SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Code of ethics
Firewall types
MOM
2. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Copyright
Salami Slicing
Hackers
User
3. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Degausser
Trojan horses
Tokens
WTLS (Wireless Transport Layer Security)
4. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Code of ethics
Trade Secret
Digital certificates
CD-Rom
5. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Acceptable use
Tokens
SSO (Single sign-on)
Kerberos
6. These can be used to verify that public keys belong to certain individuals.
TCB
Digital certificates
IRC
Eavesdropping
7. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Biometrics
Clipping levels
Packet Sniffing
Hackers
8. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Artificial Neural Networks (ANN)
Smart cards
Expert System
SLE (Single Loss Expectancy or Exposure)
9. Continuation of Operations Plan
Hearsay Evidence
COOP
IRC
Carnivore
10. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Polymorphic
BIA
Honey pot
OLE
11. The art of breaking code. Testing the strength of an algorithm.
Reciprocal agreement
Cryptanalysis
Acceptable use
Inference
12. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
Bugtraq
Aggregation
Trade Secret
13. The output of a hash function is a digest.
Digest
Detective - Preventive - Corrective
CIRT
Compiler
14. A network that mimics the brain
Artificial Neural Networks (ANN)
Transposition
Private Addressing
Keystroke logging
15. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Audit Trail
Polymorphism
Software development lifecycle
Fire extinguisher
16. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Substitution
DOS
Penetration testing
Due Care
17. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Probing
Brewer-Nash model
Throughput of a Biometric System
18. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Smurf
Clipper Chip
Fiber optic
Firmware
19. Entails planning and system actions to ensure that a project is following good quality management practices
Tailgating / Piggybacking
User
Logic bomb
Quality Assurance
20. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Burden of Proof
Entrapment
Hardware
Honey pot
21. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
l0pht
Throughput of a Biometric System
Birthday attack
User
22. A sandbox. Emulates an operating environment.
Risk Transferring
VLANs
Custodian
Virtual machine
23. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Tort
Polymorphic
DMZ
Risk Transferring
24. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
CEO
Authorization
Due Diligence
ROM (Read-only memory)
25. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
OSI Model
Rijndael
Repeaters
Malware
26. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Data remanence
Privacy Act of 1974
Nonce
Exit interview
27. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Multitasking
Accreditation
Software development lifecycle
Masquerade
28. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
IAB
Out of band
Joke
WTLS (Wireless Transport Layer Security)
29. Making individuals accountable for their actions on a system typically through the use of auditing
Code of ethics
Malware
User
Accountability
30. Internet Architecture Board. This board is responsible for protecting the Internet.
IAB
Audit Trail
Call tree
Transposition
31. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Detective - Preventive - Corrective
Crosstalk
Centralized
CIA
32. The person that determines the permissions to files. The data owner.
Teardrop
Security kernel
Masquerade
Owner
33. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Authentication
Encryption
Trojan horses
Two-Factor Authentication
34. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Smart cards
Copyright
Hackers
ALE (Annualized Loss Expectancy)
35. Data storage formats and equipment that allow the stored data to be accessed in any order
TEMPEST
Back door/ trap door/maintenance hook
Format 7 times
RAM (Random-access memory)
36. When security is managed at many different points in an organization
Decentralized
Phreaker
Kerberos
Hardware
37. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Security kernel
OSI Model
Certification
Honey pot
38. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Risk Management
Spoofing
CRC (Cyclic Redundancy Check)
CEO
39. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Data remanence
Biometrics
WTLS (Wireless Transport Layer Security)
SSO (Single sign-on)
40. Object Linking and Embedding. The ability of an object to be embedded into another object.
OLE
TCP Wrappers
Risk Transferring
Script kiddies
41. The frequency with which a threat is expected to occur.
Digest
ARO (Annualized Rate of Occurrence)
Authorization
Termination procedures
42. An instance of a scripting language
Closed network
TCSEC
MitM
Script
43. Encompasses Risk Analysis and Risk Mitigation
Bugtraq
Fraud
Risk Management
SYN Flood
44. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Penetration testing
Due Care
Granularity
Expert systems
45. Network devices that operate at layer 3. This device separates broadcast domains.
PKI
Routers
Centralized
Virtual machine
46. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Brute Force
Echelon
TACACS (Terminal access controller access control system)
Halon
47. Component Object Model.
COM
Burden of Proof
Checksum
Entrapment
48. When two or more processes are linked and execute multiple programs simultaneously
Logic bomb
Multiprocessing
Embezzlement
Noise & perturbation
49. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Open network
Multithreading
Birthday attack
50. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
BIOS
Multitasking
Trojan horses
Java
