Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






2. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






3. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






4. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






5. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






6. Object Linking and Embedding. The ability of an object to be embedded into another object.






7. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






8. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






9. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






10. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






11. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






12. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






13. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






14. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






15. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






16. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






17. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






18. Dialing fixed sets telephone numbers looking for open modem connections to machines






19. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






20. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






21. Motive - Opportunity - and Means. These deal with crime.






22. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






23. Chief Information Officer






24. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






25. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






26. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






27. Animals with teeth. Not as discriminate as guards






28. Emanations from one wire coupling with another wire






29. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






30. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






31. A network that mimics the brain






32. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






33. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






34. Setting up the user to access the honeypot for reasons other than the intent to harm.






35. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






36. An attempt to trick the system into believing that something false is real






37. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






38. Basic Input/Output System






39. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






40. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






41. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






42. Also civil law






43. Method of authenticating to a system. Something that you supply and something you know.






44. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






45. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






46. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






47. Making individuals accountable for their actions on a system typically through the use of auditing






48. Repeats the signal. It amplifies the signal before sending it on.






49. Scanning the airwaves for radio transmissions






50. Disclosure - Alteration - Destruction. These things break the CIA triad







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests