Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. After implementing countermeasures - accepting risk for the amount of vulnerability left over






2. A site that is ready physically but has no hardware in place - all it has is HVAC






3. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






4. A network that uses proprietary protocols






5. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






6. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






7. The intercepting of conversations by unintended recipients






8. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






9. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






10. Common Object Request Broker Architecture.






11. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






12. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






13. Reasonable doubt






14. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






15. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






16. Someone who hacks






17. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






18. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






19. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






20. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






21. Someone whose hacking is primarily targeted at the phone systems






22. Setting up the user to access the honeypot for reasons other than the intent to harm.






23. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






24. An instance of a scripting language






25. A hidden communications channel on a system that allows for the bypassing of the system security policy






26. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






27. The person that controls access to the data






28. In a separation of duties model - this is where code is checked in and out






29. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






30. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






31. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






32. Defines the objects and their attributes that exist in a database.






33. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






34. To not be legal (as far as law is concerned) or ethical






35. 'If you cant see it - its secure'. Bad policy to live by.






36. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






37. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






38. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






39. A war dialing utility






40. A sandbox. Emulates an operating environment.






41. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






42. Continuation of Operations Plan






43. Public Key Infrastructure






44. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






45. Repeats the signal. It amplifies the signal before sending it on.






46. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






47. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






48. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






49. The frequency with which a threat is expected to occur.






50. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests