Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Disclosure - Alteration - Destruction. These things break the CIA triad






2. These can be used to verify that public keys belong to certain individuals.






3. A sandbox. Emulates an operating environment.






4. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






5. A technique to eliminate data redundancy.






6. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






7. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






8. Signal degradation as it moves farther from its source






9. A hidden communications channel on a system that allows for the bypassing of the system security policy






10. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






11. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






12. Random Number Base






13. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






14. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






15. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






16. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






17. The practice of obtaining confidential information by manipulation of legitimate users.






18. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






19. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






20. When security is managed at many different points in an organization






21. Chief Information Officer






22. Ethernet - Cat5 - Twisted to allow for longer runs.






23. Internet Relay Chat.






24. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






25. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






26. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






27. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






28. The user






29. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






30. 'If you cant see it - its secure'. Bad policy to live by.






31. Relating to quality or kind. This assigns a level of importance to something.






32. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






33. Closed Circuit Television






34. Distributed Component Object Model. Microsoft's implementation of CORBA.






35. The frequency with which a threat is expected to occur.






36. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






37. Animals with teeth. Not as discriminate as guards






38. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






39. The intercepting of conversations by unintended recipients






40. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






41. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






42. Enticing people to hit your honeypot to see how they try to access your system.






43. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






44. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






45. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






46. White hat l0pht






47. Entails planning and system actions to ensure that a project is following good quality management practices






48. Public Key Infrastructure






49. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






50. Providing verification to a system