Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Chief Information Officer






2. The intercepting of conversations by unintended recipients






3. The act of identifying yourself. Providing your identity to a system






4. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






5. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt






6. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.






7. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.






8. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message






9. Good for distance - longer than 100M






10. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






11. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






12. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou






13. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth






14. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)






15. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....






16. In a separation of duties model - this is where code is checked in and out






17. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor






18. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






19. In the broadest sense - a fraud is a deception made for personal gain






20. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also






21. The person that determines the permissions to files. The data owner.






22. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






23. This is an open international standard for applications that use wireless communications.






24. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh






25. Random Number Base






26. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.






27. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.






28. A site that has some equipment in place - and can be up within days






29. Ethernet - Cat5 - Twisted to allow for longer runs.






30. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.






31. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






32. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






33. Internet Architecture Board. This board is responsible for protecting the Internet.






34. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






35. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.






36. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.






37. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






38. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






39. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.






40. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






41. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.






42. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






43. To not be legal (as far as law is concerned) or ethical






44. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






45. Reasonable doubt






46. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






47. A RFC standard. A mechanism for performing commands on a remote system






48. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -






49. The art of breaking code. Testing the strength of an algorithm.






50. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet