SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the broadest sense - a fraud is a deception made for personal gain
Asset Value
Fraud
Common criteria
Risk Acceptance
2. A network that uses proprietary protocols
Motion detector
Closed network
Social engineering
Encryption
3. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Halon
CD-Rom
DOS
Out of band
4. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Caesar Cipher
RAM (Random-access memory)
Honey pot
5. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Brewer-Nash model
Echelon
Cyphertext only
VPN (Virtual Private Network)
6. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Base-64
Senior Management
IAB
Technical - Administrative - Physical
7. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Authorization creep
Risk Acceptance
Tailgating / Piggybacking
Switches / Bridges
8. A system designed to stop piggybacking.
Man trap
War driving
Audit Trail
Macro
9. Internet Relay Chat.
RAM (Random-access memory)
Telnet
IRC
Crosstalk
10. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ALE (Annualized Loss Expectancy)
Hearsay Evidence
SSH
Virtual machine
11. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Sniffing
Rijndael
Tokens
Acceptable use
12. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
SQL (Structured Query Language)
Data Mart
Incentive programs
Digest
13. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Checksum
Penetration testing
Masquerade
Multithreading
14. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
Open network
Malware
Expert systems
15. Must be in place for you to use a biometric system
Biometric profile
ALE (Annualized Loss Expectancy)
Symmetric
Wiretapping
16. The real cost of acquiring/maintaining/developing a system
RADIUS (Remote authentication dial-in user service)
Man trap
Asset Value
Cookies
17. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Audit Trail
Inference
Rijndael
18. Someone who hacks
Sabotage
Hacker
Symmetric
ROM (Read-only memory)
19. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
Digest
Stream cipher
PAP (Password Authentication Protocol)
20. Public Key Infrastructure
Two-Factor Authentication
Asymmetric
PKI
Object Oriented Programming
21. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
AES (Advanced Encryption Standard)
Multiprocessing
Honey pot
TACACS (Terminal access controller access control system)
22. Relating to quality or kind. This assigns a level of importance to something.
Object Oriented Programming
/etc/passwd
FAR/FRR/CER
Qualitative
23. A RFC standard. A mechanism for performing commands on a remote system
Hubs
Telnet
Patent
Asymmetric
24. This is an open international standard for applications that use wireless communications.
WAP (Wireless Application Protocol)
Asset Value
VPN (Virtual Private Network)
Senior Management
25. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
TACACS (Terminal access controller access control system)
Enticement
Burden of Proof
Qualitative
26. Confidentiality - Integrity - and Availability
Change management
CIA
SESAME
Decentralized
27. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Passive attacks
Common criteria
Non-repudiation
Fire extinguisher
28. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
OEP
Technical - Administrative - Physical
Senior Management
Smart cards
29. In a separation of duties model - this is where code is checked in and out
Granularity
CCTV
Smurf
Software librarian
30. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Hot Site
Stream cipher
Wiretapping
User
31. A network that uses standard protocols (TCP/IP)
Open network
Multiprocessing
Clipping levels
Centralized
32. Access control method for database based on the content of the database to provide granular access
DOS
Certification
Promiscuous mode
Content dependant
33. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Tailgating / Piggybacking
OEP
Dictionary Attack
Expert System
34. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Security through obscurity
Macro
Routers
35. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Security Awareness Training
Encryption
Transposition
Fences
36. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
OLE
ROT-13
Patent
Risk Transferring
37. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Penetration testing
MOM
Hearsay Evidence
Trap Door
38. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Authorization
Two-Factor Authentication
Transposition
Repeaters
39. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Quality Assurance
Trademark
Due Diligence
Block cipher
40. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
Noise & perturbation
Patent
SSO (Single sign-on)
41. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
VLANs
Copyright
Out of band
Masquerade
42. The output of a hash function is a digest.
Tailgating / Piggybacking
Digest
Macro
ARP (Address Resolution Protocol)
43. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
ROT-13
Object Oriented Programming
UUEncode
44. Network device that operates at layer 1. Concentrator.
Hackers
OEP
Teardrop
Hubs
45. The intercepting of conversations by unintended recipients
Classes of IP networks
Format 7 times
Eavesdropping
Risk Mitigation
46. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Fiber optic
Accountability
Sniffing
Smurf
47. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
Rolling hot sites
MOM
Block cipher
48. When security is managed at a central point in an organization
Centralized
User
Risk Transferring
Fences
49. A network that mimics the brain
Replay
Stream cipher
Artificial Neural Networks (ANN)
Cookies
50. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Granularity
Security kernel
Expert System
Motion detector