Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Method of authenticating to a system. Something that you supply and something you know.






2. Object Linking and Embedding. The ability of an object to be embedded into another object.






3. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






4. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






5. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






6. A war dialing utility






7. Once authenticated - the level of access you have to a system






8. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






9. The user






10. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






11. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






12. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






13. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






14. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






15. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






16. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






17. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






18. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






19. In the broadest sense - a fraud is a deception made for personal gain






20. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






21. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






22. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






23. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






24. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






25. Network device that operates at layer 1. Concentrator.






26. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






27. Component Object Model.






28. White hat l0pht






29. Defines the objects and their attributes that exist in a database.






30. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






31. Animals with teeth. Not as discriminate as guards






32. Disclosure - Alteration - Destruction. These things break the CIA triad






33. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






34. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






35. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






36. A hidden communications channel on a system that allows for the bypassing of the system security policy






37. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






38. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






39. Network Address Translation






40. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






41. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






42. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






43. When two or more processes are linked and execute multiple programs simultaneously






44. A network that mimics the brain






45. CISSPs subscribe to a code of ethics for building up the security profession






46. A card that holds information that must be authenticated to before it can reveal the information that it is holding






47. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






48. Random Number Base






49. Encompasses Risk Analysis and Risk Mitigation






50. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests