Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






2. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






3. Making individuals accountable for their actions on a system typically through the use of auditing






4. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






5. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






6. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






7. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






8. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






9. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






10. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






11. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






12. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






13. Confidentiality - Integrity - and Availability






14. A network that uses standard protocols (TCP/IP)






15. More discriminate than dogs






16. Motivational tools for employee awareness to get them to report security flaws in an organization






17. Closed Circuit Television






18. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






19. Internet Architecture Board. This board is responsible for protecting the Internet.






20. Threat to physical security.






21. Occupant Emergency Plan - Employees are the most important!






22. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






23. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






24. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






25. The art of breaking code. Testing the strength of an algorithm.






26. Entails planning and system actions to ensure that a project is following good quality management practices






27. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






28. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






29. A RFC standard. A mechanism for performing commands on a remote system






30. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






31. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






32. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






33. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






34. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






35. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






36. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






37. Continuation of Operations Plan






38. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






39. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






40. Involving the measurement of quantity or amount.






41. A military standard defining controls for emanation protection






42. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






43. In cryptography - it is a block cipher






44. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






45. Access control method for database based on the content of the database to provide granular access






46. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






47. Someone whose hacking is primarily targeted at the phone systems






48. To not be legal (as far as law is concerned) or ethical






49. The intercepting of conversations by unintended recipients






50. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests