Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Closed Circuit Television






2. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






3. The person that determines the permissions to files. The data owner.






4. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






5. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






6. Confidentiality - Integrity - and Availability






7. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






8. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






9. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






10. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






11. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






12. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






13. Must be in place for you to use a biometric system






14. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






15. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






16. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






17. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






18. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






19. A mechanism by which connections to TCP services on a system are allowed or disallowed






20. The real cost of acquiring/maintaining/developing a system






21. Data storage formats and equipment that allow the stored data to be accessed in any order






22. Component Object Model.






23. In cryptography - it is a block cipher






24. White hat l0pht






25. In a separation of duties model - this is where code is checked in and out






26. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






27. Continuation of Operations Plan






28. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






29. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






30. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






31. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






32. A card that holds information that must be authenticated to before it can reveal the information that it is holding






33. A RFC standard. A mechanism for performing commands on a remote system






34. The art of breaking code. Testing the strength of an algorithm.






35. A network that mimics the brain






36. The frequency with which a threat is expected to occur.






37. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






38. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






39. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






40. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






41. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






42. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






43. A network that uses standard protocols (TCP/IP)






44. Occupant Emergency Plan - Employees are the most important!






45. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






46. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






47. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






48. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






49. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






50. Ethernet - Cat5 - Twisted to allow for longer runs.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests