Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






2. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






3. A network that uses standard protocols (TCP/IP)






4. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






5. Distributed Component Object Model. Microsoft's implementation of CORBA.






6. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






7. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






8. These can be used to verify that public keys belong to certain individuals.






9. An attempt to trick the system into believing that something false is real






10. To not be legal (as far as law is concerned) or ethical






11. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






12. Chief Information Officer






13. A network entity that provides a single entrance / exit point to the Internet.






14. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






15. Internet Relay Chat.






16. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






17. Access control method for database based on the content of the database to provide granular access






18. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






19. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






20. Rolling command center with UPS - satellite - uplink - power - etc.






21. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






22. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






23. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






24. Assuming someone's session who is unaware of what you are doing






25. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






26. Chief Executive Officer






27. Encompasses Risk Analysis and Risk Mitigation






28. When security is managed at many different points in an organization






29. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






30. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






31. Common Object Request Broker Architecture.






32. Occupant Emergency Plan - Employees are the most important!






33. Method of authenticating to a system. Something that you supply and something you know.






34. In cryptography - it is a block cipher






35. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






36. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






37. Someone whose hacking is primarily targeted at the phone systems






38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






39. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






40. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






41. Making individuals accountable for their actions on a system typically through the use of auditing






42. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






43. These viruses usually infect both boot records and files.






44. Something used to put out a fire. Can be in Classes A - B - C - D - or H






45. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






46. Data storage formats and equipment that allow the stored data to be accessed in any order






47. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






48. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






49. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






50. Setting up the user to access the honeypot for reasons other than the intent to harm.