SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Eavesdropping
ActiveX Object Linking and Embedding
ARP (Address Resolution Protocol)
SSL/TLS
2. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Out of band
Asset Value
Aggregation
Finger printing
3. Motivational tools for employee awareness to get them to report security flaws in an organization
Brute Force
Incentive programs
Promiscuous mode
Hoax
4. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Identification
Diffie-Hellman
Replay
Two-Factor Authentication
5. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
EF (Exposure Factor)
Routers
Block cipher
6. Random Number Base
Warm Site
Nonce
Privacy Act of 1974
Termination procedures
7. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Callback Security/Call Forwarding
Decentralized
Dictionary Attack
Hearsay Evidence
8. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Fraggle
ARO (Annualized Rate of Occurrence)
BIOS
Hoax
9. Relating to quality or kind. This assigns a level of importance to something.
Trademark
MitM
Qualitative
Motion detector
10. An attempt to trick the system into believing that something false is real
ISDN (Integrated Services Digital Network)
Probing
SYN Flood
Hoax
11. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Quantitative
Security Perimeter
Out of band
Polymorphic
12. Also known as a tunnel)
Callback Security/Call Forwarding
Coax
VPN (Virtual Private Network)
Guards
13. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Covert channels
Key Escrow
Finger printing
Private Addressing
14. Must be in place for you to use a biometric system
Biometric profile
Risk Management
Coax
Teardrop
15. Someone whose hacking is primarily targeted at the phone systems
Back door/ trap door/maintenance hook
Quality Assurance
MitM
Phreaker
16. Transferring your risk to someone else - typically an insurance company
Risk Transferring
Eavesdropping
Expert System
FAR/FRR/CER
17. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Spoofing
Trojan horses
Tort
DDOS
18. Chief Executive Officer
Multithreading
CEO
Digest
Owner
19. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Raid 0 - 1 - 3 - 5
Motion detector
WTLS (Wireless Transport Layer Security)
Echelon
20. Component Object Model.
Rolling hot sites
Transposition
Format 7 times
COM
21. When security is managed at many different points in an organization
Decentralized
Noise & perturbation
Kerberos
Job rotation
22. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Security Perimeter
Fraud
Smart cards
WTLS (Wireless Transport Layer Security)
23. This is an open international standard for applications that use wireless communications.
WAP (Wireless Application Protocol)
Passive attacks
Software development lifecycle
Logic bomb
24. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Rijndael
VPN (Virtual Private Network)
Salami Slicing
Birthday attack
25. Chief Information Officer
CIO
Hardware
TCP Wrappers
Brute Force
26. The person that determines the permissions to files. The data owner.
Script
Tailgating / Piggybacking
Firmware
Owner
27. Network device that operates at layer 1. Concentrator.
Routers
Hubs
Eavesdropping
Script kiddies
28. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Back door/ trap door/maintenance hook
DAD
Script kiddies
Accreditation
29. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brewer-Nash model
Expert systems
Finger printing
BIA
30. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Twisted pair
Normalization
Caesar Cipher
Macro
31. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Java
Switches / Bridges
Burden of Proof
Fences
32. Confidentiality - Integrity - and Availability
Honey pot
CIA
Qualitative
l0pht
33. A site that has some equipment in place - and can be up within days
Brute Force
Dumpster diving
Warm Site
Clipper Chip
34. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Polymorphism
Script kiddies
Brute force
Checksum
35. Internet Architecture Board. This board is responsible for protecting the Internet.
Session Hijacking
Echelon
Inference
IAB
36. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Expert systems
Bugtraq
Man trap
Embezzlement
37. The person that controls access to the data
Sniffing
Custodian
Granularity
Eavesdropping
38. A network that mimics the brain
UUEncode
PAP (Password Authentication Protocol)
Artificial Neural Networks (ANN)
Noise & perturbation
39. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Replay
Risk Mitigation
Hot Site
Sniffing
40. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Out of band
Caesar Cipher
Wiretapping
Substitution
41. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Back door/ trap door/maintenance hook
Schema
ROT-13
42. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Routers
l0pht
Trojan horses
Compiler
43. A network that uses standard protocols (TCP/IP)
Owner
Open network
Expert systems
Smurf
44. Basic Input/Output System
Certification
TEMPEST
BIOS
Boot-sector Virus
45. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
DMZ
Echelon
Brute Force
Illegal/Unethical
46. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Copyright
Fiber optic
Social engineering
Audit Trail
47. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Masquerade
DNS cache poisoning
Data remanence
Debug
48. Animals with teeth. Not as discriminate as guards
Accreditation
Debug
Tort
Dogs
49. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Degausser
Username/password
/etc/passwd
Hardware
50. Closed Circuit Television
CCTV
SSO (Single sign-on)
Replay
Artificial Neural Networks (ANN)
