SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Also civil law
FAR/FRR/CER
Spoofing
Expert System
Tort
2. The user
Dumpster diving
Digital signing
Penetration testing
User
3. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Brute Force
VLANs
Logic bomb
SSO (Single sign-on)
4. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Technical - Administrative - Physical
Job rotation
Key Escrow
OEP
5. Object Linking and Embedding. The ability of an object to be embedded into another object.
MitM
Authorization
Senior Management
OLE
6. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
DCOM
Masquerade
Cyphertext only
RADIUS (Remote authentication dial-in user service)
7. A mechanism by which connections to TCP services on a system are allowed or disallowed
Brute Force
Service packs
TCP Wrappers
COM
8. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Dumpster diving
Hacker
Cookies
Brute Force
9. Be at least 8 foot tall and have three strands of barbed wire.
Authorization creep
Fences
Tokens
Multitasking
10. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Clipper Chip
Security through obscurity
Key Escrow
Callback Security/Call Forwarding
11. Continuation of Operations Plan
Nonce
COOP
Fraggle
Authorization
12. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Bugtraq
Decentralized
DMZ
Noise & perturbation
13. Basic Input/Output System
BIOS
Bastion hosts
SESAME
VPN (Virtual Private Network)
14. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
TACACS (Terminal access controller access control system)
Service packs
Format 7 times
Motion detector
15. Entails planning and system actions to ensure that a project is following good quality management practices
Script
Hash
Quality Assurance
Teardrop
16. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Data remanence
Inference
Owner
Compiler
17. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Brute Force
Granularity
Noise & perturbation
Closed network
18. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Hubs
Trojan horses
Tokens
Clipping levels
19. Data storage formats and equipment that allow the stored data to be accessed in any order
Tokens
RAM (Random-access memory)
PKI
AES (Advanced Encryption Standard)
20. These can be used to verify that public keys belong to certain individuals.
Key Escrow
Twisted pair
Digital certificates
Dumpster diving
21. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Cold Site
ALE (Annualized Loss Expectancy)
BIA
TCSEC
22. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Replay
Finger printing
Brute force
Security through obscurity
23. The art of breaking code. Testing the strength of an algorithm.
Spoofing
Fire extinguisher
Cryptanalysis
SLE (Single Loss Expectancy or Exposure)
24. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Noise & perturbation
Hearsay Evidence
Packet Sniffing
PKI
25. Someone who hacks
Repeaters
ROT-13
Telnet
Hacker
26. The frequency with which a threat is expected to occur.
Penetration testing
DOS
FAR/FRR/CER
ARO (Annualized Rate of Occurrence)
27. Disclosure - Alteration - Destruction. These things break the CIA triad
DAD
Smart cards
Kerberos
Digest
28. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
TCSEC
DCOM
Trade Secret
Illegal/Unethical
29. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Replay
Carnivore
Script kiddies
SLE (Single Loss Expectancy or Exposure)
30. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Job rotation
Classes of IP networks
Termination procedures
Hoax
31. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Private Addressing
CEO
IAB
SSL/TLS
32. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
Termination procedures
Service packs
Polymorphic
33. Component Object Model.
Asymmetric
Probing
SSH
COM
34. An instance of a scripting language
TCP Wrappers
RADIUS (Remote authentication dial-in user service)
OEP
Script
35. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Smurf
FAR/FRR/CER
Routers
DNS cache poisoning
36. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Back door/ trap door/maintenance hook
OSI Model
Masquerade
Qualitative
37. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Out of band
Common criteria
Tailgating / Piggybacking
Data Mart
38. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Dictionary Attack
Call tree
Macro
39. Random Number Base
Format 7 times
Nonce
Attenuation
DHCP
40. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Termination procedures
Noise & perturbation
OSI Model
41. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
Asymmetric
Risk Acceptance
COOP
42. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
ARP (Address Resolution Protocol)
Coax
Risk Acceptance
Fire extinguisher
43. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Routers
Diffie-Hellman
Certification
Mandatory vacation
44. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Acceptable use
Throughput of a Biometric System
Switches / Bridges
Twisted pair
45. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
WTLS (Wireless Transport Layer Security)
Base-64
Termination procedures
/etc/passwd
46. A network that uses proprietary protocols
Open network
Multitasking
Closed network
FAR/FRR/CER
47. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Risk Analysis
Transposition
Security kernel
48. Network device that operates at layer 1. Concentrator.
Hubs
Separation of duties
COM
Passive attacks
49. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
ARO (Annualized Rate of Occurrence)
Fraggle
Aggregation
Risk Management
50. Enticing people to hit your honeypot to see how they try to access your system.
Certification
Noise & perturbation
Enticement
Spoofing