Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database






2. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






3. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






4. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.






5. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






6. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






7. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






8. When two or more processes are linked and execute multiple programs simultaneously






9. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






10. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






11. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






12. The frequency with which a threat is expected to occur.






13. Basic Input/Output System






14. A technique to eliminate data redundancy.






15. Network device that operates at layer 1. Concentrator.






16. The intercepting of conversations by unintended recipients






17. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






18. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






19. Once authenticated - the level of access you have to a system






20. 'If you cant see it - its secure'. Bad policy to live by.






21. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






22. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






23. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






24. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






25. The person that controls access to the data






26. The process of reducing your risks to an acceptable level based on your risk analysis






27. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






28. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)






29. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






30. Defines the objects and their attributes that exist in a database.






31. An attempt to trick the system into believing that something false is real






32. CISSPs subscribe to a code of ethics for building up the security profession






33. The art of breaking code. Testing the strength of an algorithm.






34. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






35. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






36. To not be legal (as far as law is concerned) or ethical






37. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






38. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of






39. Method of authenticating to a system. Something that you supply and something you know.






40. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






41. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.






42. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






43. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






44. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






45. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






46. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB






47. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.






48. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






49. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






50. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc