Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A card that holds information that must be authenticated to before it can reveal the information that it is holding






2. White hat l0pht






3. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






4. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






5. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






6. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






7. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






8. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






9. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






10. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






11. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






12. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






13. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






14. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






15. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






16. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






17. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






18. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






19. A technique to eliminate data redundancy.






20. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






21. Same as a block cipher except that it is applied to a data stream one bit at a time






22. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






23. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






24. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






25. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






26. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






27. Relating to quality or kind. This assigns a level of importance to something.






28. Access control method for database based on the content of the database to provide granular access






29. When security is managed at many different points in an organization






30. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






31. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






32. Transferring your risk to someone else - typically an insurance company






33. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






34. The person that determines the permissions to files. The data owner.






35. The person that controls access to the data






36. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






37. These can be used to verify that public keys belong to certain individuals.






38. Computer Incident Response Team






39. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






40. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






41. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






42. Once authenticated - the level of access you have to a system






43. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






44. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






45. This is an open international standard for applications that use wireless communications.






46. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






47. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






48. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






49. The art of breaking code. Testing the strength of an algorithm.






50. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests