Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Threat to physical security.






2. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.






3. Continuation of Operations Plan






4. Computer Incident Response Team






5. Access control method for database based on the content of the database to provide granular access






6. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






7. A network entity that provides a single entrance / exit point to the Internet.






8. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






9. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.






10. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected






11. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.






12. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc






13. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






14. Distributed Component Object Model. Microsoft's implementation of CORBA.






15. A site that is ready physically but has no hardware in place - all it has is HVAC






16. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






17. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






18. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






19. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t






20. Network device that operates at layer 1. Concentrator.






21. A hidden communications channel on a system that allows for the bypassing of the system security policy






22. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






23. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






24. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






25. The frequency with which a threat is expected to occur.






26. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






27. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network






28. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






29. The person that controls access to the data






30. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.






31. Making individuals accountable for their actions on a system typically through the use of auditing






32. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.






33. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






34. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.






35. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






36. Using ICMP to diagram a network






37. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.






38. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access






39. A mechanism by which connections to TCP services on a system are allowed or disallowed






40. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






41. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user






42. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






43. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






44. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






45. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






46. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






47. In cryptography - it is a block cipher






48. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






49. A network that mimics the brain






50. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'