Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






2. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






3. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






4. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






5. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






6. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






7. The user






8. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






9. The art of breaking code. Testing the strength of an algorithm.






10. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






11. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






12. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






13. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






14. Network device that operates at layer 1. Concentrator.






15. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






16. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






17. Something used to put out a fire. Can be in Classes A - B - C - D - or H






18. The intercepting of conversations by unintended recipients






19. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






20. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






21. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






22. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






23. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






24. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






25. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.






26. Providing verification to a system






27. An attempt to trick the system into believing that something false is real






28. Also known as a tunnel)






29. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






30. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






31. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






32. Entails planning and system actions to ensure that a project is following good quality management practices






33. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






34. When two or more processes are linked and execute multiple programs simultaneously






35. Good for distance - longer than 100M






36. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






37. A RFC standard. A mechanism for performing commands on a remote system






38. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






39. Component Object Model.






40. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






41. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






42. 'If you cant see it - its secure'. Bad policy to live by.






43. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






44. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






45. Object Linking and Embedding. The ability of an object to be embedded into another object.






46. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






47. Making individuals accountable for their actions on a system typically through the use of auditing






48. A network that uses proprietary protocols






49. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






50. A network that uses standard protocols (TCP/IP)