Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The person that determines the permissions to files. The data owner.






2. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






3. To not be legal (as far as law is concerned) or ethical






4. A system designed to stop piggybacking.






5. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






6. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






7. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






8. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






9. The practice of obtaining confidential information by manipulation of legitimate users.






10. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






11. In cryptography - it is a block cipher






12. Also known as a tunnel)






13. A war dialing utility






14. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






15. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






16. Personal - Network - and Application






17. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






18. Computer Incident Response Team






19. Motivational tools for employee awareness to get them to report security flaws in an organization






20. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






21. Assuming someone's session who is unaware of what you are doing






22. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






23. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






24. Closed Circuit Television






25. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






26. The ability to have more than one thread associated with a process






27. Data storage formats and equipment that allow the stored data to be accessed in any order






28. Basic Input/Output System






29. The real cost of acquiring/maintaining/developing a system






30. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






31. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






32. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






33. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






34. A RFC standard. A mechanism for performing commands on a remote system






35. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






36. The frequency with which a threat is expected to occur.






37. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






38. Motive - Opportunity - and Means. These deal with crime.






39. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






40. Be at least 8 foot tall and have three strands of barbed wire.






41. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






42. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






43. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






44. Dynamic Host Configuration Protocol.






45. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






46. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






47. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






48. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






49. In the broadest sense - a fraud is a deception made for personal gain






50. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.