Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






2. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






3. A site that is ready physically but has no hardware in place - all it has is HVAC






4. In the broadest sense - a fraud is a deception made for personal gain






5. Emanations from one wire coupling with another wire






6. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






7. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






8. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






9. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






10. Relating to quality or kind. This assigns a level of importance to something.






11. The act of identifying yourself. Providing your identity to a system






12. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






13. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






14. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






15. Something used to put out a fire. Can be in Classes A - B - C - D - or H






16. These viruses usually infect both boot records and files.






17. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






18. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






19. The practice of obtaining confidential information by manipulation of legitimate users.






20. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






21. Chief Executive Officer






22. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






23. Threat to physical security.






24. Encompasses Risk Analysis and Risk Mitigation






25. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






26. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






27. Distributed Component Object Model. Microsoft's implementation of CORBA.






28. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






29. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






30. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






31. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






32. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






33. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






34. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






35. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






36. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






37. A war dialing utility






38. Continuation of Operations Plan






39. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






40. The person that controls access to the data






41. Common Object Request Broker Architecture.






42. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






43. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






44. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






45. The process of reducing your risks to an acceptable level based on your risk analysis






46. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






47. Closed Circuit Television






48. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






49. Disclosure - Alteration - Destruction. These things break the CIA triad






50. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests