SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Encryption
Security through obscurity
Polymorphic
Diffie-Hellman
2. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
PKI
Nonce
PAP (Password Authentication Protocol)
MitM
3. The ability to have more than one thread associated with a process
Multithreading
Halon
ALE (Annualized Loss Expectancy)
Trap Door
4. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Base-64
Biometrics
Brewer-Nash model
5. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Format 7 times
Authorization
Hardware
6. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Virtual Memory/Pagefile.sys
Block cipher
Malware
Back door/ trap door/maintenance hook
7. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Noise & perturbation
Packet Sniffing
Inference
IRC
8. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Crosstalk
Classes of IP networks
Phreaker
Normalization
9. Public Key Infrastructure
PKI
Hash
Quantitative
Cyphertext only
10. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
RAM (Random-access memory)
Coax
/etc/passwd
CHAP
11. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
AES (Advanced Encryption Standard)
IRC
PKI
Data remanence
12. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
CIO
COOP
Attenuation
MitM
13. Be at least 8 foot tall and have three strands of barbed wire.
Fences
Script kiddies
Bugtraq
ActiveX Object Linking and Embedding
14. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
War dialing
AES (Advanced Encryption Standard)
VPN (Virtual Private Network)
ROM (Read-only memory)
15. A mechanism by which connections to TCP services on a system are allowed or disallowed
Due Diligence
CORBA
Biometric profile
TCP Wrappers
16. Also civil law
Switches / Bridges
Finger printing
Fences
Tort
17. A gas used in fire suppression. Not human safe. Chemical reaction.
Halon
Macro
Tokens
Scanning
18. Emanations from one wire coupling with another wire
Joke
Crosstalk
CEO
Brute force
19. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
UUEncode
COM
Passive attacks
Java
20. Also known as a tunnel)
Base-64
Content dependant
VPN (Virtual Private Network)
Quality Assurance
21. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Granularity
Tailgating / Piggybacking
Smart cards
Brute force
22. Signal degradation as it moves farther from its source
Owner
Attenuation
Artificial Neural Networks (ANN)
Script
23. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Trap Door
Brute Force
Degausser
Authentication
24. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Risk Transferring
Phreaker
Audit Trail
DMZ
25. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
Switches / Bridges
BIOS
BIA
26. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
ISDN (Integrated Services Digital Network)
Callback Security/Call Forwarding
Tailgating / Piggybacking
Rolling hot sites
27. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
COOP
Dictionary Attack
OSI Model
Data remanence
28. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Replay
Substitution
Content dependant
Promiscuous mode
29. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Data Mart
Termination procedures
Identification
Trap Door
30. Software designed to infiltrate or damage a computer system - without the owner's consent.
Malware
Finger scanning
Raid 0 - 1 - 3 - 5
COM
31. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
l0pht
OSI Model
Buffer overflow
Risk Acceptance
32. A RFC standard. A mechanism for performing commands on a remote system
Throughput of a Biometric System
Hash
Telnet
ROT-13
33. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
DCOM
Symmetric
Multithreading
Birthday attack
34. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Virtual Memory/Pagefile.sys
Brewer-Nash model
NAT
Private Addressing
35. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Hot Site
DDOS
Enticement
Promiscuous mode
36. The intercepting of conversations by unintended recipients
Eavesdropping
Classes of IP networks
Callback Security/Call Forwarding
IRC
37. Random Number Base
Nonce
Vulnerability analysis tools
ROM (Read-only memory)
Custodian
38. More discriminate than dogs
Authorization creep
Guards
Common criteria
CGI (The Common Gateway Interface)
39. Data storage formats and equipment that allow the stored data to be accessed in any order
TCP Wrappers
OSI Model
RAM (Random-access memory)
Base-64
40. Occupant Emergency Plan - Employees are the most important!
Passive attacks
Back door/ trap door/maintenance hook
BIOS
OEP
41. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
SESAME
Change management
WAP (Wireless Application Protocol)
Accountability
42. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
PAP (Password Authentication Protocol)
Halon
Masquerade
Private Addressing
43. Reasonable doubt
Teardrop
Warm Site
Job rotation
Burden of Proof
44. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
RAM (Random-access memory)
Spoofing
Hot Site
CORBA
45. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Common criteria
Virtual Memory/Pagefile.sys
Dogs
Diffie-Hellman
46. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
DOS
Authentication
Mandatory vacation
Cyphertext only
47. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Exit interview
Crosstalk
Privacy Act of 1974
TCSEC
48. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Virtual Memory/Pagefile.sys
Smart cards
OLE
49. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Qualitative
Hoax
ROT-13
Cold Site
50. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Multitasking
Smurf
Wiretapping
Back door/ trap door/maintenance hook