Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






2. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






3. Scanning the airwaves for radio transmissions






4. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






5. Using ICMP to diagram a network






6. Jumping into dumpsters to retrieve information about someone/something/a company






7. Access control method for database based on the content of the database to provide granular access






8. Common Object Request Broker Architecture.






9. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






10. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






11. Random Number Base






12. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






13. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






14. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






15. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






16. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






17. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






18. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






19. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






20. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






21. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






22. Something used to put out a fire. Can be in Classes A - B - C - D - or H






23. Involving the measurement of quantity or amount.






24. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






25. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






26. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






27. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






28. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






29. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






30. Setting up the user to access the honeypot for reasons other than the intent to harm.






31. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






32. When two or more processes are linked and execute multiple programs simultaneously






33. White hat l0pht






34. In cryptography - it is a block cipher






35. Computer Incident Response Team






36. Accepting all packets






37. Network device that operates at layer 1. Concentrator.






38. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






39. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






40. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






41. The user






42. Defines the objects and their attributes that exist in a database.






43. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






44. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






45. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






46. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






47. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






48. Chief Information Officer






49. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






50. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.