SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Spoofing
Content dependant
Hardware
Wiretapping
2. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
COM
Quality Assurance
Software librarian
Back door/ trap door/maintenance hook
3. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Joke
Polymorphic
Copyright
Session Hijacking
4. A mechanism by which connections to TCP services on a system are allowed or disallowed
Asymmetric
Twisted pair
Audit Trail
TCP Wrappers
5. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Object Oriented Programming
Format 7 times
DDOS
Script
6. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Software librarian
Brute Force
Detective - Preventive - Corrective
Passive attacks
7. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Software development lifecycle
Bugtraq
Brewer-Nash model
DHCP
8. Assuming someone's session who is unaware of what you are doing
Object Oriented Programming
Honey pot
Enticement
Session Hijacking
9. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
WAP (Wireless Application Protocol)
Fiber optic
VPN (Virtual Private Network)
10. Access control method for database based on the content of the database to provide granular access
Inference
User
Session Hijacking
Content dependant
11. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Finger printing
ISDN (Integrated Services Digital Network)
Throughput of a Biometric System
Honey pot
12. This is an open international standard for applications that use wireless communications.
Trojan horses
WAP (Wireless Application Protocol)
Biometrics
TEMPEST
13. An instance of a scripting language
Digital certificates
Carnivore
TCB
Script
14. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Risk Transferring
ARP (Address Resolution Protocol)
Content dependant
Risk Mitigation
15. The frequency with which a threat is expected to occur.
Back door/ trap door/maintenance hook
ARO (Annualized Rate of Occurrence)
Penetration testing
Callback Security/Call Forwarding
16. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Routers
Rijndael
Decentralized
SQL (Structured Query Language)
17. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
MitM
Logic bomb
SLE (Single Loss Expectancy or Exposure)
Biometric profile
18. Occupant Emergency Plan - Employees are the most important!
Masquerade
OEP
Exit interview
Dumpster diving
19. Closed Circuit Television
CCTV
Clipper Chip
Expert System
Nonce
20. A RFC standard. A mechanism for performing commands on a remote system
Malware
Expert System
EF (Exposure Factor)
Telnet
21. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
SQL (Structured Query Language)
SSO (Single sign-on)
Authentication
AES (Advanced Encryption Standard)
22. The act of identifying yourself. Providing your identity to a system
Entrapment
Bugtraq
Identification
MOM
23. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Due Care
Keystroke logging
Non-repudiation
Nonce
24. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Compiler
Macro
War dialing
Quantitative
25. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Two-Factor Authentication
Asset Value
Macro
ActiveX Object Linking and Embedding
26. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Security Perimeter
Teardrop
CEO
Trojan horses
27. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
ROM (Read-only memory)
TCP Wrappers
Incentive programs
28. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
SYN Flood
SQL (Structured Query Language)
Fire extinguisher
Virtual Memory/Pagefile.sys
29. Also civil law
Tort
Probing
SQL (Structured Query Language)
BIA
30. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Acceptable use
Security kernel
Java
BIOS
31. The process of reducing your risks to an acceptable level based on your risk analysis
Bastion hosts
Qualitative
IRC
Risk Mitigation
32. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
Attenuation
Script kiddies
Finger scanning
33. Someone whose hacking is primarily targeted at the phone systems
Trap Door
Encryption
Multipartite
Phreaker
34. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Digest
Honey pot
Logic bomb
WTLS (Wireless Transport Layer Security)
35. Enticing people to hit your honeypot to see how they try to access your system.
Private Addressing
Acceptable use
Authentication
Enticement
36. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
DMZ
Termination procedures
Hearsay Evidence
Code of ethics
37. The real cost of acquiring/maintaining/developing a system
Asset Value
Wiretapping
RAM (Random-access memory)
Hash
38. 'If you cant see it - its secure'. Bad policy to live by.
Artificial Neural Networks (ANN)
WTLS (Wireless Transport Layer Security)
Toneloc
Security through obscurity
39. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
l0pht
Audit Trail
RADIUS (Remote authentication dial-in user service)
Repeaters
40. The ability to have more than one thread associated with a process
Diffie-Hellman
Authorization
Multithreading
Hackers
41. Internet Relay Chat.
ARP (Address Resolution Protocol)
Virtual machine
IRC
Finger scanning
42. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
VPN (Virtual Private Network)
Promiscuous mode
Polymorphic
Block cipher
43. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Fire extinguisher
CHAP
Session Hijacking
Risk Management
44. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
CRC (Cyclic Redundancy Check)
Out of band
Firmware
Embezzlement
45. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Tokens
Promiscuous mode
Privacy Act of 1974
Teardrop
46. In the broadest sense - a fraud is a deception made for personal gain
ARP (Address Resolution Protocol)
Symmetric
Packet Sniffing
Fraud
47. Once authenticated - the level of access you have to a system
Data remanence
Authorization
Block cipher
War driving
48. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Brute force
Promiscuous mode
Joke
49. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
l0pht
Back door/ trap door/maintenance hook
Echelon
Hot Site
50. The output of a hash function is a digest.
Quality Assurance
Digest
Masquerade
Fire extinguisher