SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Authorization
Termination procedures
Digital certificates
Embezzlement
2. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
TCB
MOM
Java
Security kernel
3. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Joke
Code of ethics
Covert channels
Data remanence
4. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
/etc/passwd
Brewer-Nash model
Accreditation
Audit Trail
5. Occupant Emergency Plan - Employees are the most important!
Attenuation
OEP
Script kiddies
Hubs
6. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Out of band
Raid 0 - 1 - 3 - 5
SYN Flood
7. A gas used in fire suppression. Not human safe. Chemical reaction.
Fiber optic
Halon
Accreditation
DHCP
8. Confidentiality - Integrity - and Availability
Hubs
CIA
Tokens
Classes of IP networks
9. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
FAR/FRR/CER
Spoofing
Risk Analysis
Expert System
10. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
ISDN (Integrated Services Digital Network)
War driving
Brute Force
SSH
11. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Bastion hosts
Clipping levels
Polymorphic
ARO (Annualized Rate of Occurrence)
12. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
DHCP
Firewall types
Base-64
Symmetric
13. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Telnet
Firmware
Java
Base-64
14. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
NAT
Termination procedures
Toneloc
Dumpster diving
15. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Java
AES (Advanced Encryption Standard)
Firewall types
Separation of duties
16. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Encryption
Tokens
AES (Advanced Encryption Standard)
WAP (Wireless Application Protocol)
17. When one key of a two-key pair has more encryption pattern than the other
Risk Acceptance
Polymorphism
Object Oriented Programming
Asymmetric
18. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Security kernel
Virtual Memory/Pagefile.sys
PKI
WTLS (Wireless Transport Layer Security)
19. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
TEMPEST
Non-repudiation
Fiber optic
CIO
20. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
Hardware
Teardrop
VPN (Virtual Private Network)
21. When security is managed at a central point in an organization
Centralized
Object Oriented Programming
l0pht
Security through obscurity
22. White hat l0pht
CHAP
Patriot Act
Separation of duties
Bugtraq
23. Public Key Infrastructure
Nonce
BIA
PKI
Passive attacks
24. A network that mimics the brain
Patriot Act
Artificial Neural Networks (ANN)
Stream cipher
Crosstalk
25. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Cold Site
Caesar Cipher
Multithreading
Rijndael
26. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
PKI
Risk Analysis
Hackers
27. Object Linking and Embedding. The ability of an object to be embedded into another object.
Hacker
TACACS (Terminal access controller access control system)
OLE
Due Diligence
28. Distributed Component Object Model. Microsoft's implementation of CORBA.
Diffie-Hellman
DCOM
Tailgating / Piggybacking
Digest
29. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
DMZ
Kerberos
ISDN (Integrated Services Digital Network)
Expert System
30. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Honey pot
Multitasking
Hash
Halon
31. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
DHCP
SQL (Structured Query Language)
Incentive programs
Quality Assurance
32. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
Malware
Diffie-Hellman
VPN (Virtual Private Network)
33. Continuation of Operations Plan
DHCP
Back door/ trap door/maintenance hook
COOP
Smurf
34. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Rijndael
Fences
SESAME
Birthday attack
35. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Multiprocessing
OSI Model
Service packs
DMZ
36. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Security through obscurity
Private Addressing
Birthday attack
Hoax
37. Involving the measurement of quantity or amount.
Quantitative
Classes of IP networks
Tokens
Schema
38. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Technical - Administrative - Physical
Embezzlement
Script kiddies
Biometrics
39. Assuming someone's session who is unaware of what you are doing
Decentralized
Session Hijacking
Social engineering
IRC
40. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
War driving
Change management
Data remanence
Patriot Act
41. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
UUEncode
Software librarian
Exit interview
42. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Carnivore
Smart cards
CEO
Covert channels
43. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Enticement
Clipper Chip
Multiprocessing
EF (Exposure Factor)
44. Ethernet - Cat5 - Twisted to allow for longer runs.
Data Mart
Callback Security/Call Forwarding
Risk Transferring
Twisted pair
45. Defines the objects and their attributes that exist in a database.
AES (Advanced Encryption Standard)
Active attacks
Toneloc
Schema
46. Threat to physical security.
Sabotage
PKI
Software librarian
Multipartite
47. In a separation of duties model - this is where code is checked in and out
Routers
Entrapment
Software librarian
DOS
48. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
PKI
Copyright
Due Care
Brute force
49. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Hoax
Hash
Content dependant
PAP (Password Authentication Protocol)
50. Setting up the user to access the honeypot for reasons other than the intent to harm.
Firmware
CIA
Entrapment
Enticement