SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Random Number Base
Nonce
Multiprocessing
Hearsay Evidence
DMZ
2. When security is managed at a central point in an organization
Centralized
Brute Force
Trap Door
Sabotage
3. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Incentive programs
Checksum
Wiretapping
Noise & perturbation
4. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Multipartite
Normalization
Decentralized
Granularity
5. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Out of band
Qualitative
Brute Force
6. Software designed to infiltrate or damage a computer system - without the owner's consent.
Authorization
Malware
Common criteria
Detective - Preventive - Corrective
7. A card that holds information that must be authenticated to before it can reveal the information that it is holding
OEP
Owner
Smart cards
DAD
8. A sandbox. Emulates an operating environment.
Certification
Virtual machine
Data remanence
Format 7 times
9. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Embezzlement
Clipping levels
VPN (Virtual Private Network)
Acceptable use
10. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
AES (Advanced Encryption Standard)
DNS cache poisoning
Bugtraq
Repeaters
11. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Skipjack
Trademark
SQL (Structured Query Language)
Inference
12. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Patent
SSH
Trade Secret
ALE (Annualized Loss Expectancy)
13. An attempt to trick the system into believing that something false is real
Reciprocal agreement
Hoax
COOP
Keystroke logging
14. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
Probing
Dictionary Attack
Trade Secret
15. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Decentralized
Mandatory vacation
Macro
Hearsay Evidence
16. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Java
Cryptanalysis
Back door/ trap door/maintenance hook
Joke
17. Making individuals accountable for their actions on a system typically through the use of auditing
Schema
Fences
Accountability
Finger scanning
18. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Bastion hosts
Base-64
Fire extinguisher
Enticement
19. Involving the measurement of quantity or amount.
Acceptable use
Hacker
Replay
Quantitative
20. The process of reducing your risks to an acceptable level based on your risk analysis
DNS cache poisoning
Hash
Risk Mitigation
Risk Acceptance
21. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Cookies
Masquerade
BIA
Authorization
22. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Call tree
Authorization creep
SQL (Structured Query Language)
COM
23. The person that determines the permissions to files. The data owner.
TACACS (Terminal access controller access control system)
Owner
Honey pot
Phreaker
24. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
DMZ
Trojan horses
COM
Privacy Act of 1974
25. Network devices that operate at layer 3. This device separates broadcast domains.
DCOM
Routers
Software
Quantitative
26. A network that uses proprietary protocols
Closed network
CORBA
TCP Wrappers
Social engineering
27. A network that mimics the brain
Artificial Neural Networks (ANN)
Fiber optic
l0pht
Polymorphic
28. Also known as a tunnel)
Repeaters
VPN (Virtual Private Network)
Replay
Call tree
29. Network device that operates at layer 1. Concentrator.
Normalization
Hubs
COM
MOM
30. Someone who hacks
Hacker
Trap Door
Private Addressing
Schema
31. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Spoofing
Normalization
OSI Model
Privacy Act of 1974
32. Distributed Component Object Model. Microsoft's implementation of CORBA.
Identification
Risk Management
DCOM
Call tree
33. Animals with teeth. Not as discriminate as guards
Dogs
Phreaker
Probing
Service packs
34. Rolling command center with UPS - satellite - uplink - power - etc.
Polymorphism
Detective - Preventive - Corrective
Degausser
Rolling hot sites
35. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
AES (Advanced Encryption Standard)
Hackers
CIO
Exit interview
36. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
War driving
Attenuation
Mandatory vacation
TCB
37. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Open network
ISDN (Integrated Services Digital Network)
BIOS
Carnivore
38. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Key Escrow
Sniffing
Buffer overflow
Accreditation
39. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Dumpster diving
PAP (Password Authentication Protocol)
Cryptanalysis
WAP (Wireless Application Protocol)
40. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Quantitative
Object Oriented Programming
NAT
Hardware
41. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Biometrics
Cookies
Content dependant
Logic bomb
42. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
PAP (Password Authentication Protocol)
Block cipher
Trademark
43. Threat to physical security.
Identification
DNS cache poisoning
Closed network
Sabotage
44. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
CIRT
WTLS (Wireless Transport Layer Security)
IRC
UUEncode
45. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Cookies
Hubs
Call tree
Fire extinguisher
46. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Finger printing
Job rotation
Echelon
CRC (Cyclic Redundancy Check)
47. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Private Addressing
CORBA
Degausser
OLE
48. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Diffie-Hellman
Twisted pair
Incentive programs
Copyright
49. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Security kernel
Cryptanalysis
Trap Door
ARP (Address Resolution Protocol)
50. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
Checksum
Authentication
Base-64