SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network devices that operate at layer 3. This device separates broadcast domains.
Inference
Penetration testing
Routers
Fire extinguisher
2. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Vulnerability analysis tools
Security Awareness Training
MOM
IRC
3. Accepting all packets
Promiscuous mode
Risk Analysis
Out of band
Noise & perturbation
4. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
War dialing
OSI Model
Kerberos
Job rotation
5. Software designed to infiltrate or damage a computer system - without the owner's consent.
DAD
Worm
Malware
Fiber optic
6. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
CD-Rom
Man trap
Multiprocessing
SESAME
7. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Code of ethics
Privacy Act of 1974
Macro
Service packs
8. Jumping into dumpsters to retrieve information about someone/something/a company
Rolling hot sites
UUEncode
Dumpster diving
Closed network
9. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Birthday attack
TCSEC
Coax
Polymorphic
10. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Diffie-Hellman
Security through obscurity
Authorization creep
11. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Authorization creep
Reciprocal agreement
Inference
PAP (Password Authentication Protocol)
12. Someone who hacks
Job rotation
Hacker
Exit interview
Hearsay Evidence
13. The person that determines the permissions to files. The data owner.
Incentive programs
Telnet
Hash
Owner
14. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Identification
Toneloc
Promiscuous mode
Software development lifecycle
15. The real cost of acquiring/maintaining/developing a system
Asset Value
DOS
Keystroke logging
Substitution
16. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
VLANs
Risk Management
Due Diligence
Sniffing
17. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Classes of IP networks
Spoofing
Eavesdropping
Certification
18. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Trojan horses
Java
Termination procedures
Attenuation
19. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Encryption
Promiscuous mode
WAP (Wireless Application Protocol)
Reciprocal agreement
20. Random Number Base
Finger printing
CIA
ARO (Annualized Rate of Occurrence)
Nonce
21. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Active attacks
Trade Secret
Diffie-Hellman
EF (Exposure Factor)
22. Entails planning and system actions to ensure that a project is following good quality management practices
Software development lifecycle
Quality Assurance
CHAP
Service packs
23. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Fire extinguisher
Patriot Act
Coax
Caesar Cipher
24. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Sabotage
Job rotation
Detective - Preventive - Corrective
Symmetric
25. In the broadest sense - a fraud is a deception made for personal gain
Switches / Bridges
Fraud
Exit interview
Passive attacks
26. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Enticement
Patent
Clipper Chip
Trap Door
27. Using ICMP to diagram a network
Probing
Digest
Tort
Hardware
28. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Active attacks
Compiler
Entrapment
Software
29. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Skipjack
Common criteria
Honey pot
l0pht
30. Personal - Network - and Application
Firewall types
Embezzlement
IAB
Carnivore
31. Relating to quality or kind. This assigns a level of importance to something.
Digest
Trade Secret
Macro
Qualitative
32. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Expert System
Eavesdropping
Base-64
Masquerade
33. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Rolling hot sites
Smurf
Patriot Act
Security Awareness Training
34. Reasonable doubt
RAM (Random-access memory)
Burden of Proof
CGI (The Common Gateway Interface)
Granularity
35. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Identification
Buffer overflow
Multithreading
IAB
36. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
CRC (Cyclic Redundancy Check)
Man trap
Eavesdropping
Halon
37. CISSPs subscribe to a code of ethics for building up the security profession
Code of ethics
ISDN (Integrated Services Digital Network)
Guards
Risk Mitigation
38. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Audit Trail
Salami Slicing
Birthday attack
Macro
39. Distributed Component Object Model. Microsoft's implementation of CORBA.
Hoax
DCOM
Callback Security/Call Forwarding
Key Escrow
40. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Cookies
Debug
Fraggle
Wiretapping
41. Encompasses Risk Analysis and Risk Mitigation
Boot-sector Virus
UUEncode
Risk Management
Security Awareness Training
42. Must be in place for you to use a biometric system
Virtual Memory/Pagefile.sys
ALE (Annualized Loss Expectancy)
Biometric profile
Checksum
43. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Quality Assurance
Session Hijacking
Well-known ports
Cookies
44. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Service packs
Base-64
COM
Polymorphic
45. Chief Information Officer
WTLS (Wireless Transport Layer Security)
CIO
Toneloc
Twisted pair
46. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Routers
Motion detector
Birthday attack
Embezzlement
47. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Encryption
Risk Analysis
Digital signing
Java
48. A mechanism by which connections to TCP services on a system are allowed or disallowed
TCP Wrappers
Risk Mitigation
Polymorphism
AES (Advanced Encryption Standard)
49. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Cookies
Compiler
War dialing
Finger scanning
50. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Callback Security/Call Forwarding
Quantitative
Sniffing
Java
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests