Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






2. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






3. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






4. In the broadest sense - a fraud is a deception made for personal gain






5. The person that controls access to the data






6. Same as a block cipher except that it is applied to a data stream one bit at a time






7. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






8. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






9. The act of identifying yourself. Providing your identity to a system






10. Emanations from one wire coupling with another wire






11. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






12. Also civil law






13. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






14. A site that has some equipment in place - and can be up within days






15. These can be used to verify that public keys belong to certain individuals.






16. Something used to put out a fire. Can be in Classes A - B - C - D - or H






17. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






18. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






19. Setting up the user to access the honeypot for reasons other than the intent to harm.






20. Internet Relay Chat.






21. Occupant Emergency Plan - Employees are the most important!






22. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






23. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






24. This is an open international standard for applications that use wireless communications.






25. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






26. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






27. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






28. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






29. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






30. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






31. Someone whose hacking is primarily targeted at the phone systems






32. An attempt to trick the system into believing that something false is real






33. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






34. Random Number Base






35. Scanning the airwaves for radio transmissions






36. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






37. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






38. Motive - Opportunity - and Means. These deal with crime.






39. Access control method for database based on the content of the database to provide granular access






40. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






41. Network device that operates at layer 1. Concentrator.






42. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






43. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






44. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






45. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






46. Software designed to infiltrate or damage a computer system - without the owner's consent.






47. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






48. Repeats the signal. It amplifies the signal before sending it on.






49. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






50. Dynamic Host Configuration Protocol.