Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






2. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






3. Signal degradation as it moves farther from its source






4. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






5. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






6. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






7. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






8. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






9. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






10. Common Object Request Broker Architecture.






11. Confidentiality - Integrity - and Availability






12. A sandbox. Emulates an operating environment.






13. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






14. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






15. A RFC standard. A mechanism for performing commands on a remote system






16. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






17. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.






18. Motive - Opportunity - and Means. These deal with crime.






19. A gas used in fire suppression. Not human safe. Chemical reaction.






20. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






21. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






22. A network that mimics the brain






23. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






24. When two or more processes are linked and execute multiple programs simultaneously






25. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






26. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






27. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






28. The person that controls access to the data






29. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






30. In cryptography - it is a block cipher






31. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste






32. A technique to eliminate data redundancy.






33. Providing verification to a system






34. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






35. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






36. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






37. When security is managed at many different points in an organization






38. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






39. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






40. White hat l0pht






41. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






42. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






43. Dynamic Host Configuration Protocol.






44. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






45. Closed Circuit Television






46. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






47. Chief Information Officer






48. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






49. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






50. When security is managed at a central point in an organization