Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Reasonable doubt






2. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






3. The real cost of acquiring/maintaining/developing a system






4. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






5. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






6. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






7. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






8. The frequency with which a threat is expected to occur.






9. A network that uses proprietary protocols






10. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






11. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






12. Internet Architecture Board. This board is responsible for protecting the Internet.






13. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






14. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






15. Software designed to infiltrate or damage a computer system - without the owner's consent.






16. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






17. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






18. Public Key Infrastructure






19. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






20. Transferring your risk to someone else - typically an insurance company






21. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






22. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






23. Dynamic Host Configuration Protocol.






24. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






25. Disclosure - Alteration - Destruction. These things break the CIA triad






26. Must be in place for you to use a biometric system






27. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






28. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






29. Using ICMP to diagram a network






30. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






31. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






32. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






33. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






34. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






35. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






36. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






37. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






38. Involving the measurement of quantity or amount.






39. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






40. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






41. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






42. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






43. A sandbox. Emulates an operating environment.






44. Chief Executive Officer






45. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






46. An instance of a scripting language






47. Setting up the user to access the honeypot for reasons other than the intent to harm.






48. CISSPs subscribe to a code of ethics for building up the security profession






49. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






50. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests