SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
TCB
Multitasking
Macro
TACACS (Terminal access controller access control system)
2. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Teardrop
Block cipher
Phreaker
Brute force
3. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Separation of duties
OSI Model
Security through obscurity
Fraggle
4. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Buffer overflow
COOP
Risk Acceptance
Change management
5. Someone whose hacking is primarily targeted at the phone systems
Salami Slicing
SSO (Single sign-on)
Java
Phreaker
6. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Active attacks
DMZ
Data remanence
Telnet
7. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Exit interview
Schema
Caesar Cipher
Vulnerability analysis tools
8. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Illegal/Unethical
Smurf
Firmware
Private Addressing
9. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Fire extinguisher
Joke
Hacker
Macro
10. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
VLANs
OLE
DAD
Teardrop
11. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Masquerade
OSI Model
Buffer overflow
12. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
MOM
Due Care
Teardrop
Granularity
13. Chief Executive Officer
CEO
Firmware
Clipping levels
ROT-13
14. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Polymorphism
Base-64
Packet Sniffing
DMZ
15. Motivational tools for employee awareness to get them to report security flaws in an organization
SSL/TLS
Kerberos
Penetration testing
Incentive programs
16. Transferring your risk to someone else - typically an insurance company
DOS
Software librarian
Risk Transferring
Caesar Cipher
17. A network that mimics the brain
SESAME
Skipjack
Artificial Neural Networks (ANN)
Hoax
18. A sandbox. Emulates an operating environment.
Sniffing
Packet Sniffing
Virtual machine
Code of ethics
19. Component Object Model.
SSL/TLS
Trade Secret
Keystroke logging
COM
20. Common Object Request Broker Architecture.
Decentralized
WAP (Wireless Application Protocol)
MitM
CORBA
21. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
Senior Management
Base-64
DMZ
22. A site that is ready physically but has no hardware in place - all it has is HVAC
Normalization
Cold Site
Closed network
Digest
23. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
SSH
Authorization creep
Transposition
PAP (Password Authentication Protocol)
24. Access control method for database based on the content of the database to provide granular access
Content dependant
Security kernel
Routers
Copyright
25. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Substitution
Fraud
Asymmetric
26. Also known as a tunnel)
VPN (Virtual Private Network)
Script
Hash
MOM
27. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
FAR/FRR/CER
CIO
Salami Slicing
Quantitative
28. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
Private Addressing
Quality Assurance
Asymmetric
29. Enticing people to hit your honeypot to see how they try to access your system.
Eavesdropping
Enticement
Cryptanalysis
Copyright
30. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Java
Fiber optic
Transposition
FAR/FRR/CER
31. White hat l0pht
Bugtraq
Social engineering
Granularity
Inference
32. Closed Circuit Television
Data remanence
CCTV
Exit interview
Software
33. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
Digest
Stream cipher
Asymmetric
34. Providing verification to a system
Authentication
Covert channels
Tokens
Normalization
35. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
DOS
Kerberos
Macro
36. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Wiretapping
Trademark
Centralized
Hearsay Evidence
37. Encompasses Risk Analysis and Risk Mitigation
Cryptanalysis
Wiretapping
Non-repudiation
Risk Management
38. Animals with teeth. Not as discriminate as guards
Dogs
Cyphertext only
Risk Management
Polymorphism
39. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Clipping levels
Inference
Patent
CEO
40. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Crosstalk
Back door/ trap door/maintenance hook
CHAP
Centralized
41. Internet Architecture Board. This board is responsible for protecting the Internet.
IAB
MOM
Degausser
Dictionary Attack
42. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Accountability
User
Cyphertext only
Content dependant
43. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Spoofing
Authorization
Transposition
Non-repudiation
44. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
RADIUS (Remote authentication dial-in user service)
Bastion hosts
VLANs
ActiveX Object Linking and Embedding
45. In a separation of duties model - this is where code is checked in and out
Warm Site
Kerberos
Replay
Software librarian
46. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Two-Factor Authentication
Replay
RAM (Random-access memory)
Service packs
47. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Firewall types
Kerberos
Repeaters
Risk Acceptance
48. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Fences
Trade Secret
Multitasking
49. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Patriot Act
Attenuation
Diffie-Hellman
Polymorphism
50. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Eavesdropping
Routers
Malware
Cookies
