Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Random Number Base






2. When security is managed at a central point in an organization






3. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






4. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






5. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






6. Software designed to infiltrate or damage a computer system - without the owner's consent.






7. A card that holds information that must be authenticated to before it can reveal the information that it is holding






8. A sandbox. Emulates an operating environment.






9. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






10. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






11. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






12. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






13. An attempt to trick the system into believing that something false is real






14. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






15. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






16. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






17. Making individuals accountable for their actions on a system typically through the use of auditing






18. Something used to put out a fire. Can be in Classes A - B - C - D - or H






19. Involving the measurement of quantity or amount.






20. The process of reducing your risks to an acceptable level based on your risk analysis






21. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






22. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






23. The person that determines the permissions to files. The data owner.






24. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






25. Network devices that operate at layer 3. This device separates broadcast domains.






26. A network that uses proprietary protocols






27. A network that mimics the brain






28. Also known as a tunnel)






29. Network device that operates at layer 1. Concentrator.






30. Someone who hacks






31. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






32. Distributed Component Object Model. Microsoft's implementation of CORBA.






33. Animals with teeth. Not as discriminate as guards






34. Rolling command center with UPS - satellite - uplink - power - etc.






35. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






36. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






37. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






38. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






39. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






40. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






41. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






42. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






43. Threat to physical security.






44. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






45. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






46. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






47. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






48. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






49. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






50. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th