Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Accepting all packets






2. A military standard defining controls for emanation protection






3. Occupant Emergency Plan - Employees are the most important!






4. Animals with teeth. Not as discriminate as guards






5. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






6. Something used to put out a fire. Can be in Classes A - B - C - D - or H






7. Must be in place for you to use a biometric system






8. Relating to quality or kind. This assigns a level of importance to something.






9. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






10. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.






11. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






12. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






13. The person that determines the permissions to files. The data owner.






14. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






15. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






16. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






17. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






18. Repeats the signal. It amplifies the signal before sending it on.






19. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






20. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






21. Motive - Opportunity - and Means. These deal with crime.






22. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






23. Computer Incident Response Team






24. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.






25. Same as a block cipher except that it is applied to a data stream one bit at a time






26. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






27. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






28. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






29. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






30. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






31. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






32. Personal - Network - and Application






33. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work






34. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






35. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






36. Data storage formats and equipment that allow the stored data to be accessed in any order






37. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






38. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






39. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






40. Setting up the user to access the honeypot for reasons other than the intent to harm.






41. A hidden communications channel on a system that allows for the bypassing of the system security policy






42. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






43. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






44. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






45. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp






46. The frequency with which a threat is expected to occur.






47. A sandbox. Emulates an operating environment.






48. Internet Relay Chat.






49. Enticing people to hit your honeypot to see how they try to access your system.






50. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.