Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Confidentiality - Integrity - and Availability






2. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






3. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






4. Network device that operates at layer 1. Concentrator.






5. A network that uses standard protocols (TCP/IP)






6. The user






7. Encompasses Risk Analysis and Risk Mitigation






8. Internet Architecture Board. This board is responsible for protecting the Internet.






9. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






10. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






11. An instance of a scripting language






12. Enticing people to hit your honeypot to see how they try to access your system.






13. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






14. Making individuals accountable for their actions on a system typically through the use of auditing






15. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






16. Repeats the signal. It amplifies the signal before sending it on.






17. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






18. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






19. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






20. Jumping into dumpsters to retrieve information about someone/something/a company






21. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






22. Public Key Infrastructure






23. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






24. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






25. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






26. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






27. Computer Incident Response Team






28. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






29. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






30. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






31. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






32. A network that uses proprietary protocols






33. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






34. Using ICMP to diagram a network






35. A site that has some equipment in place - and can be up within days






36. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






37. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






38. Data storage formats and equipment that allow the stored data to be accessed in any order






39. Transferring your risk to someone else - typically an insurance company






40. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






41. Accepting all packets






42. A technique to eliminate data redundancy.






43. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






44. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






45. Threat to physical security.






46. Motive - Opportunity - and Means. These deal with crime.






47. Motivational tools for employee awareness to get them to report security flaws in an organization






48. Occupant Emergency Plan - Employees are the most important!






49. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






50. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests