Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






2. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






3. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






4. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






5. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






6. Closed Circuit Television






7. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






8. Transferring your risk to someone else - typically an insurance company






9. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






10. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






11. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






12. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






13. Also civil law






14. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






15. The act of identifying yourself. Providing your identity to a system






16. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






17. A card that holds information that must be authenticated to before it can reveal the information that it is holding






18. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






19. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






20. Involving the measurement of quantity or amount.






21. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






22. An attempt to trick the system into believing that something false is real






23. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






24. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






25. The output of a hash function is a digest.






26. These can be used to verify that public keys belong to certain individuals.






27. When one key of a two-key pair has more encryption pattern than the other






28. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






29. Occupant Emergency Plan - Employees are the most important!






30. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






31. Confidentiality - Integrity - and Availability






32. A network that uses proprietary protocols






33. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






34. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






35. Network Address Translation






36. Public Key Infrastructure






37. When two or more processes are linked and execute multiple programs simultaneously






38. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






39. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






40. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






41. The process of reducing your risks to an acceptable level based on your risk analysis






42. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






43. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






44. Rolling command center with UPS - satellite - uplink - power - etc.






45. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






46. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






47. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






48. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






49. Access control method for database based on the content of the database to provide granular access






50. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests