Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Internet Architecture Board. This board is responsible for protecting the Internet.






2. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






3. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






4. A hidden communications channel on a system that allows for the bypassing of the system security policy






5. An instance of a scripting language






6. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po






7. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






8. A war dialing utility






9. Network device that operates at layer 1. Concentrator.






10. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






11. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






12. Data storage formats and equipment that allow the stored data to be accessed in any order






13. Assuming someone's session who is unaware of what you are doing






14. Basic Input/Output System






15. After implementing countermeasures - accepting risk for the amount of vulnerability left over






16. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






17. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






18. Once authenticated - the level of access you have to a system






19. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






20. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






21. Also known as a tunnel)






22. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






23. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






24. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






25. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






26. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






27. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






28. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






29. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






30. Something used to put out a fire. Can be in Classes A - B - C - D - or H






31. Closed Circuit Television






32. A site that has some equipment in place - and can be up within days






33. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






34. When security is managed at many different points in an organization






35. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






36. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






37. Involving the measurement of quantity or amount.






38. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






39. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






40. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






41. Enticing people to hit your honeypot to see how they try to access your system.






42. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






43. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






44. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






45. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.






46. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






47. Access control method for database based on the content of the database to provide granular access






48. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






49. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






50. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.