Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






2. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






3. Emanations from one wire coupling with another wire






4. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






5. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






6. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






7. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






8. A card that holds information that must be authenticated to before it can reveal the information that it is holding






9. Continuation of Operations Plan






10. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






11. Scanning the airwaves for radio transmissions






12. 'If you cant see it - its secure'. Bad policy to live by.






13. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






14. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






15. Must be in place for you to use a biometric system






16. The art of breaking code. Testing the strength of an algorithm.






17. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






18. Something used to put out a fire. Can be in Classes A - B - C - D - or H






19. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






20. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






21. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






22. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






23. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






24. Providing verification to a system






25. Chief Executive Officer






26. An instance of a scripting language






27. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






28. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






29. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






30. More discriminate than dogs






31. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






32. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






33. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






34. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






35. Good for distance - longer than 100M






36. Relating to quality or kind. This assigns a level of importance to something.






37. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






38. A system designed to stop piggybacking.






39. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






40. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






41. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






42. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






43. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






44. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






45. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






46. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






47. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






48. A network that mimics the brain






49. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






50. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.