Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Animals with teeth. Not as discriminate as guards






2. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






3. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






4. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






5. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






6. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






7. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






8. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






9. These can be used to verify that public keys belong to certain individuals.






10. Chief Information Officer






11. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






12. To not be legal (as far as law is concerned) or ethical






13. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






14. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






15. Closed Circuit Television






16. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






17. White hat l0pht






18. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






19. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






20. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






21. Internet Architecture Board. This board is responsible for protecting the Internet.






22. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






23. The user






24. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






25. Network Address Translation






26. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






27. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






28. Involving the measurement of quantity or amount.






29. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






30. The output of a hash function is a digest.






31. When security is managed at many different points in an organization






32. The art of breaking code. Testing the strength of an algorithm.






33. Chief Executive Officer






34. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






35. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






36. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






37. A system designed to stop piggybacking.






38. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






39. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






40. When security is managed at a central point in an organization






41. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






42. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






43. A hidden communications channel on a system that allows for the bypassing of the system security policy






44. Distributed Component Object Model. Microsoft's implementation of CORBA.






45. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






46. The person that determines the permissions to files. The data owner.






47. Also civil law






48. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






49. A site that is ready physically but has no hardware in place - all it has is HVAC






50. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.