Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A RFC standard. A mechanism for performing commands on a remote system






2. A site that is ready physically but has no hardware in place - all it has is HVAC






3. Also civil law






4. Relating to quality or kind. This assigns a level of importance to something.






5. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






6. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






7. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






8. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






9. Signal degradation as it moves farther from its source






10. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






11. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






12. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






13. Setting up the user to access the honeypot for reasons other than the intent to harm.






14. A gas used in fire suppression. Not human safe. Chemical reaction.






15. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






16. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






17. Chief Executive Officer






18. Object Linking and Embedding. The ability of an object to be embedded into another object.






19. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






20. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






21. A network that mimics the brain






22. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






23. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






24. Must be in place for you to use a biometric system






25. When security is managed at many different points in an organization






26. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






27. A system designed to stop piggybacking.






28. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






29. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






30. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






31. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






32. Scanning the airwaves for radio transmissions






33. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






34. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






35. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






36. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






37. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






38. Assuming someone's session who is unaware of what you are doing






39. Also known as a tunnel)






40. Data storage formats and equipment that allow the stored data to be accessed in any order






41. Network devices that operate at layer 3. This device separates broadcast domains.






42. Same as a block cipher except that it is applied to a data stream one bit at a time






43. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






44. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






45. In the broadest sense - a fraud is a deception made for personal gain






46. Random Number Base






47. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






48. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






49. Repeats the signal. It amplifies the signal before sending it on.






50. Reasonable doubt






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests