Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






2. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






3. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






4. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






5. Reasonable doubt






6. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






7. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






8. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






9. Repeats the signal. It amplifies the signal before sending it on.






10. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






11. When security is managed at many different points in an organization






12. Making individuals accountable for their actions on a system typically through the use of auditing






13. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






14. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






15. Signal degradation as it moves farther from its source






16. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






17. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






18. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






19. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






20. Good for distance - longer than 100M






21. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






22. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






23. Someone whose hacking is primarily targeted at the phone systems






24. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






25. Ethernet - Cat5 - Twisted to allow for longer runs.






26. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






27. The ability to have more than one thread associated with a process






28. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






29. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






30. Also civil law






31. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






32. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






33. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






34. A site that is ready physically but has no hardware in place - all it has is HVAC






35. A network that uses standard protocols (TCP/IP)






36. When one key of a two-key pair has more encryption pattern than the other






37. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






38. Occupant Emergency Plan - Employees are the most important!






39. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






40. Chief Information Officer






41. Method of authenticating to a system. Something that you supply and something you know.






42. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






43. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






44. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






45. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






46. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






47. Emanations from one wire coupling with another wire






48. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






49. A network entity that provides a single entrance / exit point to the Internet.






50. Separation of duties (SoD) is the concept of having more than one person required to complete a task.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests