Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






2. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






3. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






4. Dialing fixed sets telephone numbers looking for open modem connections to machines






5. Closed Circuit Television






6. Be at least 8 foot tall and have three strands of barbed wire.






7. A network entity that provides a single entrance / exit point to the Internet.






8. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






9. Transferring your risk to someone else - typically an insurance company






10. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






11. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






12. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






13. Emanations from one wire coupling with another wire






14. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






15. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






16. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






17. Network device that operates at layer 1. Concentrator.






18. Same as a block cipher except that it is applied to a data stream one bit at a time






19. Repeats the signal. It amplifies the signal before sending it on.






20. Reasonable doubt






21. Someone who hacks






22. Network devices that operate at layer 3. This device separates broadcast domains.






23. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






24. An instance of a scripting language






25. A site that is ready physically but has no hardware in place - all it has is HVAC






26. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






27. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






28. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






29. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






30. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






31. Accepting all packets






32. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






33. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






34. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






35. Animals with teeth. Not as discriminate as guards






36. White hat l0pht






37. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






38. Personal - Network - and Application






39. Enticing people to hit your honeypot to see how they try to access your system.






40. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






41. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






42. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






43. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






44. Using ICMP to diagram a network






45. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






46. 'If you cant see it - its secure'. Bad policy to live by.






47. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






48. Internet Architecture Board. This board is responsible for protecting the Internet.






49. Basic Input/Output System






50. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests