SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In cryptography - it is a block cipher
Crosstalk
SSO (Single sign-on)
Skipjack
Custodian
2. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
Audit Trail
Debug
Schema
3. Encompasses Risk Analysis and Risk Mitigation
Throughput of a Biometric System
Birthday attack
Risk Management
Callback Security/Call Forwarding
4. Making individuals accountable for their actions on a system typically through the use of auditing
Call tree
Accountability
Switches / Bridges
Senior Management
5. Using ICMP to diagram a network
Probing
Copyright
Authorization
Crosstalk
6. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
WTLS (Wireless Transport Layer Security)
VLANs
Normalization
SLE (Single Loss Expectancy or Exposure)
7. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Privacy Act of 1974
Two-Factor Authentication
CD-Rom
Fire extinguisher
8. After implementing countermeasures - accepting risk for the amount of vulnerability left over
CD-Rom
Hot Site
Authorization creep
Risk Acceptance
9. A network that uses standard protocols (TCP/IP)
Polymorphic
Echelon
CGI (The Common Gateway Interface)
Open network
10. This is an open international standard for applications that use wireless communications.
Private Addressing
WAP (Wireless Application Protocol)
Attenuation
Job rotation
11. Random Number Base
Cookies
Due Care
CIRT
Nonce
12. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
TACACS (Terminal access controller access control system)
Transposition
Block cipher
Identification
13. Emanations from one wire coupling with another wire
ARO (Annualized Rate of Occurrence)
IAB
Crosstalk
Callback Security/Call Forwarding
14. Involving the measurement of quantity or amount.
Tokens
Security Awareness Training
Quantitative
Motion detector
15. The real cost of acquiring/maintaining/developing a system
CD-Rom
Rolling hot sites
Smart cards
Asset Value
16. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Diffie-Hellman
PKI
Biometrics
ISDN (Integrated Services Digital Network)
17. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
DMZ
Finger printing
Multitasking
18. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
BIA
TCSEC
SSO (Single sign-on)
Closed network
19. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Smurf
Fraggle
Checksum
Change management
20. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Tokens
CGI (The Common Gateway Interface)
Asymmetric
Buffer overflow
21. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
RADIUS (Remote authentication dial-in user service)
CIO
Echelon
Multithreading
22. Accepting all packets
Promiscuous mode
Salami Slicing
Quality Assurance
CGI (The Common Gateway Interface)
23. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
WAP (Wireless Application Protocol)
Technical - Administrative - Physical
Base-64
Risk Acceptance
24. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Expert System
Polymorphic
Logic bomb
Trojan horses
25. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
CEO
Copyright
War dialing
Incentive programs
26. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
RAM (Random-access memory)
WAP (Wireless Application Protocol)
Rolling hot sites
27. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
Open network
Hacker
Patent
28. 'If you cant see it - its secure'. Bad policy to live by.
SQL (Structured Query Language)
Senior Management
Attenuation
Security through obscurity
29. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Virtual machine
DMZ
CIO
Due Care
30. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Skipjack
Certification
Raid 0 - 1 - 3 - 5
Sabotage
31. A network that mimics the brain
Artificial Neural Networks (ANN)
Joke
Closed network
CIA
32. The intercepting of conversations by unintended recipients
Schema
Rijndael
Kerberos
Eavesdropping
33. Threat to physical security.
Dictionary Attack
Closed network
Normalization
Sabotage
34. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
SSL/TLS
Masquerade
Worm
Guards
35. The practice of obtaining confidential information by manipulation of legitimate users.
Privacy Act of 1974
Motion detector
Social engineering
Data Mart
36. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Penetration testing
Data Mart
Clipping levels
Fiber optic
37. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Firmware
Phreaker
Embezzlement
Noise & perturbation
38. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Dictionary Attack
Social engineering
Asset Value
SYN Flood
39. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Script kiddies
Active attacks
Closed network
40. A RFC standard. A mechanism for performing commands on a remote system
Eavesdropping
Smart cards
Telnet
Cryptanalysis
41. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Macro
Echelon
CIA
Rijndael
42. Occupant Emergency Plan - Employees are the most important!
Senior Management
VPN (Virtual Private Network)
OEP
Logic bomb
43. Someone who hacks
Hacker
Spoofing
Key Escrow
PAP (Password Authentication Protocol)
44. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Copyright
Digital certificates
CORBA
45. A hidden communications channel on a system that allows for the bypassing of the system security policy
Covert channels
Buffer overflow
Salami Slicing
Digest
46. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Mandatory vacation
Transposition
Risk Analysis
ROM (Read-only memory)
47. A gas used in fire suppression. Not human safe. Chemical reaction.
Risk Acceptance
BIA
Halon
RADIUS (Remote authentication dial-in user service)
48. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
RADIUS (Remote authentication dial-in user service)
Due Care
Call tree
Object Oriented Programming
49. In a separation of duties model - this is where code is checked in and out
Carnivore
Asset Value
Software librarian
Multithreading
50. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Packet Sniffing
Trademark
Spoofing
Vulnerability analysis tools
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests