Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






2. The ability to have more than one thread associated with a process






3. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






4. Scanning the airwaves for radio transmissions






5. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






6. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






7. A military standard defining controls for emanation protection






8. A war dialing utility






9. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






10. A network that uses proprietary protocols






11. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






12. Dialing fixed sets telephone numbers looking for open modem connections to machines






13. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






14. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






15. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






16. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






17. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






18. An attempt to trick the system into believing that something false is real






19. Disclosure - Alteration - Destruction. These things break the CIA triad






20. Distributed Component Object Model. Microsoft's implementation of CORBA.






21. Basic Input/Output System






22. When security is managed at many different points in an organization






23. Someone who hacks






24. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






25. A hidden communications channel on a system that allows for the bypassing of the system security policy






26. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






27. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






28. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






29. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






30. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






31. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






32. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






33. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






34. Continuation of Operations Plan






35. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






36. The intercepting of conversations by unintended recipients






37. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






38. Personal - Network - and Application






39. Involving the measurement of quantity or amount.






40. The process of reducing your risks to an acceptable level based on your risk analysis






41. Signal degradation as it moves farther from its source






42. This is an open international standard for applications that use wireless communications.






43. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






44. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






45. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






46. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






47. Animals with teeth. Not as discriminate as guards






48. Emanations from one wire coupling with another wire






49. Something used to put out a fire. Can be in Classes A - B - C - D - or H






50. Internet Architecture Board. This board is responsible for protecting the Internet.