Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






2. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






3. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






4. After implementing countermeasures - accepting risk for the amount of vulnerability left over






5. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






6. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






7. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






8. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






9. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






10. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






11. Assuming someone's session who is unaware of what you are doing






12. Distributed Component Object Model. Microsoft's implementation of CORBA.






13. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






14. The practice of obtaining confidential information by manipulation of legitimate users.






15. A network entity that provides a single entrance / exit point to the Internet.






16. Dynamic Host Configuration Protocol.






17. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






18. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






19. Good for distance - longer than 100M






20. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






21. A network that uses proprietary protocols






22. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






23. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






24. Ethernet - Cat5 - Twisted to allow for longer runs.






25. Motive - Opportunity - and Means. These deal with crime.






26. A technique to eliminate data redundancy.






27. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






28. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






29. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






30. Basic Input/Output System






31. Chief Information Officer






32. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






33. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






34. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






35. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






36. Must be in place for you to use a biometric system






37. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






38. Data storage formats and equipment that allow the stored data to be accessed in any order






39. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






40. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






41. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






42. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






43. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






44. The person that controls access to the data






45. A military standard defining controls for emanation protection






46. Public Key Infrastructure






47. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






48. Involving the measurement of quantity or amount.






49. Disclosure - Alteration - Destruction. These things break the CIA triad






50. Continuation of Operations Plan