Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






2. A system designed to stop piggybacking.






3. This is an open international standard for applications that use wireless communications.






4. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






5. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






6. Relating to quality or kind. This assigns a level of importance to something.






7. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






8. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






9. When security is managed at many different points in an organization






10. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






11. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






12. Setting up the user to access the honeypot for reasons other than the intent to harm.






13. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






14. A site that is ready physically but has no hardware in place - all it has is HVAC






15. Software designed to infiltrate or damage a computer system - without the owner's consent.






16. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






17. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






18. Continuation of Operations Plan






19. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






20. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






21. Emanations from one wire coupling with another wire






22. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






23. Defines the objects and their attributes that exist in a database.






24. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






25. Internet Architecture Board. This board is responsible for protecting the Internet.






26. A network that uses standard protocols (TCP/IP)






27. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






28. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






29. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






30. White hat l0pht






31. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






32. Network device that operates at layer 1. Concentrator.






33. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






34. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






35. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






36. Providing verification to a system






37. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






38. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






39. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






40. The output of a hash function is a digest.






41. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






42. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






43. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






44. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






45. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






46. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






47. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






48. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






49. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






50. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp