Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x






2. Something used to put out a fire. Can be in Classes A - B - C - D - or H






3. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable






4. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.






5. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access






6. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe






7. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time






8. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






9. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider






10. A RFC standard. A mechanism for performing commands on a remote system






11. A mechanism by which connections to TCP services on a system are allowed or disallowed






12. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.






13. A network that mimics the brain






14. This is an open international standard for applications that use wireless communications.






15. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






16. In a separation of duties model - this is where code is checked in and out






17. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically






18. A set of rules applied by many transit networks which restrict the ways in which the network may be used.






19. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.






20. False Acceptance Rate - False Rejection Rate - Crossover Error Rate






21. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources






22. The person that controls access to the data






23. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






24. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal






25. Relating to quality or kind. This assigns a level of importance to something.






26. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses






27. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).






28. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t






29. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.






30. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.






31. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to






32. Reasonable doubt






33. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.






34. Chief Executive Officer






35. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.






36. Random Number Base






37. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.






38. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.






39. Entails planning and system actions to ensure that a project is following good quality management practices






40. Defines the objects and their attributes that exist in a database.






41. The art of breaking code. Testing the strength of an algorithm.






42. Method of authenticating to a system. Something that you supply and something you know.






43. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute






44. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






45. Separation of duties (SoD) is the concept of having more than one person required to complete a task.






46. A system designed to stop piggybacking.






47. Chief Information Officer






48. Setting up the user to access the honeypot for reasons other than the intent to harm.






49. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.






50. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou