Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Closed Circuit Television






2. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






3. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






4. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






5. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






6. Also civil law






7. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






8. The art of breaking code. Testing the strength of an algorithm.






9. Computer Incident Response Team






10. The intercepting of conversations by unintended recipients






11. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






12. Reasonable doubt






13. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






14. Network Address Translation






15. Relating to quality or kind. This assigns a level of importance to something.






16. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






17. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






18. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






19. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






20. Enticing people to hit your honeypot to see how they try to access your system.






21. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






22. A system designed to stop piggybacking.






23. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






24. A RFC standard. A mechanism for performing commands on a remote system






25. Assuming someone's session who is unaware of what you are doing






26. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






27. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






28. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






29. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






30. More discriminate than dogs






31. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






32. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






33. These viruses usually infect both boot records and files.






34. In cryptography - it is a block cipher






35. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






36. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






37. A site that is ready physically but has no hardware in place - all it has is HVAC






38. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






39. Scanning the airwaves for radio transmissions






40. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






41. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






42. Method of authenticating to a system. Something that you supply and something you know.






43. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






44. 'If you cant see it - its secure'. Bad policy to live by.






45. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






46. A war dialing utility






47. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






48. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






49. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






50. White hat l0pht