SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Authorization
Embezzlement
Copyright
Polymorphic
2. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Stream cipher
Key Escrow
Hot Site
Hoax
3. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Object Oriented Programming
Virtual Memory/Pagefile.sys
Hackers
PKI
4. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Expert systems
CRC (Cyclic Redundancy Check)
Termination procedures
Coax
5. Motivational tools for employee awareness to get them to report security flaws in an organization
Schema
Incentive programs
l0pht
Base-64
6. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
AES (Advanced Encryption Standard)
Penetration testing
Dictionary Attack
Routers
7. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Kerberos
Replay
Debug
CHAP
8. Network devices that operate at layer 3. This device separates broadcast domains.
FAR/FRR/CER
Routers
Senior Management
NAT
9. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Tort
Quality Assurance
Embezzlement
Java
10. Confidentiality - Integrity - and Availability
Logic bomb
Privacy Act of 1974
CIA
Data remanence
11. A site that has some equipment in place - and can be up within days
WAP (Wireless Application Protocol)
Birthday attack
Warm Site
Diffie-Hellman
12. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
CIO
SSO (Single sign-on)
AES (Advanced Encryption Standard)
Debug
13. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Promiscuous mode
Digital signing
Wiretapping
Authorization creep
14. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
ALE (Annualized Loss Expectancy)
Teardrop
Authorization creep
Data Mart
15. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Granularity
Substitution
Key Escrow
Cryptanalysis
16. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Halon
EF (Exposure Factor)
MOM
Multitasking
17. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Biometrics
Senior Management
SSH
Fiber optic
18. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Authentication
Classes of IP networks
Clipper Chip
19. The practice of obtaining confidential information by manipulation of legitimate users.
Brute Force
Two-Factor Authentication
Buffer overflow
Social engineering
20. Signal degradation as it moves farther from its source
Base-64
Digital signing
Attenuation
Honey pot
21. These viruses usually infect both boot records and files.
Multipartite
ARO (Annualized Rate of Occurrence)
CEO
Exit interview
22. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Authentication
Passive attacks
DOS
Debug
23. An instance of a scripting language
Macro
Script
CRC (Cyclic Redundancy Check)
Finger scanning
24. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Finger scanning
Privacy Act of 1974
Job rotation
Buffer overflow
25. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
OEP
Tailgating / Piggybacking
Eavesdropping
Smurf
26. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Callback Security/Call Forwarding
ROT-13
Dogs
CORBA
27. Encompasses Risk Analysis and Risk Mitigation
Dogs
Script kiddies
Attenuation
Risk Management
28. A technique to eliminate data redundancy.
SSH
Code of ethics
Joke
Normalization
29. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Worm
RADIUS (Remote authentication dial-in user service)
Clipper Chip
DDOS
30. Internet Relay Chat.
IRC
Masquerade
Active attacks
Firewall types
31. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
SSO (Single sign-on)
Firewall types
TCB
Coax
32. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
SSL/TLS
Checksum
TCB
Risk Management
33. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Out of band
Raid 0 - 1 - 3 - 5
Debug
Risk Analysis
34. A network that mimics the brain
CIO
CHAP
Masquerade
Artificial Neural Networks (ANN)
35. Dynamic Host Configuration Protocol.
Embezzlement
DHCP
Risk Analysis
IRC
36. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Fire extinguisher
Session Hijacking
Logic bomb
37. Data storage formats and equipment that allow the stored data to be accessed in any order
Logic bomb
Throughput of a Biometric System
RAM (Random-access memory)
Risk Transferring
38. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Twisted pair
OSI Model
Back door/ trap door/maintenance hook
Dogs
39. A military standard defining controls for emanation protection
SSH
Attenuation
Enticement
TEMPEST
40. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
PKI
Honey pot
Technical - Administrative - Physical
Hardware
41. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Username/password
Spoofing
Fiber optic
Rolling hot sites
42. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Common criteria
Repeaters
Vulnerability analysis tools
Logic bomb
43. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Finger printing
Bastion hosts
ARP (Address Resolution Protocol)
SLE (Single Loss Expectancy or Exposure)
44. Closed Circuit Television
CIRT
CORBA
CCTV
Fences
45. Chief Information Officer
Wiretapping
Probing
Data remanence
CIO
46. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Digital signing
Firmware
Asymmetric
Security through obscurity
47. Once authenticated - the level of access you have to a system
Back door/ trap door/maintenance hook
IAB
Halon
Authorization
48. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Noise & perturbation
Firewall types
Brewer-Nash model
Rijndael
49. A gas used in fire suppression. Not human safe. Chemical reaction.
Common criteria
Halon
Back door/ trap door/maintenance hook
Caesar Cipher
50. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Detective - Preventive - Corrective
Finger printing
Virtual machine
Risk Analysis
