Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Motive - Opportunity - and Means. These deal with crime.






2. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






3. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






4. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






5. Be at least 8 foot tall and have three strands of barbed wire.






6. Object Linking and Embedding. The ability of an object to be embedded into another object.






7. When one key of a two-key pair has more encryption pattern than the other






8. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






9. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






10. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






11. Computer Incident Response Team






12. Also civil law






13. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






14. Reasonable doubt






15. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






16. The real cost of acquiring/maintaining/developing a system






17. Animals with teeth. Not as discriminate as guards






18. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






19. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






20. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






21. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






22. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






23. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






24. Accepting all packets






25. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






26. A gas used in fire suppression. Not human safe. Chemical reaction.






27. A sandbox. Emulates an operating environment.






28. Transferring your risk to someone else - typically an insurance company






29. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






30. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






31. The act of identifying yourself. Providing your identity to a system






32. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.






33. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






34. A technique to eliminate data redundancy.






35. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






36. Confidentiality - Integrity - and Availability






37. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






38. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






39. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






40. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






41. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






42. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






43. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






44. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






45. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






46. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






47. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






48. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






49. Signal degradation as it moves farther from its source






50. These can be used to verify that public keys belong to certain individuals.