Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






2. Making individuals accountable for their actions on a system typically through the use of auditing






3. When one key of a two-key pair has more encryption pattern than the other






4. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






5. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






6. In a separation of duties model - this is where code is checked in and out






7. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






8. Occupant Emergency Plan - Employees are the most important!






9. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






10. Software designed to infiltrate or damage a computer system - without the owner's consent.






11. Someone whose hacking is primarily targeted at the phone systems






12. Encompasses Risk Analysis and Risk Mitigation






13. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






14. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






15. Once authenticated - the level of access you have to a system






16. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






17. Something used to put out a fire. Can be in Classes A - B - C - D - or H






18. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






19. A technique to eliminate data redundancy.






20. A network that uses proprietary protocols






21. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






22. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






23. Chief Information Officer






24. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






25. A network that mimics the brain






26. A mechanism by which connections to TCP services on a system are allowed or disallowed






27. The output of a hash function is a digest.






28. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






29. Confidentiality - Integrity - and Availability






30. Using ICMP to diagram a network






31. An instance of a scripting language






32. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






33. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






34. When security is managed at a central point in an organization






35. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






36. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






37. Setting up the user to access the honeypot for reasons other than the intent to harm.






38. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






39. Threat to physical security.






40. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






41. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






42. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






43. Reasonable doubt






44. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






45. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






46. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






47. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.






48. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






49. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






50. The art of breaking code. Testing the strength of an algorithm.






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests