Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






2. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






3. Setting up the user to access the honeypot for reasons other than the intent to harm.






4. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






5. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






6. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






7. Jumping into dumpsters to retrieve information about someone/something/a company






8. Motivational tools for employee awareness to get them to report security flaws in an organization






9. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






10. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






11. The real cost of acquiring/maintaining/developing a system






12. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






13. Someone who hacks






14. Basic Input/Output System






15. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






16. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






17. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






18. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






19. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






20. CISSPs subscribe to a code of ethics for building up the security profession






21. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






22. A network that mimics the brain






23. In cryptography - it is a block cipher






24. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






25. Be at least 8 foot tall and have three strands of barbed wire.






26. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






27. A mechanism by which connections to TCP services on a system are allowed or disallowed






28. A network that uses standard protocols (TCP/IP)






29. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






30. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






31. In a separation of duties model - this is where code is checked in and out






32. When one key of a two-key pair has more encryption pattern than the other






33. These viruses usually infect both boot records and files.






34. Must be in place for you to use a biometric system






35. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






36. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






37. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






38. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






39. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






40. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






41. A system designed to stop piggybacking.






42. 'If you cant see it - its secure'. Bad policy to live by.






43. Scanning the airwaves for radio transmissions






44. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






45. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






46. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






47. Defines the objects and their attributes that exist in a database.






48. A war dialing utility






49. Chief Executive Officer






50. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests