Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






2. These viruses usually infect both boot records and files.






3. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






4. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






5. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






6. Common Object Request Broker Architecture.






7. Object Linking and Embedding. The ability of an object to be embedded into another object.






8. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






9. Internet Architecture Board. This board is responsible for protecting the Internet.






10. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






11. Encompasses Risk Analysis and Risk Mitigation






12. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






13. A sandbox. Emulates an operating environment.






14. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






15. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






16. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






17. Entails planning and system actions to ensure that a project is following good quality management practices






18. When one key of a two-key pair has more encryption pattern than the other






19. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






20. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






21. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






22. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






23. An attempt to trick the system into believing that something false is real






24. The process of reducing your risks to an acceptable level based on your risk analysis






25. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






26. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






27. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






28. After implementing countermeasures - accepting risk for the amount of vulnerability left over






29. A network that uses standard protocols (TCP/IP)






30. Accepting all packets






31. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






32. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






33. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






34. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






35. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






36. A network entity that provides a single entrance / exit point to the Internet.






37. Public Key Infrastructure






38. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






39. Enticing people to hit your honeypot to see how they try to access your system.






40. Must be in place for you to use a biometric system






41. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






42. White hat l0pht






43. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






44. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






45. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






46. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






47. Computer Incident Response Team






48. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






49. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






50. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....