Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a separation of duties model - this is where code is checked in and out






2. A network that uses proprietary protocols






3. Chief Information Officer






4. Software designed to infiltrate or damage a computer system - without the owner's consent.






5. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






6. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






7. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






8. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






9. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






10. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






11. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






12. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






13. These viruses usually infect both boot records and files.






14. Data storage formats and equipment that allow the stored data to be accessed in any order






15. Accepting all packets






16. The person that controls access to the data






17. A RFC standard. A mechanism for performing commands on a remote system






18. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






19. Personal - Network - and Application






20. Closed Circuit Television






21. Confidentiality - Integrity - and Availability






22. A network that uses standard protocols (TCP/IP)






23. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






24. The output of a hash function is a digest.






25. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






26. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






27. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






28. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






29. The person that determines the permissions to files. The data owner.






30. Be at least 8 foot tall and have three strands of barbed wire.






31. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






32. Good for distance - longer than 100M






33. The real cost of acquiring/maintaining/developing a system






34. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






35. The art of breaking code. Testing the strength of an algorithm.






36. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






37. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






38. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






39. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






40. Someone whose hacking is primarily targeted at the phone systems






41. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






42. Setting up the user to access the honeypot for reasons other than the intent to harm.






43. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






44. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






45. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






46. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






47. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






48. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






49. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






50. Network Address Translation