Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Internet Architecture Board. This board is responsible for protecting the Internet.






2. The physical part of a computer - as distinguished from the computer software that executes within the hardware.






3. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






4. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






5. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






6. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






7. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






8. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






9. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






10. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






11. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






12. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.






13. Public Key Infrastructure






14. Dynamic Host Configuration Protocol.






15. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






16. The practice of following someone with a security code or keycard through a security door - generally in workplaces.






17. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






18. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






19. Network Address Translation






20. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






21. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






22. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






23. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






24. These can be used to verify that public keys belong to certain individuals.






25. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






26. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message






27. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






28. The real cost of acquiring/maintaining/developing a system






29. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






30. Confidentiality - Integrity - and Availability






31. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






32. The output of a hash function is a digest.






33. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






34. When one key of a two-key pair has more encryption pattern than the other






35. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac






36. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






37. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






38. An attempt to trick the system into believing that something false is real






39. Data storage formats and equipment that allow the stored data to be accessed in any order






40. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






41. Disclosure - Alteration - Destruction. These things break the CIA triad






42. Chief Executive Officer






43. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






44. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






45. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






46. Providing verification to a system






47. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






48. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.






49. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






50. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho