SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
DDOS
Passive attacks
Aggregation
MitM
2. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Software
Routers
Dictionary Attack
CD-Rom
3. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Motion detector
Social engineering
Callback Security/Call Forwarding
WAP (Wireless Application Protocol)
4. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Two-Factor Authentication
Rijndael
PAP (Password Authentication Protocol)
Security kernel
5. Occupant Emergency Plan - Employees are the most important!
Fences
Custodian
OEP
Asset Value
6. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Masquerade
Honey pot
Security kernel
Packet Sniffing
7. These can be used to verify that public keys belong to certain individuals.
Risk Mitigation
Software
Content dependant
Digital certificates
8. Accepting all packets
CGI (The Common Gateway Interface)
Promiscuous mode
Macro
Trojan horses
9. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
FAR/FRR/CER
CHAP
Private Addressing
Raid 0 - 1 - 3 - 5
10. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Warm Site
Format 7 times
Virtual Memory/Pagefile.sys
Asymmetric
11. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Clipping levels
Attenuation
VPN (Virtual Private Network)
Tailgating / Piggybacking
12. The ability to have more than one thread associated with a process
Multithreading
DOS
Closed network
Hot Site
13. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Expert systems
Multitasking
ARO (Annualized Rate of Occurrence)
Risk Acceptance
14. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
SSH
Script kiddies
Cold Site
Quality Assurance
15. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Scanning
AES (Advanced Encryption Standard)
Symmetric
Quantitative
16. A military standard defining controls for emanation protection
Checksum
Scanning
Granularity
TEMPEST
17. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Hackers
Authorization
Script kiddies
Due Care
18. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Trap Door
DCOM
Trade Secret
DOS
19. This is an open international standard for applications that use wireless communications.
Java
Trojan horses
WAP (Wireless Application Protocol)
Hacker
20. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
MOM
Due Diligence
Trade Secret
Call tree
21. Closed Circuit Television
SSL/TLS
Decentralized
User
CCTV
22. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Compiler
COOP
Granularity
Trade Secret
23. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Noise & perturbation
Joke
Enticement
Polymorphic
24. 'If you cant see it - its secure'. Bad policy to live by.
RADIUS (Remote authentication dial-in user service)
Reciprocal agreement
Script
Security through obscurity
25. Continuation of Operations Plan
Fraud
COOP
CIO
Trojan horses
26. Object Linking and Embedding. The ability of an object to be embedded into another object.
Symmetric
Java
OLE
Trojan horses
27. White hat l0pht
Bugtraq
Accreditation
Callback Security/Call Forwarding
Asymmetric
28. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Brute Force
Incentive programs
Social engineering
Security Awareness Training
29. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
TACACS (Terminal access controller access control system)
Granularity
Back door/ trap door/maintenance hook
Patriot Act
30. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Coax
RADIUS (Remote authentication dial-in user service)
Quantitative
Polymorphic
31. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
TCSEC
Expert systems
Raid 0 - 1 - 3 - 5
Clipper Chip
32. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Wiretapping
Accreditation
Out of band
Trojan horses
33. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
COOP
Packet Sniffing
Carnivore
Username/password
34. Entails planning and system actions to ensure that a project is following good quality management practices
DCOM
Quality Assurance
Hubs
ROT-13
35. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Schema
SLE (Single Loss Expectancy or Exposure)
Identification
Change management
36. Network Address Translation
CRC (Cyclic Redundancy Check)
NAT
Hot Site
Degausser
37. Component Object Model.
ARO (Annualized Rate of Occurrence)
COM
ARP (Address Resolution Protocol)
SQL (Structured Query Language)
38. To not be legal (as far as law is concerned) or ethical
War driving
Illegal/Unethical
PAP (Password Authentication Protocol)
Encryption
39. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Buffer overflow
CIRT
Software development lifecycle
Service packs
40. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Hackers
Separation of duties
Nonce
Polymorphic
41. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Inference
Separation of duties
Change management
Authorization creep
42. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
TEMPEST
SSO (Single sign-on)
Hearsay Evidence
ISDN (Integrated Services Digital Network)
43. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Echelon
Diffie-Hellman
Crosstalk
Security Perimeter
44. Must be in place for you to use a biometric system
Biometric profile
FAR/FRR/CER
l0pht
Copyright
45. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Multitasking
Mandatory vacation
Senior Management
Switches / Bridges
46. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
WTLS (Wireless Transport Layer Security)
Embezzlement
Scanning
Finger scanning
47. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
TCSEC
Object Oriented Programming
Software librarian
CD-Rom
48. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Granularity
Out of band
Digital signing
Object Oriented Programming
49. Method of authenticating to a system. Something that you supply and something you know.
UUEncode
Promiscuous mode
Username/password
Penetration testing
50. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Burden of Proof
Substitution
Embezzlement
Bastion hosts
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests