Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When security is managed at a central point in an organization






2. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






3. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






4. An instance of a scripting language






5. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






6. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






7. Be at least 8 foot tall and have three strands of barbed wire.






8. The person that determines the permissions to files. The data owner.






9. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






10. A site that has some equipment in place - and can be up within days






11. Someone who hacks






12. Motivational tools for employee awareness to get them to report security flaws in an organization






13. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






14. The user






15. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






16. Involving the measurement of quantity or amount.






17. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






18. A sandbox. Emulates an operating environment.






19. A technique to eliminate data redundancy.






20. An attempt to trick the system into believing that something false is real






21. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






22. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






23. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






24. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






25. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






26. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






27. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






28. A site that is ready physically but has no hardware in place - all it has is HVAC






29. A mechanism by which connections to TCP services on a system are allowed or disallowed






30. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






31. Dynamic Host Configuration Protocol.






32. Threat to physical security.






33. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






34. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






35. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






36. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






37. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






38. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






39. A military standard defining controls for emanation protection






40. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






41. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






42. The intercepting of conversations by unintended recipients






43. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






44. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






45. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






46. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






47. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






48. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






49. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






50. Must be in place for you to use a biometric system







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests