Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






2. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






3. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






4. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






5. Occupant Emergency Plan - Employees are the most important!






6. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






7. A gas used in fire suppression. Not human safe. Chemical reaction.






8. Confidentiality - Integrity - and Availability






9. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






10. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






11. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






12. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






13. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






14. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






15. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






16. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






17. When one key of a two-key pair has more encryption pattern than the other






18. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






19. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






20. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






21. When security is managed at a central point in an organization






22. White hat l0pht






23. Public Key Infrastructure






24. A network that mimics the brain






25. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






26. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






27. Object Linking and Embedding. The ability of an object to be embedded into another object.






28. Distributed Component Object Model. Microsoft's implementation of CORBA.






29. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






30. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






31. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






32. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






33. Continuation of Operations Plan






34. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






35. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






36. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






37. Involving the measurement of quantity or amount.






38. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






39. Assuming someone's session who is unaware of what you are doing






40. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






41. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






42. A card that holds information that must be authenticated to before it can reveal the information that it is holding






43. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






44. Ethernet - Cat5 - Twisted to allow for longer runs.






45. Defines the objects and their attributes that exist in a database.






46. Threat to physical security.






47. In a separation of duties model - this is where code is checked in and out






48. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






49. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






50. Setting up the user to access the honeypot for reasons other than the intent to harm.