Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






2. White hat l0pht






3. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






4. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.






5. Component Object Model.






6. The act of identifying yourself. Providing your identity to a system






7. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






8. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






9. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






10. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






11. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






12. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






13. Random Number Base






14. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






15. Enticing people to hit your honeypot to see how they try to access your system.






16. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






17. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






18. Closed Circuit Television






19. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






20. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






21. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






22. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






23. 'If you cant see it - its secure'. Bad policy to live by.






24. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






25. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






26. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






27. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






28. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






29. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






30. Threat to physical security.






31. A military standard defining controls for emanation protection






32. After implementing countermeasures - accepting risk for the amount of vulnerability left over






33. Accepting all packets






34. A technique to eliminate data redundancy.






35. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






36. In a separation of duties model - this is where code is checked in and out






37. These can be used to verify that public keys belong to certain individuals.






38. Emanations from one wire coupling with another wire






39. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






40. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






41. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






42. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






43. An instance of a scripting language






44. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






45. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






46. In cryptography - it is a block cipher






47. Ethernet - Cat5 - Twisted to allow for longer runs.






48. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






49. A gas used in fire suppression. Not human safe. Chemical reaction.






50. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.