Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






2. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






3. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






4. This factor represents a measure of the magnitude of loss or impact on the value of an asset.






5. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






6. A RFC standard. A mechanism for performing commands on a remote system






7. Chief Executive Officer






8. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






9. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






10. When one key of a two-key pair has more encryption pattern than the other






11. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






12. These viruses usually infect both boot records and files.






13. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






14. Repeats the signal. It amplifies the signal before sending it on.






15. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






16. A site that is ready physically but has no hardware in place - all it has is HVAC






17. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






18. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






19. Also known as a tunnel)






20. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






21. Assuming someone's session who is unaware of what you are doing






22. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






23. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






24. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






25. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






26. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






27. Ethernet - Cat5 - Twisted to allow for longer runs.






28. CISSPs subscribe to a code of ethics for building up the security profession






29. White hat l0pht






30. The art of breaking code. Testing the strength of an algorithm.






31. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






32. Someone whose hacking is primarily targeted at the phone systems






33. A network entity that provides a single entrance / exit point to the Internet.






34. A technique to eliminate data redundancy.






35. Involving the measurement of quantity or amount.






36. Entails planning and system actions to ensure that a project is following good quality management practices






37. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






38. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






39. Same as a block cipher except that it is applied to a data stream one bit at a time






40. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






41. Something used to put out a fire. Can be in Classes A - B - C - D - or H






42. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






43. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






44. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






45. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






46. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






47. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






48. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






49. The real cost of acquiring/maintaining/developing a system






50. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected