Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A military standard defining controls for emanation protection






2. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






3. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






4. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






5. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






6. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






7. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






8. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






9. Personal - Network - and Application






10. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






11. Ethernet - Cat5 - Twisted to allow for longer runs.






12. These viruses usually infect both boot records and files.






13. Dynamic Host Configuration Protocol.






14. A mechanism by which connections to TCP services on a system are allowed or disallowed






15. Same as a block cipher except that it is applied to a data stream one bit at a time






16. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






17. 'If you cant see it - its secure'. Bad policy to live by.






18. Access control method for database based on the content of the database to provide granular access






19. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






20. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






21. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






22. A site that has some equipment in place - and can be up within days






23. A network that uses standard protocols (TCP/IP)






24. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






25. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






26. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






27. Object Linking and Embedding. The ability of an object to be embedded into another object.






28. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






29. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






30. When two or more processes are linked and execute multiple programs simultaneously






31. Emanations from one wire coupling with another wire






32. The output of a hash function is a digest.






33. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






34. Also known as a tunnel)






35. The person that controls access to the data






36. Enticing people to hit your honeypot to see how they try to access your system.






37. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






38. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






39. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






40. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






41. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






42. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






43. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






44. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






45. A technique to eliminate data redundancy.






46. Accepting all packets






47. Reasonable doubt






48. A RFC standard. A mechanism for performing commands on a remote system






49. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






50. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests