Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






2. The output of a hash function is a digest.






3. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






4. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






5. A technique to eliminate data redundancy.






6. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






7. Emanations from one wire coupling with another wire






8. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






9. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






10. Same as a block cipher except that it is applied to a data stream one bit at a time






11. A hidden communications channel on a system that allows for the bypassing of the system security policy






12. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






13. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






14. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






15. Object Linking and Embedding. The ability of an object to be embedded into another object.






16. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






17. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






18. Good for distance - longer than 100M






19. Internet Relay Chat.






20. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






21. The person that determines the permissions to files. The data owner.






22. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






23. CISSPs subscribe to a code of ethics for building up the security profession






24. Network Address Translation






25. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






26. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






27. Threat to physical security.






28. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






29. Data storage formats and equipment that allow the stored data to be accessed in any order






30. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






31. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






32. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






33. Encompasses Risk Analysis and Risk Mitigation






34. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






35. Distributed Component Object Model. Microsoft's implementation of CORBA.






36. Using ICMP to diagram a network






37. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






38. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






39. Personal - Network - and Application






40. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






41. The practice of obtaining confidential information by manipulation of legitimate users.






42. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






43. Also civil law






44. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






45. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






46. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






47. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






48. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






49. Rolling command center with UPS - satellite - uplink - power - etc.






50. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.