Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A site that has some equipment in place - and can be up within days






2. The practice of obtaining confidential information by manipulation of legitimate users.






3. CISSPs subscribe to a code of ethics for building up the security profession






4. Public Key Infrastructure






5. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






6. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






7. When security is managed at many different points in an organization






8. Internet Relay Chat.






9. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






10. When two or more processes are linked and execute multiple programs simultaneously






11. Jumping into dumpsters to retrieve information about someone/something/a company






12. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






13. The real cost of acquiring/maintaining/developing a system






14. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






15. Network device that operates at layer 1. Concentrator.






16. The user






17. A war dialing utility






18. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






19. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






20. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






21. A military standard defining controls for emanation protection






22. Rolling command center with UPS - satellite - uplink - power - etc.






23. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






24. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






25. Dialing fixed sets telephone numbers looking for open modem connections to machines






26. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






27. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






28. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






29. Relating to quality or kind. This assigns a level of importance to something.






30. A system designed to stop piggybacking.






31. Someone whose hacking is primarily targeted at the phone systems






32. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






33. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






34. A hidden communications channel on a system that allows for the bypassing of the system security policy






35. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






36. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






37. Using ICMP to diagram a network






38. Signal degradation as it moves farther from its source






39. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






40. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






41. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






42. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






43. The frequency with which a threat is expected to occur.






44. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






45. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






46. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






47. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






48. Something used to put out a fire. Can be in Classes A - B - C - D - or H






49. Continuation of Operations Plan






50. Providing verification to a system







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests