Test your basic knowledge |

Comptia Security +: Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec






2. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.






3. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.






4. Closed Circuit Television






5. 'If you cant see it - its secure'. Bad policy to live by.






6. Dynamic Host Configuration Protocol.






7. White hat l0pht






8. Using ICMP to diagram a network






9. Animals with teeth. Not as discriminate as guards






10. Method of authenticating to a system. Something that you supply and something you know.






11. Personal - Network - and Application






12. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single






13. Network Address Translation






14. A network that uses standard protocols (TCP/IP)






15. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it






16. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.






17. Network devices that operate at layer 2. Every port on a switch is a separate collision domain






18. The user






19. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time






20. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.






21. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r






22. The person that determines the permissions to files. The data owner.






23. Assuming someone's session who is unaware of what you are doing






24. Object Linking and Embedding. The ability of an object to be embedded into another object.






25. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi






26. Good for distance - longer than 100M






27. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE






28. A site that is ready physically but has no hardware in place - all it has is HVAC






29. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.






30. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack






31. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t






32. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho






33. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.






34. Disclosure - Alteration - Destruction. These things break the CIA triad






35. A technique to eliminate data redundancy.






36. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.






37. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.






38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)






39. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.






40. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.






41. More discriminate than dogs






42. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.






43. Relating to quality or kind. This assigns a level of importance to something.






44. Distributed Component Object Model. Microsoft's implementation of CORBA.






45. An attempt to trick the system into believing that something false is real






46. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl






47. In cryptography - it is a block cipher






48. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical






49. Confidentiality - Integrity - and Availability






50. Reasonable doubt