Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Disclosure - Alteration - Destruction. These things break the CIA triad






2. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






3. Motive - Opportunity - and Means. These deal with crime.






4. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






5. Network Address Translation






6. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






7. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






8. Internet Architecture Board. This board is responsible for protecting the Internet.






9. Computer Incident Response Team






10. Encompasses Risk Analysis and Risk Mitigation






11. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






12. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






13. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






14. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






15. Good for distance - longer than 100M






16. Motivational tools for employee awareness to get them to report security flaws in an organization






17. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






18. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






19. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






20. Providing verification to a system






21. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






22. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






23. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






24. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






25. Same as a block cipher except that it is applied to a data stream one bit at a time






26. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






27. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






28. Transferring your risk to someone else - typically an insurance company






29. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






30. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






31. Using ICMP to diagram a network






32. Data storage formats and equipment that allow the stored data to be accessed in any order






33. The art of breaking code. Testing the strength of an algorithm.






34. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






35. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






36. A site that has some equipment in place - and can be up within days






37. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






38. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






39. When two or more processes are linked and execute multiple programs simultaneously






40. A RFC standard. A mechanism for performing commands on a remote system






41. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






42. When one key of a two-key pair has more encryption pattern than the other






43. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






44. Threat to physical security.






45. Repeats the signal. It amplifies the signal before sending it on.






46. Network device that operates at layer 1. Concentrator.






47. A card that holds information that must be authenticated to before it can reveal the information that it is holding






48. A site that is ready physically but has no hardware in place - all it has is HVAC






49. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






50. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests