SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attempt to trick the system into believing that something false is real
Virtual Memory/Pagefile.sys
Risk Transferring
Hoax
Username/password
2. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Brewer-Nash model
CGI (The Common Gateway Interface)
Crosstalk
3. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Trap Door
Fire extinguisher
Finger printing
Brute force
4. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Script
Authentication
l0pht
Multitasking
5. Disclosure - Alteration - Destruction. These things break the CIA triad
DAD
SLE (Single Loss Expectancy or Exposure)
ActiveX Object Linking and Embedding
Accreditation
6. A gas used in fire suppression. Not human safe. Chemical reaction.
Logic bomb
Halon
Compiler
Tort
7. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Cookies
FAR/FRR/CER
ROT-13
VPN (Virtual Private Network)
8. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
War dialing
Symmetric
Buffer overflow
CCTV
9. Continuation of Operations Plan
COOP
Accreditation
Birthday attack
Nonce
10. Ethernet - Cat5 - Twisted to allow for longer runs.
Twisted pair
Cookies
Skipjack
Fire extinguisher
11. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Passive attacks
ActiveX Object Linking and Embedding
Hearsay Evidence
ARO (Annualized Rate of Occurrence)
12. Relating to quality or kind. This assigns a level of importance to something.
Qualitative
VPN (Virtual Private Network)
Replay
Trojan horses
13. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Dictionary Attack
Audit Trail
Hoax
Expert System
14. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
OLE
RADIUS (Remote authentication dial-in user service)
Halon
15. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Common criteria
Granularity
Social engineering
SLE (Single Loss Expectancy or Exposure)
16. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Teardrop
Out of band
SYN Flood
NAT
17. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Salami Slicing
Finger scanning
Authorization creep
Data Mart
18. Accepting all packets
Sabotage
Risk Acceptance
Promiscuous mode
Hot Site
19. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Embezzlement
Security through obscurity
Malware
CIRT
20. Chief Information Officer
SSO (Single sign-on)
Format 7 times
CIO
ROM (Read-only memory)
21. Defines the objects and their attributes that exist in a database.
CRC (Cyclic Redundancy Check)
Schema
Noise & perturbation
Smurf
22. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
WTLS (Wireless Transport Layer Security)
Quantitative
Block cipher
Code of ethics
23. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
User
Callback Security/Call Forwarding
Inference
Expert System
24. A war dialing utility
EF (Exposure Factor)
Security Awareness Training
Toneloc
BIOS
25. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Format 7 times
Cyphertext only
Fiber optic
Copyright
26. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
SYN Flood
ALE (Annualized Loss Expectancy)
Digital certificates
Software
27. A site that has some equipment in place - and can be up within days
Warm Site
Closed network
Asset Value
Worm
28. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Fences
Hubs
Clipper Chip
Masquerade
29. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Teardrop
Substitution
Expert systems
Toneloc
30. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
SSO (Single sign-on)
Nonce
Promiscuous mode
31. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Caesar Cipher
DCOM
Callback Security/Call Forwarding
BIA
32. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Promiscuous mode
Multipartite
Trademark
Smurf
33. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Smart cards
Java
TCSEC
War driving
34. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Due Diligence
DCOM
Key Escrow
Classes of IP networks
35. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Fiber optic
Multitasking
SSL/TLS
Senior Management
36. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Digital signing
Finger scanning
Dumpster diving
Due Diligence
37. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Owner
Software
War driving
Cryptanalysis
38. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Mandatory vacation
DMZ
Repeaters
COM
39. Once authenticated - the level of access you have to a system
Warm Site
Open network
Wiretapping
Authorization
40. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
Granularity
OEP
Fraud
41. White hat l0pht
Tailgating / Piggybacking
Malware
Bugtraq
Decentralized
42. Chief Executive Officer
Trade Secret
CGI (The Common Gateway Interface)
Man trap
CEO
43. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
ROT-13
UUEncode
MOM
Fraggle
44. A network that mimics the brain
Owner
IAB
Artificial Neural Networks (ANN)
Nonce
45. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Fraud
War dialing
Mandatory vacation
Content dependant
46. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Key Escrow
CHAP
Accreditation
Exit interview
47. A network that uses standard protocols (TCP/IP)
Open network
Passive attacks
CIO
Caesar Cipher
48. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
TCB
ARP (Address Resolution Protocol)
Base-64
49. These viruses usually infect both boot records and files.
Authorization creep
BIA
Script
Multipartite
50. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Object Oriented Programming
Risk Mitigation
Spoofing
RAM (Random-access memory)