SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Distributed Component Object Model. Microsoft's implementation of CORBA.
Trademark
DCOM
Owner
Guards
2. The frequency with which a threat is expected to occur.
Firmware
ARO (Annualized Rate of Occurrence)
Telnet
Quantitative
3. Someone whose hacking is primarily targeted at the phone systems
Phreaker
Senior Management
Normalization
Finger printing
4. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Cryptanalysis
Diffie-Hellman
Tailgating / Piggybacking
Aggregation
5. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Worm
Kerberos
Switches / Bridges
Stream cipher
6. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Passive attacks
Software development lifecycle
Raid 0 - 1 - 3 - 5
SSH
7. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Hardware
Smurf
Dogs
Tokens
8. When security is managed at a central point in an organization
Acceptable use
Centralized
Social engineering
Accreditation
9. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Joke
Non-repudiation
Patriot Act
ROT-13
10. These viruses usually infect both boot records and files.
Virtual machine
Active attacks
Multipartite
SQL (Structured Query Language)
11. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Active attacks
Motion detector
Dictionary Attack
12. To not be legal (as far as law is concerned) or ethical
OSI Model
Illegal/Unethical
Trade Secret
Separation of duties
13. Relating to quality or kind. This assigns a level of importance to something.
Digital certificates
Digital signing
Security kernel
Qualitative
14. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Trap Door
Artificial Neural Networks (ANN)
Expert systems
Hoax
15. Transferring your risk to someone else - typically an insurance company
Biometrics
Acceptable use
ISDN (Integrated Services Digital Network)
Risk Transferring
16. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
SSL/TLS
Expert System
DOS
ActiveX Object Linking and Embedding
17. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
SQL (Structured Query Language)
Embezzlement
Covert channels
Diffie-Hellman
18. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Content dependant
Cryptanalysis
Replay
Exit interview
19. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Non-repudiation
Skipjack
Trap Door
Fiber optic
20. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Digest
Buffer overflow
Diffie-Hellman
Call tree
21. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Sniffing
l0pht
Throughput of a Biometric System
TACACS (Terminal access controller access control system)
22. The practice of obtaining confidential information by manipulation of legitimate users.
Spoofing
Expert System
Social engineering
Rolling hot sites
23. The art of breaking code. Testing the strength of an algorithm.
Enticement
Cryptanalysis
Polymorphism
Software
24. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
ActiveX Object Linking and Embedding
Sniffing
Multiprocessing
Hot Site
25. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Fences
Smurf
Entrapment
Keystroke logging
26. Defines the objects and their attributes that exist in a database.
Job rotation
Custodian
Schema
Non-repudiation
27. White hat l0pht
Wiretapping
COM
Packet Sniffing
Bugtraq
28. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
SYN Flood
Burden of Proof
ARP (Address Resolution Protocol)
Bugtraq
29. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Open network
TEMPEST
CRC (Cyclic Redundancy Check)
30. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Schema
Phreaker
Transposition
Security Awareness Training
31. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Echelon
Senior Management
Enticement
Macro
32. A network that mimics the brain
TCSEC
PAP (Password Authentication Protocol)
Artificial Neural Networks (ANN)
TCB
33. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
OLE
Software librarian
Teardrop
DAD
34. The process of reducing your risks to an acceptable level based on your risk analysis
Boot-sector Virus
FAR/FRR/CER
Risk Mitigation
User
35. Occupant Emergency Plan - Employees are the most important!
Encryption
Bugtraq
OEP
Dumpster diving
36. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
PAP (Password Authentication Protocol)
Fences
Social engineering
CGI (The Common Gateway Interface)
37. A system designed to stop piggybacking.
Man trap
Penetration testing
Guards
Data Mart
38. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Digest
Private Addressing
TCSEC
Patriot Act
39. Network devices that operate at layer 3. This device separates broadcast domains.
Custodian
Routers
Risk Management
Nonce
40. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Patent
Noise & perturbation
Masquerade
Base-64
41. Chief Executive Officer
Security kernel
Service packs
CEO
Senior Management
42. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Replay
CIO
Penetration testing
ALE (Annualized Loss Expectancy)
43. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CRC (Cyclic Redundancy Check)
Keystroke logging
CD-Rom
Echelon
44. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Fraud
Senior Management
Tailgating / Piggybacking
Multipartite
45. Someone who hacks
Hacker
Hackers
Qualitative
Multitasking
46. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
TCP Wrappers
Buffer overflow
Motion detector
Detective - Preventive - Corrective
47. Making individuals accountable for their actions on a system typically through the use of auditing
CIO
Fire extinguisher
FAR/FRR/CER
Accountability
48. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Data remanence
Teardrop
AES (Advanced Encryption Standard)
PAP (Password Authentication Protocol)
49. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Format 7 times
Firmware
Patent
Fences
50. Using ICMP to diagram a network
Code of ethics
Clipping levels
Probing
SLE (Single Loss Expectancy or Exposure)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests