Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Exit interview
NAT
DDOS
Multiprocessing

2. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Halon
War driving
Toneloc
CCTV

3. An attempt to trick the system into believing that something false is real
Hoax
SQL (Structured Query Language)
Coax
Quality Assurance

4. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Virtual Memory/Pagefile.sys
Motion detector
Dogs
Smart cards

5. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Hearsay Evidence
Qualitative
SYN Flood

6. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
ARO (Annualized Rate of Occurrence)
Due Care
Closed network
Malware

7. The act of identifying yourself. Providing your identity to a system
Virtual Memory/Pagefile.sys
Keystroke logging
Identification
PKI

8. To not be legal (as far as law is concerned) or ethical
NAT
Illegal/Unethical
Back door/ trap door/maintenance hook
ActiveX Object Linking and Embedding

9. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Attenuation
l0pht
Detective - Preventive - Corrective
Multitasking

10. Signal degradation as it moves farther from its source
Expert System
Schema
Attenuation
PKI

11. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Trap Door
Telnet
TACACS (Terminal access controller access control system)
TCP Wrappers

12. Animals with teeth. Not as discriminate as guards
Dogs
MitM
SESAME
Quality Assurance

13. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
Debug
Reciprocal agreement
Transposition

14. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Trap Door
Sabotage
Stream cipher

15. Chief Information Officer
Quantitative
CIO
Tailgating / Piggybacking
Clipping levels

16. The real cost of acquiring/maintaining/developing a system
Digest
Asset Value
Multiprocessing
Reciprocal agreement

17. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
CORBA
Reciprocal agreement
CEO

18. Relating to quality or kind. This assigns a level of importance to something.
Qualitative
Coax
Biometric profile
Honey pot

19. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Trademark
DCOM
Switches / Bridges
Echelon

20. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Cookies
Packet Sniffing
Security Awareness Training
Well-known ports

21. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Firewall types
SQL (Structured Query Language)
Senior Management

22. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Risk Management
Macro
Common criteria
Firmware

23. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Security through obscurity
Software
Brute force
CRC (Cyclic Redundancy Check)

24. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Diffie-Hellman
Scanning
Smurf
Technical - Administrative - Physical

25. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Custodian
Risk Analysis
Expert System
Brewer-Nash model

26. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Multitasking
Java
ROT-13
Honey pot

27. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fraggle
Fire extinguisher
Passive attacks
Trademark

28. Making individuals accountable for their actions on a system typically through the use of auditing
Base-64
TCP Wrappers
Accountability
Replay

29. Chief Executive Officer
AES (Advanced Encryption Standard)
Cookies
Multipartite
CEO

30. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Hot Site
Quality Assurance
User
Substitution

31. Emanations from one wire coupling with another wire
Centralized
Code of ethics
Crosstalk
Accreditation

32. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Hoax
Probing
Virtual Memory/Pagefile.sys
Fire extinguisher

33. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
SYN Flood
Patriot Act
Data Mart
Trade Secret

34. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
Phreaker
Passive attacks
OSI Model

35. The person that determines the permissions to files. The data owner.
Owner
Caesar Cipher
Symmetric
Buffer overflow

36. Public Key Infrastructure
Warm Site
PKI
Hackers
Eavesdropping

37. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Hearsay Evidence
Logic bomb
Expert systems
Owner

38. Method of authenticating to a system. Something that you supply and something you know.
Malware
Promiscuous mode
Multithreading
Username/password

39. Access control method for database based on the content of the database to provide granular access
Content dependant
Software
Two-Factor Authentication
CHAP

40. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Normalization
Entrapment
Wiretapping
Multipartite

41. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Coax
CHAP
/etc/passwd
Classes of IP networks

42. The intercepting of conversations by unintended recipients
Eavesdropping
Sniffing
Quality Assurance
Data remanence

43. White hat l0pht
Clipper Chip
Quantitative
Bugtraq
Finger scanning

44. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Joke
Embezzlement
Nonce
War driving

45. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Risk Transferring
Hardware
Stream cipher
Two-Factor Authentication

46. A site that has some equipment in place - and can be up within days
Sniffing
VPN (Virtual Private Network)
Warm Site
ActiveX Object Linking and Embedding

47. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Hash
Noise & perturbation
Base-64
TCP Wrappers

48. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Due Care
Cookies
BIOS
Expert System

49. Reasonable doubt
Decentralized
Burden of Proof
Firmware
Hardware

50. Transferring your risk to someone else - typically an insurance company
Tokens
Block cipher
Custodian
Risk Transferring