Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The frequency with which a threat is expected to occur.






2. Using ICMP to diagram a network






3. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






4. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






5. Entails planning and system actions to ensure that a project is following good quality management practices






6. Be at least 8 foot tall and have three strands of barbed wire.






7. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






8. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






9. Something used to put out a fire. Can be in Classes A - B - C - D - or H






10. Emanations from one wire coupling with another wire






11. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






12. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






13. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






14. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






15. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






16. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






17. Internet Relay Chat.






18. Enticing people to hit your honeypot to see how they try to access your system.






19. Object Linking and Embedding. The ability of an object to be embedded into another object.






20. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






21. This is an open international standard for applications that use wireless communications.






22. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






23. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






24. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






25. Common Object Request Broker Architecture.






26. Chief Executive Officer






27. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






28. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






29. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






30. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






31. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






32. Threat to physical security.






33. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






34. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






35. White hat l0pht






36. The output of a hash function is a digest.






37. When security is managed at a central point in an organization






38. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






39. After implementing countermeasures - accepting risk for the amount of vulnerability left over






40. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






41. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






42. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






43. A network that mimics the brain






44. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






45. Data storage formats and equipment that allow the stored data to be accessed in any order






46. The art of breaking code. Testing the strength of an algorithm.






47. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






48. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






49. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






50. Dynamic Host Configuration Protocol.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests