SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Rijndael
Toneloc
Transposition
SYN Flood
2. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Smart cards
Risk Management
Coax
Owner
3. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Hacker
Bastion hosts
Brute Force
User
4. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Security Awareness Training
Audit Trail
Clipper Chip
Risk Analysis
5. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Expert systems
Mandatory vacation
OLE
CGI (The Common Gateway Interface)
6. When security is managed at a central point in an organization
Birthday attack
Digital certificates
Software librarian
Centralized
7. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Hackers
Fraggle
Bugtraq
8. Computer Incident Response Team
Service packs
Repeaters
CIRT
FAR/FRR/CER
9. A war dialing utility
FAR/FRR/CER
Clipping levels
Embezzlement
Toneloc
10. An instance of a scripting language
Expert systems
Tort
Java
Script
11. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
AES (Advanced Encryption Standard)
Data remanence
Trojan horses
CGI (The Common Gateway Interface)
12. Access control method for database based on the content of the database to provide granular access
Transposition
Content dependant
Penetration testing
Packet Sniffing
13. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Reciprocal agreement
Multithreading
Smurf
Username/password
14. After implementing countermeasures - accepting risk for the amount of vulnerability left over
ISDN (Integrated Services Digital Network)
Telnet
Risk Acceptance
Tort
15. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Hubs
TCB
Virtual Memory/Pagefile.sys
Biometric profile
16. Encompasses Risk Analysis and Risk Mitigation
PKI
Bugtraq
Risk Management
Change management
17. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Wiretapping
Multipartite
Trademark
Burden of Proof
18. The person that controls access to the data
Artificial Neural Networks (ANN)
TCB
Script kiddies
Custodian
19. These viruses usually infect both boot records and files.
Multithreading
Session Hijacking
Trap Door
Multipartite
20. The act of identifying yourself. Providing your identity to a system
Macro
Artificial Neural Networks (ANN)
Fire extinguisher
Identification
21. A network entity that provides a single entrance / exit point to the Internet.
Private Addressing
Authorization
Bastion hosts
TEMPEST
22. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Stream cipher
Call tree
Job rotation
Worm
23. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Hot Site
Joke
Accreditation
Polymorphism
24. A network that mimics the brain
Kerberos
Multiprocessing
Inference
Artificial Neural Networks (ANN)
25. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
SSO (Single sign-on)
Illegal/Unethical
Qualitative
Digital signing
26. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Joke
Smurf
Cryptanalysis
Attenuation
27. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Aggregation
CHAP
DAD
/etc/passwd
28. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
Carnivore
Entrapment
Biometric profile
29. Also known as a tunnel)
Security kernel
Software librarian
Identification
VPN (Virtual Private Network)
30. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Biometric profile
Honey pot
Social engineering
RADIUS (Remote authentication dial-in user service)
31. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
User
Probing
PKI
Rijndael
32. Dynamic Host Configuration Protocol.
DHCP
Security Awareness Training
TCP Wrappers
Multitasking
33. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Trap Door
Nonce
Polymorphism
Authorization
34. The user
Repeaters
MOM
Fraud
User
35. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Risk Management
Echelon
Logic bomb
Teardrop
36. In cryptography - it is a block cipher
Skipjack
Security through obscurity
Script
TACACS (Terminal access controller access control system)
37. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Detective - Preventive - Corrective
Embezzlement
Buffer overflow
WTLS (Wireless Transport Layer Security)
38. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Embezzlement
Scanning
Motion detector
SSL/TLS
39. More discriminate than dogs
Virtual machine
Private Addressing
Guards
Block cipher
40. Someone whose hacking is primarily targeted at the phone systems
Digital signing
Skipjack
Phreaker
WAP (Wireless Application Protocol)
41. Signal degradation as it moves farther from its source
Attenuation
Substitution
Accreditation
EF (Exposure Factor)
42. A network that uses proprietary protocols
Closed network
Patent
Key Escrow
Degausser
43. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fire extinguisher
PKI
WTLS (Wireless Transport Layer Security)
WAP (Wireless Application Protocol)
44. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Data remanence
FAR/FRR/CER
Identification
CD-Rom
45. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Hardware
Risk Acceptance
Back door/ trap door/maintenance hook
Boot-sector Virus
46. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Repeaters
Call tree
Embezzlement
Transposition
47. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Risk Acceptance
Passive attacks
Fences
Malware
48. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Identification
DNS cache poisoning
CGI (The Common Gateway Interface)
Job rotation
49. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Rolling hot sites
OLE
l0pht
Due Care
50. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Content dependant
COOP
Job rotation
MOM