SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Due Care
Motion detector
Expert System
PAP (Password Authentication Protocol)
2. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Polymorphism
ROT-13
OSI Model
Probing
3. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Virtual machine
Certification
SSL/TLS
Custodian
4. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Detective - Preventive - Corrective
Firewall types
Bastion hosts
5. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Hacker
MOM
CRC (Cyclic Redundancy Check)
Birthday attack
6. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Worm
Hash
ROT-13
Hacker
7. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Replay
Classes of IP networks
User
Cold Site
8. Threat to physical security.
Debug
Skipjack
Data remanence
Sabotage
9. The frequency with which a threat is expected to occur.
Java
ARO (Annualized Rate of Occurrence)
Crosstalk
Embezzlement
10. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Illegal/Unethical
Format 7 times
Hackers
Detective - Preventive - Corrective
11. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
TACACS (Terminal access controller access control system)
Schema
MitM
Caesar Cipher
12. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
OLE
Due Diligence
Software
13. Public Key Infrastructure
Twisted pair
Termination procedures
PKI
Dogs
14. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Change management
Content dependant
Security Awareness Training
War dialing
15. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
/etc/passwd
Decentralized
War driving
Script kiddies
16. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Closed network
Trademark
Guards
OSI Model
17. The process of reducing your risks to an acceptable level based on your risk analysis
Exit interview
Risk Mitigation
Firmware
Nonce
18. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
CHAP
l0pht
Inference
Smurf
19. Animals with teeth. Not as discriminate as guards
Nonce
Polymorphic
AES (Advanced Encryption Standard)
Dogs
20. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Kerberos
SESAME
Stream cipher
DDOS
21. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Format 7 times
Finger printing
DMZ
SSL/TLS
22. The act of identifying yourself. Providing your identity to a system
RADIUS (Remote authentication dial-in user service)
Identification
Data remanence
Trademark
23. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Replay
Penetration testing
Worm
Closed network
24. Network devices that operate at layer 3. This device separates broadcast domains.
Granularity
Routers
CGI (The Common Gateway Interface)
SLE (Single Loss Expectancy or Exposure)
25. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Checksum
ROT-13
Acceptable use
Worm
26. A network that mimics the brain
Multipartite
War driving
Artificial Neural Networks (ANN)
Boot-sector Virus
27. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Privacy Act of 1974
Data remanence
Normalization
Software
28. The person that controls access to the data
Custodian
CIA
AES (Advanced Encryption Standard)
Symmetric
29. A military standard defining controls for emanation protection
Teardrop
Data remanence
SLE (Single Loss Expectancy or Exposure)
TEMPEST
30. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Format 7 times
ARP (Address Resolution Protocol)
Substitution
RAM (Random-access memory)
31. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Checksum
Toneloc
Closed network
32. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Cyphertext only
DDOS
Certification
Security kernel
33. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Buffer overflow
Due Care
Switches / Bridges
Asset Value
34. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Due Diligence
Carnivore
MitM
RADIUS (Remote authentication dial-in user service)
35. Network device that operates at layer 1. Concentrator.
Illegal/Unethical
Hubs
Back door/ trap door/maintenance hook
MitM
36. In the broadest sense - a fraud is a deception made for personal gain
Fraud
RAM (Random-access memory)
Trap Door
Attenuation
37. An attempt to trick the system into believing that something false is real
Technical - Administrative - Physical
Authentication
MOM
Hoax
38. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
ROT-13
Trade Secret
Format 7 times
VLANs
39. Good for distance - longer than 100M
Halon
Termination procedures
Two-Factor Authentication
Coax
40. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
SLE (Single Loss Expectancy or Exposure)
Digest
Multithreading
Biometrics
41. Random Number Base
Telnet
ALE (Annualized Loss Expectancy)
Nonce
Sniffing
42. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Finger scanning
Firmware
Authentication
Passive attacks
43. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Polymorphic
Trap Door
Private Addressing
Security Perimeter
44. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Artificial Neural Networks (ANN)
Call tree
Exit interview
BIOS
45. Assuming someone's session who is unaware of what you are doing
BIA
Hash
Session Hijacking
Decentralized
46. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Detective - Preventive - Corrective
Block cipher
VLANs
WTLS (Wireless Transport Layer Security)
47. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Replay
Finger printing
Checksum
Salami Slicing
48. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
ROM (Read-only memory)
Logic bomb
IRC
Honey pot
49. A mechanism by which connections to TCP services on a system are allowed or disallowed
Trade Secret
TCP Wrappers
CCTV
Twisted pair
50. Providing verification to a system
Authentication
Patent
Man trap
Dumpster diving