SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Polymorphic
SYN Flood
Nonce
Classes of IP networks
2. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Reciprocal agreement
PAP (Password Authentication Protocol)
/etc/passwd
Sabotage
3. A network that uses standard protocols (TCP/IP)
Open network
CCTV
Authentication
DCOM
4. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Content dependant
CD-Rom
Encryption
Hackers
5. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
SSH
UUEncode
DOS
6. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
SESAME
Software
Digital signing
Noise & perturbation
7. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Security Awareness Training
OSI Model
Kerberos
Open network
8. These can be used to verify that public keys belong to certain individuals.
Asymmetric
Spoofing
Digital certificates
TEMPEST
9. An attempt to trick the system into believing that something false is real
Identification
Hoax
PKI
Nonce
10. To not be legal (as far as law is concerned) or ethical
Eavesdropping
Due Diligence
Illegal/Unethical
Embezzlement
11. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Logic bomb
Finger scanning
Entrapment
Penetration testing
12. Chief Information Officer
Multiprocessing
Masquerade
Cyphertext only
CIO
13. A network entity that provides a single entrance / exit point to the Internet.
Bastion hosts
WAP (Wireless Application Protocol)
Rolling hot sites
Security through obscurity
14. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Digital signing
CCTV
Smurf
AES (Advanced Encryption Standard)
15. Internet Relay Chat.
Granularity
Carnivore
Digest
IRC
16. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Packet Sniffing
Technical - Administrative - Physical
UUEncode
Fiber optic
17. Access control method for database based on the content of the database to provide granular access
Security Perimeter
Content dependant
Change management
NAT
18. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Patent
Software
Incentive programs
Toneloc
19. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Copyright
Risk Transferring
RADIUS (Remote authentication dial-in user service)
Wiretapping
20. Rolling command center with UPS - satellite - uplink - power - etc.
OSI Model
SYN Flood
Rolling hot sites
VLANs
21. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Username/password
Spoofing
BIA
Worm
22. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Hubs
Stream cipher
Clipping levels
Inference
23. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Smart cards
DOS
ROT-13
Warm Site
24. Assuming someone's session who is unaware of what you are doing
Authentication
Malware
Finger printing
Session Hijacking
25. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
SESAME
RAM (Random-access memory)
SSH
l0pht
26. Chief Executive Officer
Smart cards
CEO
Hubs
Boot-sector Virus
27. Encompasses Risk Analysis and Risk Mitigation
Risk Management
Digital signing
Due Diligence
Birthday attack
28. When security is managed at many different points in an organization
Schema
Decentralized
Kerberos
OLE
29. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Biometrics
Certification
Toneloc
PKI
30. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Kerberos
Trademark
Service packs
Back door/ trap door/maintenance hook
31. Common Object Request Broker Architecture.
Tort
Embezzlement
Brute Force
CORBA
32. Occupant Emergency Plan - Employees are the most important!
Checksum
OEP
Trademark
Logic bomb
33. Method of authenticating to a system. Something that you supply and something you know.
Malware
Username/password
COOP
Covert channels
34. In cryptography - it is a block cipher
Switches / Bridges
Skipjack
Hash
Joke
35. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Classes of IP networks
Private Addressing
Java
Block cipher
36. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
Polymorphic
Clipper Chip
Aggregation
37. Someone whose hacking is primarily targeted at the phone systems
Telnet
Biometrics
Phreaker
COOP
38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Switches / Bridges
Replay
Man trap
Raid 0 - 1 - 3 - 5
39. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Repeaters
Echelon
Bastion hosts
VLANs
40. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Kerberos
Format 7 times
Man trap
SSL/TLS
41. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Clipper Chip
Risk Management
Senior Management
42. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Teardrop
Risk Mitigation
Logic bomb
Risk Analysis
43. These viruses usually infect both boot records and files.
Multipartite
Biometrics
Authorization creep
Kerberos
44. Something used to put out a fire. Can be in Classes A - B - C - D - or H
CD-Rom
Fire extinguisher
Risk Analysis
DMZ
45. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
ARO (Annualized Rate of Occurrence)
Hacker
ISDN (Integrated Services Digital Network)
Dumpster diving
46. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Hot Site
l0pht
Teardrop
47. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Accreditation
MOM
Smart cards
48. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
War driving
CIRT
SYN Flood
Firewall types
49. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
CIA
Bugtraq
Accountability
Brewer-Nash model
50. Setting up the user to access the honeypot for reasons other than the intent to harm.
Entrapment
CCTV
SSL/TLS
CIA
