Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






2. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






3. Chief Information Officer






4. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






5. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






6. Ethernet - Cat5 - Twisted to allow for longer runs.






7. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






8. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






9. Be at least 8 foot tall and have three strands of barbed wire.






10. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






11. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






12. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






13. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






14. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






15. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






16. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






17. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






18. In a separation of duties model - this is where code is checked in and out






19. Emanations from one wire coupling with another wire






20. The ability to have more than one thread associated with a process






21. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






22. When one key of a two-key pair has more encryption pattern than the other






23. A RFC standard. A mechanism for performing commands on a remote system






24. The user






25. Network Address Translation






26. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






27. Confidentiality - Integrity - and Availability






28. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






29. Rolling command center with UPS - satellite - uplink - power - etc.






30. A technique to eliminate data redundancy.






31. Data storage formats and equipment that allow the stored data to be accessed in any order






32. Personal - Network - and Application






33. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






34. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






35. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






36. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






37. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






38. Scanning the airwaves for radio transmissions






39. A network that uses standard protocols (TCP/IP)






40. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






41. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






42. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






43. Disclosure - Alteration - Destruction. These things break the CIA triad






44. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






45. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






46. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






47. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






48. An attempt to trick the system into believing that something false is real






49. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






50. More discriminate than dogs