Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






2. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






3. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






4. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






5. Network Address Translation






6. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






7. Network devices that operate at layer 3. This device separates broadcast domains.






8. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






9. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






10. Enticing people to hit your honeypot to see how they try to access your system.






11. Accepting all packets






12. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






13. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






14. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






15. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






16. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






17. Method of authenticating to a system. Something that you supply and something you know.






18. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






19. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






20. The person that determines the permissions to files. The data owner.






21. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






22. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






23. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






24. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






25. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






26. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






27. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






28. A RFC standard. A mechanism for performing commands on a remote system






29. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






30. Chief Information Officer






31. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






32. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






33. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






34. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






35. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






36. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






37. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






38. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






39. Emanations from one wire coupling with another wire






40. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






41. An attempt to trick the system into believing that something false is real






42. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






43. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






44. Also civil law






45. A site that has some equipment in place - and can be up within days






46. Assuming someone's session who is unaware of what you are doing






47. The output of a hash function is a digest.






48. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






49. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






50. Distributed Component Object Model. Microsoft's implementation of CORBA.