Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






2. Making individuals accountable for their actions on a system typically through the use of auditing






3. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






4. Network devices that operate at layer 3. This device separates broadcast domains.






5. Scanning the airwaves for radio transmissions






6. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






7. Common Object Request Broker Architecture.






8. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






9. Method of authenticating to a system. Something that you supply and something you know.






10. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






11. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






12. Ethernet - Cat5 - Twisted to allow for longer runs.






13. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.






14. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






15. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






16. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






17. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






18. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






19. Providing verification to a system






20. Animals with teeth. Not as discriminate as guards






21. Setting up the user to access the honeypot for reasons other than the intent to harm.






22. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






23. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






24. Network device that operates at layer 1. Concentrator.






25. Continuation of Operations Plan






26. Using ICMP to diagram a network






27. Same as a block cipher except that it is applied to a data stream one bit at a time






28. Confidentiality - Integrity - and Availability






29. Closed Circuit Television






30. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






31. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






32. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






33. When security is managed at many different points in an organization






34. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






35. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






36. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






37. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






38. Random Number Base






39. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






40. White hat l0pht






41. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






42. Must be in place for you to use a biometric system






43. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






44. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






45. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






46. A site that is ready physically but has no hardware in place - all it has is HVAC






47. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






48. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






49. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






50. A mechanism by which connections to TCP services on a system are allowed or disallowed