Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






2. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






3. These viruses usually infect both boot records and files.






4. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






5. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






6. A site that has some equipment in place - and can be up within days






7. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






8. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






9. Relating to quality or kind. This assigns a level of importance to something.






10. A RFC standard. A mechanism for performing commands on a remote system






11. Network device that operates at layer 1. Concentrator.






12. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






13. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






14. Chief Executive Officer






15. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






16. More discriminate than dogs






17. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






18. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






19. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






20. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






21. After implementing countermeasures - accepting risk for the amount of vulnerability left over






22. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






23. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.






24. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






25. In cryptography - it is a block cipher






26. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






27. Encompasses Risk Analysis and Risk Mitigation






28. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






29. Good for distance - longer than 100M






30. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






31. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






32. CISSPs subscribe to a code of ethics for building up the security profession






33. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






34. A network that uses standard protocols (TCP/IP)






35. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






36. Setting up the user to access the honeypot for reasons other than the intent to harm.






37. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






38. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






39. Internet Relay Chat.






40. Same as a block cipher except that it is applied to a data stream one bit at a time






41. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






42. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






43. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






44. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






45. Dialing fixed sets telephone numbers looking for open modem connections to machines






46. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






47. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






48. This is an open international standard for applications that use wireless communications.






49. Basic Input/Output System






50. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c