Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A technique to eliminate data redundancy.






2. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






3. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






4. Method of authenticating to a system. Something that you supply and something you know.






5. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






6. Defines the objects and their attributes that exist in a database.






7. Signal degradation as it moves farther from its source






8. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






9. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






10. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






11. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






12. A network entity that provides a single entrance / exit point to the Internet.






13. Ethernet - Cat5 - Twisted to allow for longer runs.






14. Personal - Network - and Application






15. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






16. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






17. The ability to have more than one thread associated with a process






18. Jumping into dumpsters to retrieve information about someone/something/a company






19. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






20. When one key of a two-key pair has more encryption pattern than the other






21. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






22. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






23. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






24. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






25. Computer Incident Response Team






26. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






27. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






28. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






29. The frequency with which a threat is expected to occur.






30. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






31. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






32. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






33. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






34. CISSPs subscribe to a code of ethics for building up the security profession






35. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






36. This is an open international standard for applications that use wireless communications.






37. A site that has some equipment in place - and can be up within days






38. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






39. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






40. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






41. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






42. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






43. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






44. The practice of obtaining confidential information by manipulation of legitimate users.






45. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






46. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






47. Same as a block cipher except that it is applied to a data stream one bit at a time






48. Internet Relay Chat.






49. Enticing people to hit your honeypot to see how they try to access your system.






50. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






Can you answer 50 questions in 15 minutes?



Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests