SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Hackers
Aggregation
Debug
Cryptanalysis
2. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
SSO (Single sign-on)
Asymmetric
ARO (Annualized Rate of Occurrence)
Back door/ trap door/maintenance hook
3. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Wiretapping
Buffer overflow
SESAME
Compiler
4. These can be used to verify that public keys belong to certain individuals.
Inference
TACACS (Terminal access controller access control system)
Tailgating / Piggybacking
Digital certificates
5. Relating to quality or kind. This assigns a level of importance to something.
CORBA
Qualitative
Stream cipher
RADIUS (Remote authentication dial-in user service)
6. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Open network
Security kernel
DHCP
Due Diligence
7. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Substitution
Cyphertext only
Symmetric
Change management
8. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Clipping levels
Audit Trail
Due Diligence
SYN Flood
9. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Keystroke logging
BIOS
Kerberos
Security Awareness Training
10. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Telnet
Centralized
Motion detector
CRC (Cyclic Redundancy Check)
11. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
SSL/TLS
Masquerade
SYN Flood
Boot-sector Virus
12. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Scanning
Fraggle
ALE (Annualized Loss Expectancy)
Brewer-Nash model
13. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
TCB
Tort
Packet Sniffing
14. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Rijndael
Artificial Neural Networks (ANN)
Joke
PAP (Password Authentication Protocol)
15. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Keystroke logging
Aggregation
Acceptable use
Private Addressing
16. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Accreditation
Authorization
Exit interview
Code of ethics
17. Object Linking and Embedding. The ability of an object to be embedded into another object.
Fences
RADIUS (Remote authentication dial-in user service)
OLE
IAB
18. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Script kiddies
Java
Detective - Preventive - Corrective
WAP (Wireless Application Protocol)
19. Enticing people to hit your honeypot to see how they try to access your system.
DHCP
DCOM
Enticement
NAT
20. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Asset Value
Technical - Administrative - Physical
Masquerade
Cookies
21. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
VPN (Virtual Private Network)
Security through obscurity
Joke
Authorization
22. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
Digital signing
Transposition
Callback Security/Call Forwarding
23. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
ARP (Address Resolution Protocol)
DDOS
Base-64
SSO (Single sign-on)
24. Personal - Network - and Application
Polymorphic
Firewall types
Logic bomb
Callback Security/Call Forwarding
25. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Rolling hot sites
VLANs
Repeaters
Skipjack
26. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
Honey pot
OLE
Clipping levels
27. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Joke
Open network
Polymorphic
Brewer-Nash model
28. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Brewer-Nash model
Halon
DOS
Base-64
29. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Rijndael
Copyright
Replay
IRC
30. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Closed network
Smurf
Hardware
Trademark
31. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Covert channels
CIA
SSH
Authorization
32. Emanations from one wire coupling with another wire
Eavesdropping
Crosstalk
BIA
Repeaters
33. Repeats the signal. It amplifies the signal before sending it on.
Trade Secret
Repeaters
Security kernel
Digital certificates
34. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Software development lifecycle
Script kiddies
Transposition
SSH
35. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Encryption
CORBA
ARP (Address Resolution Protocol)
Due Care
36. Chief Information Officer
Twisted pair
CIO
DCOM
Debug
37. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Due Care
Software librarian
Boot-sector Virus
Checksum
38. A network that uses standard protocols (TCP/IP)
Raid 0 - 1 - 3 - 5
Dumpster diving
Open network
War dialing
39. A military standard defining controls for emanation protection
Trojan horses
Multitasking
Risk Analysis
TEMPEST
40. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
Certification
Multithreading
RAM (Random-access memory)
41. Reasonable doubt
Burden of Proof
Base-64
Guards
Call tree
42. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Degausser
TACACS (Terminal access controller access control system)
CRC (Cyclic Redundancy Check)
Entrapment
43. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Encryption
Inference
SESAME
Sabotage
44. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
OEP
Hardware
Exit interview
Certification
45. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
Rolling hot sites
ARO (Annualized Rate of Occurrence)
Symmetric
46. This is an open international standard for applications that use wireless communications.
Entrapment
WAP (Wireless Application Protocol)
Polymorphism
Expert System
47. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Key Escrow
Brute force
Well-known ports
SSL/TLS
48. Component Object Model.
Guards
ROT-13
COM
Fences
49. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Social engineering
Biometrics
Polymorphic
Callback Security/Call Forwarding
50. Good for distance - longer than 100M
Authorization creep
Coax
Format 7 times
Call tree