SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Crosstalk
Brute Force
Separation of duties
Vulnerability analysis tools
2. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
ActiveX Object Linking and Embedding
Degausser
Masquerade
Separation of duties
3. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Job rotation
Transposition
Substitution
Clipper Chip
4. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Audit Trail
Copyright
Hearsay Evidence
Biometrics
5. Encompasses Risk Analysis and Risk Mitigation
Security kernel
Risk Management
Content dependant
Motion detector
6. Computer Incident Response Team
Clipping levels
Audit Trail
Open network
CIRT
7. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Quality Assurance
Firewall types
Replay
Biometric profile
8. Accepting all packets
Promiscuous mode
Biometrics
COM
Nonce
9. Confidentiality - Integrity - and Availability
CIA
ARO (Annualized Rate of Occurrence)
Tort
Accreditation
10. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Back door/ trap door/maintenance hook
Java
Non-repudiation
Multitasking
11. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Bugtraq
Debug
Penetration testing
OLE
12. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
VPN (Virtual Private Network)
Clipper Chip
OSI Model
Clipping levels
13. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Risk Acceptance
MOM
Hackers
BIA
14. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Debug
Common criteria
CRC (Cyclic Redundancy Check)
Software librarian
15. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
ROT-13
Exit interview
SLE (Single Loss Expectancy or Exposure)
Trade Secret
16. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Sniffing
Compiler
Cookies
17. Animals with teeth. Not as discriminate as guards
Content dependant
Dictionary Attack
Accountability
Dogs
18. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
TCB
Embezzlement
Hacker
Compiler
19. Dynamic Host Configuration Protocol.
Change management
DHCP
Quantitative
Switches / Bridges
20. The output of a hash function is a digest.
RADIUS (Remote authentication dial-in user service)
Digest
Entrapment
Exit interview
21. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Burden of Proof
Non-repudiation
Scanning
CRC (Cyclic Redundancy Check)
22. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Private Addressing
CHAP
Closed network
SSH
23. The real cost of acquiring/maintaining/developing a system
Clipping levels
Asset Value
Script
Hash
24. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
MitM
Security kernel
Smurf
COM
25. Public Key Infrastructure
PKI
Accountability
Brewer-Nash model
TCB
26. Internet Relay Chat.
Finger printing
User
Tokens
IRC
27. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
BIOS
Data remanence
War driving
Scanning
28. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Phreaker
Dictionary Attack
Finger printing
Telnet
29. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Hubs
Smart cards
Multitasking
CORBA
30. Making individuals accountable for their actions on a system typically through the use of auditing
Hearsay Evidence
Accountability
Firmware
Logic bomb
31. Providing verification to a system
Authentication
DHCP
DMZ
UUEncode
32. A sandbox. Emulates an operating environment.
Fraud
Risk Acceptance
Virtual machine
Entrapment
33. Chief Executive Officer
RAM (Random-access memory)
/etc/passwd
CEO
Switches / Bridges
34. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
ISDN (Integrated Services Digital Network)
Echelon
Transposition
Firewall types
35. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Security through obscurity
CD-Rom
Stream cipher
Skipjack
36. Closed Circuit Television
Digital signing
Tokens
Debug
CCTV
37. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Common criteria
Job rotation
Base-64
Twisted pair
38. A network that uses standard protocols (TCP/IP)
Guards
Open network
Virtual Memory/Pagefile.sys
Digital certificates
39. Component Object Model.
COM
Masquerade
Passive attacks
Enticement
40. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Fences
TACACS (Terminal access controller access control system)
Decentralized
ALE (Annualized Loss Expectancy)
41. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Multitasking
Salami Slicing
Callback Security/Call Forwarding
Object Oriented Programming
42. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
Cookies
Data remanence
TEMPEST
43. Common Object Request Broker Architecture.
COM
Due Diligence
CORBA
Call tree
44. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Checksum
Mandatory vacation
Caesar Cipher
Tort
45. Network Address Translation
Diffie-Hellman
Normalization
NAT
Centralized
46. Threat to physical security.
Salami Slicing
Sabotage
Symmetric
Echelon
47. Continuation of Operations Plan
Hearsay Evidence
Risk Analysis
COOP
Termination procedures
48. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Certification
Separation of duties
Carnivore
Accreditation
49. Distributed Component Object Model. Microsoft's implementation of CORBA.
Digital signing
Rijndael
Teardrop
DCOM
50. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
CGI (The Common Gateway Interface)
Username/password
Sniffing
Biometrics