Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network device that operates at layer 1. Concentrator.






2. Access control method for database based on the content of the database to provide granular access






3. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






4. Network devices that operate at layer 3. This device separates broadcast domains.






5. Computer Incident Response Team






6. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






7. When security is managed at many different points in an organization






8. Defines the objects and their attributes that exist in a database.






9. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






10. To not be legal (as far as law is concerned) or ethical






11. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






12. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






13. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






14. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






15. CISSPs subscribe to a code of ethics for building up the security profession






16. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






17. A network that uses standard protocols (TCP/IP)






18. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






19. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






20. Providing verification to a system






21. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






22. Reasonable doubt






23. Must be in place for you to use a biometric system






24. Signal degradation as it moves farther from its source






25. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






26. In a separation of duties model - this is where code is checked in and out






27. Dynamic Host Configuration Protocol.






28. Scanning the airwaves for radio transmissions






29. Enticing people to hit your honeypot to see how they try to access your system.






30. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






31. Chief Information Officer






32. After implementing countermeasures - accepting risk for the amount of vulnerability left over






33. The person that determines the permissions to files. The data owner.






34. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






35. Animals with teeth. Not as discriminate as guards






36. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






37. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






38. Closed Circuit Television






39. In cryptography - it is a block cipher






40. Random Number Base






41. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






42. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






43. Motivational tools for employee awareness to get them to report security flaws in an organization






44. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






45. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






46. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






47. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






48. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






49. Entails planning and system actions to ensure that a project is following good quality management practices






50. The art of breaking code. Testing the strength of an algorithm.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests