Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hidden communications channel on a system that allows for the bypassing of the system security policy






2. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






3. Emanations from one wire coupling with another wire






4. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






5. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






6. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






7. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






8. A network entity that provides a single entrance / exit point to the Internet.






9. Network device that operates at layer 1. Concentrator.






10. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






11. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






12. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






13. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






14. Accepting all packets






15. Confidentiality - Integrity - and Availability






16. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






17. This is an open international standard for applications that use wireless communications.






18. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






19. Component Object Model.






20. Providing verification to a system






21. Same as a block cipher except that it is applied to a data stream one bit at a time






22. Personal - Network - and Application






23. More discriminate than dogs






24. The intercepting of conversations by unintended recipients






25. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






26. Also known as a tunnel)






27. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






28. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






29. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






30. Repeats the signal. It amplifies the signal before sending it on.






31. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






32. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






33. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






34. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






35. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






36. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






37. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






38. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






39. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






40. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






41. Object Linking and Embedding. The ability of an object to be embedded into another object.






42. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






43. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






44. Chief Executive Officer






45. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






46. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






47. Method of authenticating to a system. Something that you supply and something you know.






48. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






49. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






50. Internet Architecture Board. This board is responsible for protecting the Internet.