SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
AES (Advanced Encryption Standard)
Expert System
Passive attacks
RADIUS (Remote authentication dial-in user service)
2. Data storage formats and equipment that allow the stored data to be accessed in any order
Security Perimeter
Due Care
RAM (Random-access memory)
Switches / Bridges
3. Enticing people to hit your honeypot to see how they try to access your system.
Burden of Proof
TCSEC
Multipartite
Enticement
4. These can be used to verify that public keys belong to certain individuals.
Change management
OSI Model
Digital certificates
Artificial Neural Networks (ANN)
5. Random Number Base
Biometric profile
Nonce
Due Care
Throughput of a Biometric System
6. To not be legal (as far as law is concerned) or ethical
Senior Management
Well-known ports
Illegal/Unethical
Macro
7. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
Termination procedures
Authentication
Joke
8. Threat to physical security.
Sabotage
Sniffing
Phreaker
RAM (Random-access memory)
9. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Common criteria
Trade Secret
Motion detector
Reciprocal agreement
10. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Crosstalk
Hubs
Hash
FAR/FRR/CER
11. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Debug
FAR/FRR/CER
SQL (Structured Query Language)
Risk Management
12. The frequency with which a threat is expected to occur.
Incentive programs
ARO (Annualized Rate of Occurrence)
Accountability
Script kiddies
13. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Cryptanalysis
Back door/ trap door/maintenance hook
Trade Secret
Noise & perturbation
14. White hat l0pht
Bugtraq
FAR/FRR/CER
Compiler
Brute force
15. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Bastion hosts
Separation of duties
Non-repudiation
Security kernel
16. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
CIO
ARP (Address Resolution Protocol)
Diffie-Hellman
Acceptable use
17. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Risk Mitigation
CORBA
DAD
18. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Biometric profile
Schema
Risk Analysis
Throughput of a Biometric System
19. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Dumpster diving
DNS cache poisoning
Dictionary Attack
CHAP
20. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Covert channels
Out of band
Twisted pair
Hardware
21. Signal degradation as it moves farther from its source
Burden of Proof
OLE
Asset Value
Attenuation
22. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
OEP
Risk Acceptance
ISDN (Integrated Services Digital Network)
Clipper Chip
23. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Software librarian
Expert System
Data remanence
Format 7 times
24. A technique to eliminate data redundancy.
Dictionary Attack
Normalization
Teardrop
Expert System
25. Accepting all packets
Transposition
Format 7 times
Data Mart
Promiscuous mode
26. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Inference
DCOM
Fiber optic
Burden of Proof
27. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
CHAP
Security Awareness Training
Clipping levels
l0pht
28. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Data remanence
ISDN (Integrated Services Digital Network)
Digital certificates
Cryptanalysis
29. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
OSI Model
UUEncode
CEO
Java
30. Dialing fixed sets telephone numbers looking for open modem connections to machines
War dialing
Centralized
Bugtraq
COOP
31. Making individuals accountable for their actions on a system typically through the use of auditing
Security Awareness Training
TCSEC
Accountability
Polymorphic
32. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Multipartite
Clipping levels
ROT-13
Promiscuous mode
33. Dynamic Host Configuration Protocol.
DHCP
Biometric profile
Software librarian
SESAME
34. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Polymorphic
MitM
SLE (Single Loss Expectancy or Exposure)
Toneloc
35. A sandbox. Emulates an operating environment.
Virtual machine
Hacker
Asymmetric
ARP (Address Resolution Protocol)
36. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Eavesdropping
SSH
Cookies
Software
37. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Script kiddies
Substitution
Base-64
38. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
OEP
PKI
Caesar Cipher
CRC (Cyclic Redundancy Check)
39. Involving the measurement of quantity or amount.
Sniffing
Risk Mitigation
Quantitative
Sabotage
40. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
Telnet
Boot-sector Virus
Digital signing
41. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Fiber optic
Privacy Act of 1974
Due Diligence
Java
42. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Privacy Act of 1974
Noise & perturbation
Macro
Out of band
43. A network that mimics the brain
DMZ
Artificial Neural Networks (ANN)
Separation of duties
Closed network
44. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Bugtraq
COOP
Illegal/Unethical
Cookies
45. A hidden communications channel on a system that allows for the bypassing of the system security policy
Covert channels
EF (Exposure Factor)
Firmware
/etc/passwd
46. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Digest
Trade Secret
Due Care
Quantitative
47. Once authenticated - the level of access you have to a system
Compiler
Firmware
FAR/FRR/CER
Authorization
48. Public Key Infrastructure
Expert systems
PKI
Trojan horses
Software development lifecycle
49. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Attenuation
FAR/FRR/CER
Dumpster diving
Brewer-Nash model
50. Motivational tools for employee awareness to get them to report security flaws in an organization
Incentive programs
ARP (Address Resolution Protocol)
Code of ethics
Biometrics