SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. White hat l0pht
DAD
Fraud
Bugtraq
Finger printing
2. Entails planning and system actions to ensure that a project is following good quality management practices
Covert channels
Buffer overflow
Quality Assurance
CGI (The Common Gateway Interface)
3. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Risk Mitigation
Penetration testing
ROM (Read-only memory)
Finger scanning
4. A network that uses standard protocols (TCP/IP)
Illegal/Unethical
Open network
MitM
Fiber optic
5. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Multithreading
Warm Site
Fiber optic
Schema
6. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Dogs
UUEncode
Biometric profile
Script kiddies
7. Component Object Model.
COM
ALE (Annualized Loss Expectancy)
ROM (Read-only memory)
Inference
8. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
CHAP
Social engineering
CD-Rom
Rijndael
9. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Sabotage
Fences
Copyright
SQL (Structured Query Language)
10. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Separation of duties
Change management
IRC
Telnet
11. Encompasses Risk Analysis and Risk Mitigation
Transposition
Tailgating / Piggybacking
RADIUS (Remote authentication dial-in user service)
Risk Management
12. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Crosstalk
Multithreading
Classes of IP networks
ALE (Annualized Loss Expectancy)
13. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
Promiscuous mode
Tailgating / Piggybacking
Virtual machine
14. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
FAR/FRR/CER
MitM
Skipjack
Polymorphic
15. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
SESAME
Service packs
Firmware
Digest
16. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
CHAP
Security kernel
Cyphertext only
Incentive programs
17. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Motion detector
Risk Acceptance
Carnivore
Repeaters
18. Must be in place for you to use a biometric system
Data remanence
Patent
Trojan horses
Biometric profile
19. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Out of band
Degausser
Callback Security/Call Forwarding
Cookies
20. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
TCSEC
Debug
Two-Factor Authentication
Security kernel
21. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
TEMPEST
Expert System
Passive attacks
Eavesdropping
22. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Carnivore
Penetration testing
Passive attacks
Base-64
23. A mechanism by which connections to TCP services on a system are allowed or disallowed
MitM
Macro
TCP Wrappers
Smart cards
24. Object Linking and Embedding. The ability of an object to be embedded into another object.
Callback Security/Call Forwarding
Code of ethics
OLE
SESAME
25. A technique to eliminate data redundancy.
Sniffing
Eavesdropping
Echelon
Normalization
26. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Multithreading
Wiretapping
Call tree
CORBA
27. The frequency with which a threat is expected to occur.
Brute Force
Checksum
ARO (Annualized Rate of Occurrence)
Scanning
28. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Switches / Bridges
Non-repudiation
Firewall types
Session Hijacking
29. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Hash
Repeaters
Clipping levels
Vulnerability analysis tools
30. These viruses usually infect both boot records and files.
Multipartite
Well-known ports
VLANs
Privacy Act of 1974
31. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
AES (Advanced Encryption Standard)
Dictionary Attack
Boot-sector Virus
32. In cryptography - it is a block cipher
Cookies
Callback Security/Call Forwarding
Skipjack
Hot Site
33. Chief Executive Officer
Vulnerability analysis tools
CEO
RAM (Random-access memory)
Object Oriented Programming
34. Using ICMP to diagram a network
Routers
Probing
Entrapment
DNS cache poisoning
35. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Bastion hosts
Encryption
Asymmetric
Certification
36. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Teardrop
Encryption
ALE (Annualized Loss Expectancy)
Coax
37. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Worm
Private Addressing
Birthday attack
Entrapment
38. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Rolling hot sites
Hardware
Hot Site
Symmetric
39. A military standard defining controls for emanation protection
Dogs
DHCP
Object Oriented Programming
TEMPEST
40. Someone whose hacking is primarily targeted at the phone systems
Biometrics
Dumpster diving
Phreaker
Authorization creep
41. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Substitution
Packet Sniffing
/etc/passwd
Service packs
42. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
DAD
Change management
Session Hijacking
Virtual machine
43. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
TCSEC
Finger printing
Callback Security/Call Forwarding
Sabotage
44. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Symmetric
Format 7 times
SSO (Single sign-on)
Stream cipher
45. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Hackers
Multipartite
l0pht
SSH
46. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
OLE
Repeaters
CD-Rom
47. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Cold Site
Passive attacks
EF (Exposure Factor)
DCOM
48. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Dumpster diving
Mandatory vacation
Telnet
Patriot Act
49. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Substitution
Reciprocal agreement
Software librarian
Patent
50. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Finger printing
Security Awareness Training
Format 7 times
Smart cards