SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
SQL (Structured Query Language)
DHCP
Username/password
Hacker
2. The output of a hash function is a digest.
CIRT
Twisted pair
Birthday attack
Digest
3. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
PKI
Mandatory vacation
Bastion hosts
Salami Slicing
4. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Halon
Change management
Java
Privacy Act of 1974
5. A technique to eliminate data redundancy.
UUEncode
Normalization
Software
CRC (Cyclic Redundancy Check)
6. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Separation of duties
Penetration testing
BIOS
SSH
7. Emanations from one wire coupling with another wire
Replay
Crosstalk
Smurf
Authentication
8. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Finger scanning
War dialing
Keystroke logging
Malware
9. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
Inference
Authorization creep
Brewer-Nash model
OLE
10. Same as a block cipher except that it is applied to a data stream one bit at a time
Stream cipher
Polymorphic
Session Hijacking
Hash
11. A hidden communications channel on a system that allows for the bypassing of the system security policy
Back door/ trap door/maintenance hook
DAD
Covert channels
Cookies
12. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Social engineering
Technical - Administrative - Physical
Eavesdropping
Stream cipher
13. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Crosstalk
OLE
Mandatory vacation
Debug
14. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
CORBA
Eavesdropping
CIO
Trademark
15. Object Linking and Embedding. The ability of an object to be embedded into another object.
Halon
RAM (Random-access memory)
OLE
Digital signing
16. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Security Awareness Training
Asymmetric
DDOS
Dictionary Attack
17. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
COOP
Finger scanning
Kerberos
Digital certificates
18. Good for distance - longer than 100M
ARP (Address Resolution Protocol)
SSH
Coax
Promiscuous mode
19. Internet Relay Chat.
IRC
Key Escrow
Social engineering
Call tree
20. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Hardware
Social engineering
Honey pot
Security through obscurity
21. The person that determines the permissions to files. The data owner.
Quality Assurance
Security Perimeter
Data Mart
Owner
22. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Base-64
Carnivore
Wiretapping
Multitasking
23. CISSPs subscribe to a code of ethics for building up the security profession
Code of ethics
TCSEC
DAD
Audit Trail
24. Network Address Translation
War driving
Firmware
NAT
Fire extinguisher
25. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Buffer overflow
MitM
Passive attacks
WAP (Wireless Application Protocol)
26. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Technical - Administrative - Physical
Hardware
AES (Advanced Encryption Standard)
Covert channels
27. Threat to physical security.
Sabotage
Biometric profile
Incentive programs
Encryption
28. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Authentication
Decentralized
User
Fiber optic
29. Data storage formats and equipment that allow the stored data to be accessed in any order
Exit interview
Enticement
Social engineering
RAM (Random-access memory)
30. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Custodian
Software librarian
Key Escrow
Reciprocal agreement
31. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Schema
Biometrics
Macro
Carnivore
32. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Risk Acceptance
Open network
ActiveX Object Linking and Embedding
Noise & perturbation
33. Encompasses Risk Analysis and Risk Mitigation
Guards
Risk Management
Content dependant
Owner
34. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Stream cipher
Compiler
Private Addressing
Call tree
35. Distributed Component Object Model. Microsoft's implementation of CORBA.
Format 7 times
Due Care
DCOM
Virtual Memory/Pagefile.sys
36. Using ICMP to diagram a network
Man trap
Probing
Boot-sector Virus
Smurf
37. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
CORBA
Tailgating / Piggybacking
Attenuation
Honey pot
38. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Base-64
Hash
Security kernel
Certification
39. Personal - Network - and Application
Job rotation
Termination procedures
Firewall types
Dogs
40. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Artificial Neural Networks (ANN)
NAT
Raid 0 - 1 - 3 - 5
Joke
41. The practice of obtaining confidential information by manipulation of legitimate users.
Echelon
Social engineering
Tailgating / Piggybacking
FAR/FRR/CER
42. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brewer-Nash model
TCB
Burden of Proof
Security Awareness Training
43. Also civil law
Tort
Hot Site
Brute Force
Content dependant
44. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Centralized
Base-64
SSL/TLS
War dialing
45. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Hot Site
Block cipher
Data remanence
Toneloc
46. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Illegal/Unethical
ROT-13
ISDN (Integrated Services Digital Network)
Coax
47. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Twisted pair
Clipping levels
Fences
TCSEC
48. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
Smurf
AES (Advanced Encryption Standard)
Normalization
49. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
SYN Flood
Tailgating / Piggybacking
WAP (Wireless Application Protocol)
50. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Inference
Well-known ports
Routers
Software librarian