SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Code of ethics
Degausser
Out of band
Encryption
2. Random Number Base
BIOS
Clipping levels
Nonce
Quantitative
3. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
COM
Worm
Cold Site
Granularity
4. A mechanism by which connections to TCP services on a system are allowed or disallowed
Centralized
TCP Wrappers
Finger scanning
Nonce
5. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Biometric profile
Trademark
War dialing
Risk Mitigation
6. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Hackers
Replay
Hash
Echelon
7. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
SLE (Single Loss Expectancy or Exposure)
SYN Flood
Software
Toneloc
8. Enticing people to hit your honeypot to see how they try to access your system.
Enticement
Fences
Aggregation
Embezzlement
9. The intercepting of conversations by unintended recipients
Eavesdropping
Replay
COOP
Virtual Memory/Pagefile.sys
10. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Script kiddies
OLE
CEO
Hackers
11. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
Well-known ports
VLANs
OEP
12. An attempt to trick the system into believing that something false is real
Hoax
Debug
DCOM
Script kiddies
13. A military standard defining controls for emanation protection
Virtual machine
Embezzlement
TEMPEST
l0pht
14. The person that controls access to the data
Custodian
Accreditation
Boot-sector Virus
Owner
15. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
CRC (Cyclic Redundancy Check)
Switches / Bridges
Job rotation
Acceptable use
16. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
SESAME
Aggregation
Wiretapping
Risk Analysis
17. Network device that operates at layer 1. Concentrator.
Noise & perturbation
Java
MOM
Hubs
18. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Authorization
Fraud
Patent
Checksum
19. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
CIRT
Authorization
Trademark
OSI Model
20. A network that uses proprietary protocols
Software
Closed network
Boot-sector Virus
Hackers
21. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Asymmetric
Throughput of a Biometric System
Skipjack
Joke
22. Involving the measurement of quantity or amount.
Copyright
Quantitative
Wiretapping
Diffie-Hellman
23. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Kerberos
Hardware
Exit interview
Joke
24. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
Senior Management
Hardware
IRC
25. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Multiprocessing
Detective - Preventive - Corrective
DAD
DDOS
26. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Switches / Bridges
Trap Door
Nonce
Hardware
27. Also civil law
Checksum
Key Escrow
Tort
SQL (Structured Query Language)
28. The output of a hash function is a digest.
Risk Transferring
Digest
Biometric profile
Brewer-Nash model
29. Motive - Opportunity - and Means. These deal with crime.
MOM
Hackers
Brute Force
Authentication
30. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
VLANs
Session Hijacking
Hearsay Evidence
Raid 0 - 1 - 3 - 5
31. Occupant Emergency Plan - Employees are the most important!
OEP
WAP (Wireless Application Protocol)
Brewer-Nash model
Rolling hot sites
32. Rolling command center with UPS - satellite - uplink - power - etc.
Privacy Act of 1974
Rolling hot sites
Carnivore
Vulnerability analysis tools
33. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Tailgating / Piggybacking
Diffie-Hellman
Fire extinguisher
Noise & perturbation
34. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Identification
Rijndael
Open network
Kerberos
35. To not be legal (as far as law is concerned) or ethical
Session Hijacking
Trademark
Illegal/Unethical
Trade Secret
36. When security is managed at many different points in an organization
Decentralized
Switches / Bridges
Accountability
Fraggle
37. The real cost of acquiring/maintaining/developing a system
Risk Mitigation
Asset Value
Hardware
DAD
38. Dynamic Host Configuration Protocol.
Polymorphism
DHCP
CGI (The Common Gateway Interface)
Certification
39. Ethernet - Cat5 - Twisted to allow for longer runs.
Twisted pair
Privacy Act of 1974
Security Perimeter
Patent
40. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Substitution
Noise & perturbation
l0pht
Risk Analysis
41. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Block cipher
DOS
Detective - Preventive - Corrective
Buffer overflow
42. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
War driving
CGI (The Common Gateway Interface)
Noise & perturbation
Audit Trail
43. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
Authorization creep
BIA
Tailgating / Piggybacking
Smart cards
44. Chief Information Officer
Joke
Penetration testing
Sniffing
CIO
45. The user
Authorization creep
Hearsay Evidence
User
Joke
46. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Senior Management
Security Awareness Training
EF (Exposure Factor)
Firmware
47. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
PKI
Software development lifecycle
Custodian
48. Disclosure - Alteration - Destruction. These things break the CIA triad
Authorization
Keystroke logging
DAD
Brewer-Nash model
49. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Toneloc
Quantitative
ALE (Annualized Loss Expectancy)
50. Network devices that operate at layer 3. This device separates broadcast domains.
Routers
Separation of duties
Motion detector
SESAME
