Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and






2. Data storage formats and equipment that allow the stored data to be accessed in any order






3. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






4. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






5. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






6. 'If you cant see it - its secure'. Bad policy to live by.






7. Internet Architecture Board. This board is responsible for protecting the Internet.






8. Accepting all packets






9. Enticing people to hit your honeypot to see how they try to access your system.






10. Same as a block cipher except that it is applied to a data stream one bit at a time






11. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as






12. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






13. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






14. The act of identifying yourself. Providing your identity to a system






15. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






16. Something used to put out a fire. Can be in Classes A - B - C - D - or H






17. The output of a hash function is a digest.






18. Ethernet - Cat5 - Twisted to allow for longer runs.






19. CISSPs subscribe to a code of ethics for building up the security profession






20. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






21. Network device that operates at layer 1. Concentrator.






22. Setting up the user to access the honeypot for reasons other than the intent to harm.






23. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






24. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.






25. Must be in place for you to use a biometric system






26. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






27. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






28. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.






29. A gas used in fire suppression. Not human safe. Chemical reaction.






30. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






31. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c






32. Component Object Model.






33. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which






34. White hat l0pht






35. Someone who hacks






36. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






37. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






38. Driving around enumerating wireless networks with the proper equipment (antennas and the like)






39. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti






40. Method of authenticating to a system. Something that you supply and something you know.






41. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra






42. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






43. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.






44. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.






45. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






46. Disclosure - Alteration - Destruction. These things break the CIA triad






47. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






48. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet






49. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






50. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests