Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






2. Reasonable doubt






3. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






4. Motive - Opportunity - and Means. These deal with crime.






5. Internet Relay Chat.






6. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






7. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






8. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






9. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






10. These can be used to verify that public keys belong to certain individuals.






11. The ability to have more than one thread associated with a process






12. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






13. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






14. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






15. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






16. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






17. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






18. Disclosure - Alteration - Destruction. These things break the CIA triad






19. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






20. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






21. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






22. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






23. Assuming someone's session who is unaware of what you are doing






24. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






25. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






26. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






27. The practice of obtaining confidential information by manipulation of legitimate users.






28. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






29. The frequency with which a threat is expected to occur.






30. A hidden communications channel on a system that allows for the bypassing of the system security policy






31. A network that uses proprietary protocols






32. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






33. Occupant Emergency Plan - Employees are the most important!






34. Confidentiality - Integrity - and Availability






35. A mechanism by which connections to TCP services on a system are allowed or disallowed






36. Something used to put out a fire. Can be in Classes A - B - C - D - or H






37. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






38. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






39. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






40. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






41. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






42. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






43. Accepting all packets






44. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






45. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






46. Must be in place for you to use a biometric system






47. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






48. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






49. Defines the objects and their attributes that exist in a database.






50. The art of breaking code. Testing the strength of an algorithm.