SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. These viruses usually infect both boot records and files.
Multipartite
Mandatory vacation
CGI (The Common Gateway Interface)
Switches / Bridges
2. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
RAM (Random-access memory)
Buffer overflow
BIA
3. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Authorization creep
SSL/TLS
Custodian
Switches / Bridges
4. Method of authenticating to a system. Something that you supply and something you know.
Macro
AES (Advanced Encryption Standard)
War dialing
Username/password
5. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
BIA
Format 7 times
Keystroke logging
Clipper Chip
6. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
TCP Wrappers
CIA
Symmetric
Multipartite
7. The user
Separation of duties
Virtual Memory/Pagefile.sys
User
Trade Secret
8. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Carnivore
Wiretapping
SESAME
CGI (The Common Gateway Interface)
9. Also known as a tunnel)
Base-64
Eavesdropping
Sabotage
VPN (Virtual Private Network)
10. Accepting all packets
Promiscuous mode
Phreaker
Session Hijacking
Transposition
11. Signal degradation as it moves farther from its source
Probing
Brute force
Attenuation
Fraud
12. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Honey pot
Fraggle
Packet Sniffing
Dictionary Attack
13. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Patriot Act
Repeaters
Security Awareness Training
Digital signing
14. Same as a block cipher except that it is applied to a data stream one bit at a time
TCB
SSO (Single sign-on)
Stream cipher
Open network
15. Disclosure - Alteration - Destruction. These things break the CIA triad
Senior Management
DAD
ARO (Annualized Rate of Occurrence)
CEO
16. Random Number Base
MitM
Macro
Nonce
Copyright
17. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Due Diligence
Tailgating / Piggybacking
Promiscuous mode
Compiler
18. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Wiretapping
Firewall types
Open network
Buffer overflow
19. Must be in place for you to use a biometric system
Software
Format 7 times
Biometric profile
Bastion hosts
20. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
Hot Site
Qualitative
War dialing
21. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
COOP
Digest
MOM
Embezzlement
22. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Senior Management
Classes of IP networks
Echelon
Risk Analysis
23. A sandbox. Emulates an operating environment.
Symmetric
FAR/FRR/CER
Virtual machine
Due Diligence
24. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
NAT
Service packs
Noise & perturbation
Logic bomb
25. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
/etc/passwd
Social engineering
Logic bomb
CIO
26. A network that mimics the brain
Acceptable use
Spoofing
Biometrics
Artificial Neural Networks (ANN)
27. Encompasses Risk Analysis and Risk Mitigation
Out of band
Clipper Chip
Risk Management
DMZ
28. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Non-repudiation
Guards
Username/password
Exit interview
29. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Out of band
War driving
BIOS
Rijndael
30. The ability to have more than one thread associated with a process
Digital certificates
Multithreading
Clipper Chip
Well-known ports
31. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Active attacks
Accountability
Vulnerability analysis tools
MitM
32. The act of identifying yourself. Providing your identity to a system
Biometric profile
Identification
Callback Security/Call Forwarding
Risk Acceptance
33. Enticing people to hit your honeypot to see how they try to access your system.
Encryption
Enticement
Technical - Administrative - Physical
VPN (Virtual Private Network)
34. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
Private Addressing
Fraggle
Separation of duties
35. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
BIOS
Fraud
Honey pot
Exit interview
36. A mechanism by which connections to TCP services on a system are allowed or disallowed
TCP Wrappers
SLE (Single Loss Expectancy or Exposure)
Hoax
Embezzlement
37. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Object Oriented Programming
Digital signing
Finger printing
Security Perimeter
38. Relating to quality or kind. This assigns a level of importance to something.
Replay
ARO (Annualized Rate of Occurrence)
TACACS (Terminal access controller access control system)
Qualitative
39. 'If you cant see it - its secure'. Bad policy to live by.
Birthday attack
Security through obscurity
Expert System
Embezzlement
40. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Content dependant
Multitasking
Probing
Fire extinguisher
41. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Mandatory vacation
ROM (Read-only memory)
Patriot Act
42. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Normalization
Script
Aggregation
SLE (Single Loss Expectancy or Exposure)
43. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Malware
Finger scanning
Covert channels
Boot-sector Virus
44. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Authorization
Multipartite
Object Oriented Programming
TACACS (Terminal access controller access control system)
45. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
SQL (Structured Query Language)
Hoax
Phreaker
Fire extinguisher
46. The person that controls access to the data
Key Escrow
Custodian
DCOM
Cookies
47. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Echelon
Active attacks
Mandatory vacation
DDOS
48. Dynamic Host Configuration Protocol.
DHCP
CIA
CRC (Cyclic Redundancy Check)
Fraggle
49. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Dogs
Cyphertext only
Brute Force
Fraggle
50. Someone whose hacking is primarily targeted at the phone systems
Wiretapping
Phreaker
Smurf
Vulnerability analysis tools
