Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Transferring your risk to someone else - typically an insurance company






2. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






3. Closed Circuit Television






4. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






5. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






6. A RFC standard. A mechanism for performing commands on a remote system






7. The act of identifying yourself. Providing your identity to a system






8. 'If you cant see it - its secure'. Bad policy to live by.






9. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






10. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






11. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






12. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






13. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






14. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






15. A system designed to stop piggybacking.






16. When one key of a two-key pair has more encryption pattern than the other






17. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






18. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






19. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






20. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






21. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






22. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






23. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






24. Motivational tools for employee awareness to get them to report security flaws in an organization






25. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






26. A gas used in fire suppression. Not human safe. Chemical reaction.






27. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






28. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






29. Occupant Emergency Plan - Employees are the most important!






30. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






31. White hat l0pht






32. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






33. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






34. Threat to physical security.






35. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






36. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






37. In the broadest sense - a fraud is a deception made for personal gain






38. Software designed to infiltrate or damage a computer system - without the owner's consent.






39. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






40. Scanning the airwaves for radio transmissions






41. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






42. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






43. Someone who hacks






44. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






45. Accepting all packets






46. An instance of a scripting language






47. Must be in place for you to use a biometric system






48. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






49. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






50. Something used to put out a fire. Can be in Classes A - B - C - D - or H







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests