SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. White hat l0pht
Bugtraq
Trojan horses
Illegal/Unethical
/etc/passwd
2. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Teardrop
Asset Value
ISDN (Integrated Services Digital Network)
Joke
3. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Probing
Separation of duties
Data remanence
CIO
4. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
IRC
Scanning
DNS cache poisoning
Social engineering
5. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
Cyphertext only
Keystroke logging
Tailgating / Piggybacking
6. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Multithreading
PAP (Password Authentication Protocol)
VLANs
/etc/passwd
7. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Risk Acceptance
Scanning
Joke
8. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Boot-sector Virus
Switches / Bridges
Callback Security/Call Forwarding
Tort
9. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Separation of duties
Authentication
ISDN (Integrated Services Digital Network)
10. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Telnet
Service packs
Software
EF (Exposure Factor)
11. Chief Executive Officer
BIOS
Phreaker
Script
CEO
12. Also known as a tunnel)
Security through obscurity
VPN (Virtual Private Network)
TACACS (Terminal access controller access control system)
Certification
13. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Compiler
Tailgating / Piggybacking
Embezzlement
l0pht
14. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Guards
Block cipher
Rijndael
War driving
15. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
Bastion hosts
Caesar Cipher
DDOS
Authorization creep
16. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Telnet
Repeaters
Checksum
Mandatory vacation
17. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Exit interview
DNS cache poisoning
AES (Advanced Encryption Standard)
Joke
18. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Open network
Digital signing
Risk Analysis
WTLS (Wireless Transport Layer Security)
19. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Java
Guards
Passive attacks
Tailgating / Piggybacking
20. A military standard defining controls for emanation protection
Masquerade
Cold Site
TEMPEST
Compiler
21. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Trap Door
BIA
Covert channels
Two-Factor Authentication
22. Public Key Infrastructure
Session Hijacking
Scanning
COOP
PKI
23. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Certification
Termination procedures
Caesar Cipher
Burden of Proof
24. Be at least 8 foot tall and have three strands of barbed wire.
Expert System
Crosstalk
Fences
Hoax
25. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Hearsay Evidence
Quality Assurance
Audit Trail
Fiber optic
26. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
OLE
Clipping levels
Fraggle
ALE (Annualized Loss Expectancy)
27. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
ARO (Annualized Rate of Occurrence)
Wiretapping
Reciprocal agreement
WAP (Wireless Application Protocol)
28. Network devices that operate at layer 3. This device separates broadcast domains.
Content dependant
Hubs
Exit interview
Routers
29. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Tailgating / Piggybacking
BIOS
Mandatory vacation
Finger printing
30. The ability to have more than one thread associated with a process
ALE (Annualized Loss Expectancy)
Base-64
Multithreading
Rolling hot sites
31. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Noise & perturbation
Fiber optic
Asset Value
Risk Acceptance
32. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
CIA
Multitasking
Fiber optic
Service packs
33. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
UUEncode
CD-Rom
Security Perimeter
CGI (The Common Gateway Interface)
34. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
DMZ
Software
Buffer overflow
VPN (Virtual Private Network)
35. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
ROT-13
AES (Advanced Encryption Standard)
Debug
Finger printing
36. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Asymmetric
Covert channels
Rijndael
Bugtraq
37. Signal degradation as it moves farther from its source
Software librarian
Attenuation
TCSEC
User
38. A network that mimics the brain
Artificial Neural Networks (ANN)
SSH
Brute Force
Common criteria
39. When two or more processes are linked and execute multiple programs simultaneously
Social engineering
Multiprocessing
Hearsay Evidence
Owner
40. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
CIRT
Block cipher
Birthday attack
Private Addressing
41. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Digital signing
Carnivore
Closed network
Scanning
42. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Bastion hosts
SSH
Format 7 times
Trade Secret
43. Accepting all packets
Clipping levels
Normalization
Promiscuous mode
Smart cards
44. Using ICMP to diagram a network
OEP
Probing
BIA
Authentication
45. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
ActiveX Object Linking and Embedding
Motion detector
Encryption
Debug
46. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Back door/ trap door/maintenance hook
Expert systems
Data remanence
Hackers
47. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Centralized
Cold Site
Non-repudiation
Multithreading
48. Motivational tools for employee awareness to get them to report security flaws in an organization
Incentive programs
PAP (Password Authentication Protocol)
DHCP
Virtual machine
49. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
OLE
BIA
Digest
Separation of duties
50. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
CCTV
Hash
Polymorphic
Base-64