Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The person that determines the permissions to files. The data owner.






2. Relating to quality or kind. This assigns a level of importance to something.






3. Must be in place for you to use a biometric system






4. This is an open international standard for applications that use wireless communications.






5. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst






6. A hidden communications channel on a system that allows for the bypassing of the system security policy






7. Threat to physical security.






8. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s






9. The ability to have more than one thread associated with a process






10. Using ICMP to diagram a network






11. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






12. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.






13. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






14. Emanations from one wire coupling with another wire






15. The art of breaking code. Testing the strength of an algorithm.






16. A war dialing utility






17. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.






18. A network that uses standard protocols (TCP/IP)






19. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






20. Involving the measurement of quantity or amount.






21. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th






22. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






23. A mechanism by which connections to TCP services on a system are allowed or disallowed






24. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






25. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.






26. The person that controls access to the data






27. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






28. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.






29. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






30. A network that mimics the brain






31. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






32. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer






33. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities






34. The real cost of acquiring/maintaining/developing a system






35. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'






36. Accepting all packets






37. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






38. Closed Circuit Television






39. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






40. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






41. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.






42. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






43. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






44. Basic Input/Output System






45. White hat l0pht






46. The output of a hash function is a digest.






47. Reasonable doubt






48. Component Object Model.






49. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






50. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.