Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When security is managed at a central point in an organization






2. Providing verification to a system






3. A system designed to stop piggybacking.






4. The process of reducing your risks to an acceptable level based on your risk analysis






5. A military standard defining controls for emanation protection






6. Network Address Translation






7. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






8. Good for distance - longer than 100M






9. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






10. Accepting all packets






11. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






12. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






13. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






14. Rolling command center with UPS - satellite - uplink - power - etc.






15. Chief Information Officer






16. A RFC standard. A mechanism for performing commands on a remote system






17. Motivational tools for employee awareness to get them to report security flaws in an organization






18. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






19. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






20. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






21. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






22. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






23. Internet Relay Chat.






24. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






25. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






26. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






27. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






28. To not be legal (as far as law is concerned) or ethical






29. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






30. The ability to have more than one thread associated with a process






31. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






32. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






33. White hat l0pht






34. Relating to quality or kind. This assigns a level of importance to something.






35. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






36. The act of identifying yourself. Providing your identity to a system






37. Closed Circuit Television






38. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






39. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






40. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






41. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






42. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






43. Component Object Model.






44. Encompasses Risk Analysis and Risk Mitigation






45. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






46. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






47. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






48. Something used to put out a fire. Can be in Classes A - B - C - D - or H






49. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






50. Network devices that operate at layer 3. This device separates broadcast domains.






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests