Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






2. A hidden communications channel on a system that allows for the bypassing of the system security policy






3. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






4. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






5. Occupant Emergency Plan - Employees are the most important!






6. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






7. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






8. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






9. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






10. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






11. Also known as a tunnel)






12. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






13. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






14. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






15. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






16. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






17. Network device that operates at layer 1. Concentrator.






18. Computer Incident Response Team






19. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






20. In cryptography - it is a block cipher






21. An attempt to trick the system into believing that something false is real






22. A network that mimics the brain






23. Chief Executive Officer






24. Closed Circuit Television






25. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






26. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






27. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






28. The practice of obtaining confidential information by manipulation of legitimate users.






29. Assuming someone's session who is unaware of what you are doing






30. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






31. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






32. A sandbox. Emulates an operating environment.






33. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






34. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






35. White hat l0pht






36. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






37. In a separation of duties model - this is where code is checked in and out






38. Reasonable doubt






39. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






40. A system designed to stop piggybacking.






41. Chief Information Officer






42. Internet Architecture Board. This board is responsible for protecting the Internet.






43. Signal degradation as it moves farther from its source






44. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






45. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






46. Same as a block cipher except that it is applied to a data stream one bit at a time






47. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






48. Confidentiality - Integrity - and Availability






49. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






50. In the broadest sense - a fraud is a deception made for personal gain