Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 30 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






2. A card that holds information that must be authenticated to before it can reveal the information that it is holding






3. Closed Circuit Television






4. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






5. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






6. An instance of a scripting language






7. Software designed to infiltrate or damage a computer system - without the owner's consent.






8. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






9. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






10. Personal - Network - and Application






11. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






12. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






13. The person that controls access to the data






14. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






15. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






16. Access control method for database based on the content of the database to provide granular access






17. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






18. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






19. A military standard defining controls for emanation protection






20. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






21. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






22. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






23. Jumping into dumpsters to retrieve information about someone/something/a company






24. Involving the measurement of quantity or amount.






25. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






26. 'If you cant see it - its secure'. Bad policy to live by.






27. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






28. A network that mimics the brain






29. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






30. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






31. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






32. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






33. Enticing people to hit your honeypot to see how they try to access your system.






34. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






35. A war dialing utility






36. The ability to have more than one thread associated with a process






37. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






38. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






39. The art of breaking code. Testing the strength of an algorithm.






40. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






41. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






42. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






43. The act of identifying yourself. Providing your identity to a system






44. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






45. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






46. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






47. Providing verification to a system






48. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






49. Scanning the airwaves for radio transmissions






50. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.