Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






2. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






3. When security is managed at many different points in an organization






4. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






5. Someone whose hacking is primarily targeted at the phone systems






6. After implementing countermeasures - accepting risk for the amount of vulnerability left over






7. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






8. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






9. Software designed to infiltrate or damage a computer system - without the owner's consent.






10. A site that is ready physically but has no hardware in place - all it has is HVAC






11. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






12. A mechanism by which connections to TCP services on a system are allowed or disallowed






13. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






14. More discriminate than dogs






15. Accepting all packets






16. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






17. Closed Circuit Television






18. Access control method for database based on the content of the database to provide granular access






19. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






20. Computer Incident Response Team






21. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






22. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






23. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






24. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






25. A network that uses standard protocols (TCP/IP)






26. Using ICMP to diagram a network






27. Occupant Emergency Plan - Employees are the most important!






28. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






29. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






30. Reasonable doubt






31. Transferring your risk to someone else - typically an insurance company






32. 'If you cant see it - its secure'. Bad policy to live by.






33. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






34. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






35. The act of identifying yourself. Providing your identity to a system






36. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






37. A RFC standard. A mechanism for performing commands on a remote system






38. Continuation of Operations Plan






39. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






40. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






41. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






42. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






43. An attempt to trick the system into believing that something false is real






44. Basic Input/Output System






45. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






46. Setting up the user to access the honeypot for reasons other than the intent to harm.






47. Public Key Infrastructure






48. The real cost of acquiring/maintaining/developing a system






49. Network devices that operate at layer 3. This device separates broadcast domains.






50. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests