Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network devices that operate at layer 3. This device separates broadcast domains.






2. A network that uses proprietary protocols






3. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.






4. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






5. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans






6. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.






7. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






8. To not be legal (as far as law is concerned) or ethical






9. In a separation of duties model - this is where code is checked in and out






10. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






11. Public Key Infrastructure






12. Accepting all packets






13. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.






14. Network device that operates at layer 1. Concentrator.






15. Random Number Base






16. A war dialing utility






17. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






18. Object Linking and Embedding. The ability of an object to be embedded into another object.






19. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.






20. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.






21. The intercepting of conversations by unintended recipients






22. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema






23. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus






24. Method of authenticating to a system. Something that you supply and something you know.






25. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.






26. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






27. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req






28. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.






29. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards






30. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list






31. Reasonable doubt






32. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






33. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i






34. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the






35. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






36. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters






37. The person that determines the permissions to files. The data owner.






38. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.






39. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.






40. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.






41. Assuming someone's session who is unaware of what you are doing






42. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational






43. Access control method for database based on the content of the database to provide granular access






44. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.






45. An attempt to trick the system into believing that something false is real






46. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.






47. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.






48. Emanations from one wire coupling with another wire






49. A network that mimics the brain






50. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single