Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






2. Distributed Component Object Model. Microsoft's implementation of CORBA.






3. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






4. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






5. A network entity that provides a single entrance / exit point to the Internet.






6. These viruses usually infect both boot records and files.






7. Disclosure - Alteration - Destruction. These things break the CIA triad






8. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






9. Also known as a tunnel)






10. Continuation of Operations Plan






11. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






12. Computer Incident Response Team






13. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






14. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






15. Accepting all packets






16. Signal degradation as it moves farther from its source






17. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






18. The frequency with which a threat is expected to occur.






19. White hat l0pht






20. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






21. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






22. Public Key Infrastructure






23. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






24. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






25. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






26. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






27. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






28. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






29. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






30. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






31. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






32. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






33. In the broadest sense - a fraud is a deception made for personal gain






34. Must be in place for you to use a biometric system






35. Motivational tools for employee awareness to get them to report security flaws in an organization






36. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






37. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






38. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






39. Repeats the signal. It amplifies the signal before sending it on.






40. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






41. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






42. Be at least 8 foot tall and have three strands of barbed wire.






43. A technique to eliminate data redundancy.






44. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






45. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






46. A sandbox. Emulates an operating environment.






47. Someone who hacks






48. A hidden communications channel on a system that allows for the bypassing of the system security policy






49. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






50. Enticing people to hit your honeypot to see how they try to access your system.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests