SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Data remanence
User
FAR/FRR/CER
Change management
2. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
SESAME
ISDN (Integrated Services Digital Network)
Non-repudiation
3. Encompasses Risk Analysis and Risk Mitigation
Multiprocessing
Non-repudiation
Risk Management
ARO (Annualized Rate of Occurrence)
4. Public Key Infrastructure
Masquerade
PKI
Privacy Act of 1974
TEMPEST
5. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
Authorization creep
Risk Acceptance
Active attacks
6. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Content dependant
CHAP
Sabotage
Fraggle
7. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Trademark
Object Oriented Programming
Raid 0 - 1 - 3 - 5
Worm
8. These can be used to verify that public keys belong to certain individuals.
Wiretapping
Brute Force
Digital certificates
CGI (The Common Gateway Interface)
9. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
CEO
Brewer-Nash model
Multithreading
Digital certificates
10. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Mandatory vacation
Granularity
Echelon
WTLS (Wireless Transport Layer Security)
11. Common Object Request Broker Architecture.
Fences
CORBA
Separation of duties
Digest
12. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Fraud
/etc/passwd
Joke
CD-Rom
13. A military standard defining controls for emanation protection
Teardrop
Sabotage
Dumpster diving
TEMPEST
14. Random Number Base
Change management
Nonce
IAB
Joke
15. Once authenticated - the level of access you have to a system
Authorization
Java
Script kiddies
Software
16. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Data remanence
ALE (Annualized Loss Expectancy)
IRC
Risk Mitigation
17. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Hackers
RAM (Random-access memory)
OLE
Hash
18. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
OSI Model
Spoofing
EF (Exposure Factor)
Dictionary Attack
19. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Fraggle
Debug
Due Care
Brewer-Nash model
20. Signal degradation as it moves farther from its source
Clipping levels
WTLS (Wireless Transport Layer Security)
Due Diligence
Attenuation
21. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
BIOS
Passive attacks
Skipjack
22. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
OEP
Risk Transferring
Coax
Finger printing
23. A mechanism by which connections to TCP services on a system are allowed or disallowed
Code of ethics
Username/password
Callback Security/Call Forwarding
TCP Wrappers
24. Be at least 8 foot tall and have three strands of barbed wire.
Switches / Bridges
AES (Advanced Encryption Standard)
Fences
Echelon
25. Someone whose hacking is primarily targeted at the phone systems
Hubs
Software librarian
Authorization creep
Phreaker
26. Network device that operates at layer 1. Concentrator.
Hubs
Caesar Cipher
OLE
Polymorphism
27. Data storage formats and equipment that allow the stored data to be accessed in any order
Risk Acceptance
Echelon
Transposition
RAM (Random-access memory)
28. Relating to quality or kind. This assigns a level of importance to something.
Back door/ trap door/maintenance hook
DHCP
Hacker
Qualitative
29. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Routers
Artificial Neural Networks (ANN)
UUEncode
Clipper Chip
30. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
BIA
Man trap
Phreaker
BIOS
31. When two or more processes are linked and execute multiple programs simultaneously
NAT
Multiprocessing
Digital signing
Smurf
32. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Out of band
Virtual Memory/Pagefile.sys
SLE (Single Loss Expectancy or Exposure)
Acceptable use
33. A gas used in fire suppression. Not human safe. Chemical reaction.
Tort
Boot-sector Virus
NAT
Halon
34. The frequency with which a threat is expected to occur.
Out of band
ARO (Annualized Rate of Occurrence)
Patent
CIRT
35. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
IAB
SYN Flood
Termination procedures
Certification
36. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
Fences
Active attacks
Brute Force
37. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Honey pot
SESAME
Java
DHCP
38. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Hearsay Evidence
Polymorphism
EF (Exposure Factor)
Object Oriented Programming
39. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
DCOM
SLE (Single Loss Expectancy or Exposure)
RADIUS (Remote authentication dial-in user service)
ARP (Address Resolution Protocol)
40. These viruses usually infect both boot records and files.
Fire extinguisher
Multipartite
CORBA
Risk Transferring
41. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Telnet
Birthday attack
Entrapment
Hearsay Evidence
42. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Object Oriented Programming
FAR/FRR/CER
Java
Dogs
43. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Coax
War driving
Symmetric
WTLS (Wireless Transport Layer Security)
44. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Hacker
Security through obscurity
Smart cards
Expert systems
45. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
SLE (Single Loss Expectancy or Exposure)
Sabotage
Hardware
Trap Door
46. The output of a hash function is a digest.
Job rotation
Digest
Worm
OSI Model
47. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Logic bomb
Service packs
ROM (Read-only memory)
Tokens
48. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Smurf
TCB
Kerberos
Block cipher
49. Object Linking and Embedding. The ability of an object to be embedded into another object.
TCSEC
Custodian
DMZ
OLE
50. Component Object Model.
Callback Security/Call Forwarding
COM
Rijndael
Cyphertext only