SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A network that uses proprietary protocols
l0pht
Risk Mitigation
RAM (Random-access memory)
Closed network
2. Dialing fixed sets telephone numbers looking for open modem connections to machines
Digital signing
NAT
Encryption
War dialing
3. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Digital signing
Key Escrow
Software
Polymorphic
4. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Change management
SESAME
Smart cards
ARO (Annualized Rate of Occurrence)
5. Scanning the airwaves for radio transmissions
ActiveX Object Linking and Embedding
Scanning
Boot-sector Virus
Hearsay Evidence
6. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Twisted pair
AES (Advanced Encryption Standard)
Authentication
7. A war dialing utility
OLE
Honey pot
SSL/TLS
Toneloc
8. Motive - Opportunity - and Means. These deal with crime.
Decentralized
Hot Site
MOM
Virtual Memory/Pagefile.sys
9. The output of a hash function is a digest.
CIRT
PKI
Digest
Inference
10. An attempt to trick the system into believing that something false is real
Hoax
CD-Rom
Call tree
Out of band
11. Reasonable doubt
Burden of Proof
Virtual machine
Technical - Administrative - Physical
Sabotage
12. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
Data remanence
Detective - Preventive - Corrective
Probing
13. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Accreditation
Smurf
/etc/passwd
Covert channels
14. 'If you cant see it - its secure'. Bad policy to live by.
COM
Security through obscurity
Identification
Key Escrow
15. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Username/password
Object Oriented Programming
Noise & perturbation
War dialing
16. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Passive attacks
Macro
Worm
Illegal/Unethical
17. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Symmetric
Polymorphism
Bugtraq
Authentication
18. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Vulnerability analysis tools
Hoax
Risk Analysis
CD-Rom
19. Same as a block cipher except that it is applied to a data stream one bit at a time
Stream cipher
CORBA
Brute force
Clipping levels
20. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Polymorphic
Illegal/Unethical
Substitution
21. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
CRC (Cyclic Redundancy Check)
Substitution
DCOM
Authorization creep
22. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
CHAP
Active attacks
ROT-13
Due Care
23. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
ARP (Address Resolution Protocol)
Data remanence
Birthday attack
Exit interview
24. Setting up the user to access the honeypot for reasons other than the intent to harm.
Patriot Act
Entrapment
ROM (Read-only memory)
Encryption
25. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Symmetric
Tokens
ALE (Annualized Loss Expectancy)
Fiber optic
26. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Clipping levels
Back door/ trap door/maintenance hook
Covert channels
ALE (Annualized Loss Expectancy)
27. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
PKI
Finger scanning
Covert channels
Man trap
28. Computer Incident Response Team
Multipartite
DOS
Salami Slicing
CIRT
29. More discriminate than dogs
Guards
VPN (Virtual Private Network)
WTLS (Wireless Transport Layer Security)
Multithreading
30. The real cost of acquiring/maintaining/developing a system
WAP (Wireless Application Protocol)
Polymorphic
Asset Value
Halon
31. Transferring your risk to someone else - typically an insurance company
Multitasking
Quantitative
/etc/passwd
Risk Transferring
32. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Multitasking
Hot Site
Granularity
Artificial Neural Networks (ANN)
33. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Asymmetric
Hot Site
Quantitative
Java
34. CISSPs subscribe to a code of ethics for building up the security profession
Code of ethics
Hubs
Entrapment
/etc/passwd
35. Network devices that operate at layer 3. This device separates broadcast domains.
WTLS (Wireless Transport Layer Security)
Routers
Risk Acceptance
Toneloc
36. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Active attacks
Penetration testing
Common criteria
ARP (Address Resolution Protocol)
37. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Risk Management
Macro
Brute force
Boot-sector Virus
38. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Job rotation
FAR/FRR/CER
CORBA
Symmetric
39. To not be legal (as far as law is concerned) or ethical
Macro
Key Escrow
Illegal/Unethical
Audit Trail
40. Accepting all packets
Embezzlement
CIRT
Fire extinguisher
Promiscuous mode
41. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
CIA
Hacker
Smart cards
Security Awareness Training
42. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
SQL (Structured Query Language)
TACACS (Terminal access controller access control system)
ActiveX Object Linking and Embedding
Copyright
43. Object Linking and Embedding. The ability of an object to be embedded into another object.
Multitasking
OLE
Dumpster diving
TEMPEST
44. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Fraud
Trap Door
CIRT
45. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
CGI (The Common Gateway Interface)
Hash
Service packs
AES (Advanced Encryption Standard)
46. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Diffie-Hellman
WAP (Wireless Application Protocol)
Nonce
Routers
47. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Identification
Virtual machine
CHAP
48. Someone who hacks
Hacker
Authorization
Firewall types
IRC
49. Relating to quality or kind. This assigns a level of importance to something.
SYN Flood
WAP (Wireless Application Protocol)
Qualitative
Encryption
50. The intercepting of conversations by unintended recipients
Degausser
Twisted pair
Eavesdropping
TACACS (Terminal access controller access control system)
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests