepting risk for the amount of vulnerability left over






8. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






9. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






10. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






11. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






12. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






13. White hat l0pht






14. Must be in place for you to use a biometric system






15. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






16. More discriminate than dogs






17. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






18. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






19. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






20. Object Linking and Embedding. The ability of an object to be embedded into another object.






21. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






22. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






23. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






24. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






25. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






26. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






27. In the broadest sense - a fraud is a deception made for personal gain






28. Occupant Emergency Plan - Employees are the most important!






29. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






30. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






31. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






32. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






33. A network that mimics the brain






34. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






35. A card that holds information that must be authenticated to before it can reveal the information that it is holding






36. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






37. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






38. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






39. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






40. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






41. Closed Circuit Television






42. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






43. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






44. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






45. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






46. Method of authenticating to a system. Something that you supply and something you know.






47. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






48. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






49. A mechanism by which connections to TCP services on a system are allowed or disallowed






50. These can be used to verify that public keys belong to certain individuals.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests