Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






2. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






3. The process of reducing your risks to an acceptable level based on your risk analysis






4. Object Linking and Embedding. The ability of an object to be embedded into another object.






5. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






6. Be at least 8 foot tall and have three strands of barbed wire.






7. After implementing countermeasures - accepting risk for the amount of vulnerability left over






8. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






9. An attempt to trick the system into believing that something false is real






10. Involving the measurement of quantity or amount.






11. A network that uses proprietary protocols






12. Random Number Base






13. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






14. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






15. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






16. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






17. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






18. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






19. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






20. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






21. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






22. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






23. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






24. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






25. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






26. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






27. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






28. When two or more processes are linked and execute multiple programs simultaneously






29. Transferring your risk to someone else - typically an insurance company






30. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






31. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






32. Someone whose hacking is primarily targeted at the phone systems






33. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






34. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






35. Data storage formats and equipment that allow the stored data to be accessed in any order






36. Motive - Opportunity - and Means. These deal with crime.






37. A site that has some equipment in place - and can be up within days






38. Emanations from one wire coupling with another wire






39. Internet Architecture Board. This board is responsible for protecting the Internet.






40. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






41. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






42. A hidden communications channel on a system that allows for the bypassing of the system security policy






43. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






44. Chief Information Officer






45. Personal - Network - and Application






46. Relating to quality or kind. This assigns a level of importance to something.






47. The person that determines the permissions to files. The data owner.






48. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






49. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






50. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.