SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Jumping into dumpsters to retrieve information about someone/something/a company
Centralized
Authentication
Security kernel
Dumpster diving
2. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
WTLS (Wireless Transport Layer Security)
Detective - Preventive - Corrective
Entrapment
BIOS
3. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
TCSEC
Honey pot
Clipping levels
Certification
4. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Echelon
Inference
Buffer overflow
Polymorphism
5. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Bastion hosts
Risk Mitigation
Clipping levels
Exit interview
6. The real cost of acquiring/maintaining/developing a system
Repeaters
Routers
DNS cache poisoning
Asset Value
7. When security is managed at many different points in an organization
Decentralized
Digital signing
Passive attacks
Classes of IP networks
8. Relating to quality or kind. This assigns a level of importance to something.
DAD
OEP
CIRT
Qualitative
9. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Due Care
Virtual Memory/Pagefile.sys
ActiveX Object Linking and Embedding
Granularity
10. A network that mimics the brain
Fraggle
Clipper Chip
Artificial Neural Networks (ANN)
Privacy Act of 1974
11. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
TEMPEST
Covert channels
Security Awareness Training
Reciprocal agreement
12. Ethernet - Cat5 - Twisted to allow for longer runs.
Repeaters
Worm
Twisted pair
CHAP
13. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Common criteria
Wiretapping
Quantitative
Cryptanalysis
14. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Expert System
Transposition
SESAME
DDOS
15. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
COM
Service packs
Script kiddies
Senior Management
16. The user
TEMPEST
Private Addressing
User
Masquerade
17. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Software librarian
Dictionary Attack
Biometrics
Hash
18. Accepting all packets
Nonce
Promiscuous mode
Cyphertext only
Owner
19. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Trap Door
Fraggle
Finger printing
20. Rolling command center with UPS - satellite - uplink - power - etc.
WAP (Wireless Application Protocol)
Honey pot
Rolling hot sites
Firewall types
21. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Digest
Rolling hot sites
Keystroke logging
Coax
22. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
PAP (Password Authentication Protocol)
Hot Site
Symmetric
Brute Force
23. The practice of obtaining confidential information by manipulation of legitimate users.
Symmetric
SSO (Single sign-on)
Social engineering
Risk Transferring
24. Method of authenticating to a system. Something that you supply and something you know.
Active attacks
Username/password
Cold Site
Multitasking
25. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
CEO
Promiscuous mode
Certification
Brute Force
26. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Honey pot
Boot-sector Virus
User
AES (Advanced Encryption Standard)
27. A RFC standard. A mechanism for performing commands on a remote system
Due Care
SYN Flood
Hacker
Telnet
28. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
COM
/etc/passwd
Skipjack
Biometrics
29. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
CIO
Diffie-Hellman
Security Perimeter
SLE (Single Loss Expectancy or Exposure)
30. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Script kiddies
Patriot Act
Firewall types
Artificial Neural Networks (ANN)
31. In cryptography - it is a block cipher
Rijndael
TEMPEST
Key Escrow
Skipjack
32. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Job rotation
SSH
Block cipher
Session Hijacking
33. Component Object Model.
Attenuation
Decentralized
DNS cache poisoning
COM
34. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Embezzlement
Rolling hot sites
Service packs
Reciprocal agreement
35. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Packet Sniffing
Switches / Bridges
Technical - Administrative - Physical
36. The ability to have more than one thread associated with a process
Multithreading
Birthday attack
Authorization creep
Authentication
37. Internet Architecture Board. This board is responsible for protecting the Internet.
Degausser
TCSEC
SYN Flood
IAB
38. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Job rotation
Separation of duties
Software
Sniffing
39. Must be in place for you to use a biometric system
Biometric profile
CIA
Closed network
Noise & perturbation
40. A network entity that provides a single entrance / exit point to the Internet.
Boot-sector Virus
Exit interview
Replay
Bastion hosts
41. Good for distance - longer than 100M
BIOS
Bugtraq
Coax
Wiretapping
42. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Spoofing
SESAME
TCSEC
Vulnerability analysis tools
43. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Call tree
Joke
Content dependant
Common criteria
44. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Smart cards
Multipartite
Worm
NAT
45. Confidentiality - Integrity - and Availability
VPN (Virtual Private Network)
Privacy Act of 1974
CIA
Compiler
46. Object Linking and Embedding. The ability of an object to be embedded into another object.
CGI (The Common Gateway Interface)
OLE
Digital signing
Raid 0 - 1 - 3 - 5
47. To not be legal (as far as law is concerned) or ethical
Dumpster diving
Fire extinguisher
Illegal/Unethical
Two-Factor Authentication
48. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Granularity
Motion detector
VLANs
Hardware
49. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Copyright
Teardrop
Authentication
Script
50. Emanations from one wire coupling with another wire
TCSEC
Crosstalk
Two-Factor Authentication
Security Perimeter
