Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






2. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






3. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






4. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






5. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications






6. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






7. To not be legal (as far as law is concerned) or ethical






8. Dialing fixed sets telephone numbers looking for open modem connections to machines






9. Using ICMP to diagram a network






10. This is an open international standard for applications that use wireless communications.






11. Continuation of Operations Plan






12. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






13. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






14. Internet Architecture Board. This board is responsible for protecting the Internet.






15. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






16. These can be used to verify that public keys belong to certain individuals.






17. Making individuals accountable for their actions on a system typically through the use of auditing






18. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






19. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






20. The person that controls access to the data






21. Component Object Model.






22. Emanations from one wire coupling with another wire






23. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






24. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






25. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






26. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






27. Personal - Network - and Application






28. The act of identifying yourself. Providing your identity to a system






29. Threat to physical security.






30. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






31. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






32. Object Linking and Embedding. The ability of an object to be embedded into another object.






33. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






34. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.






35. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






36. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






37. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






39. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






40. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.






41. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






42. Also known as a tunnel)






43. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






44. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






45. Someone whose hacking is primarily targeted at the phone systems






46. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet






47. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






48. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






49. Dynamic Host Configuration Protocol.






50. Also civil law