SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To not be legal (as far as law is concerned) or ethical
Dictionary Attack
Toneloc
Illegal/Unethical
Normalization
2. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
TACACS (Terminal access controller access control system)
Senior Management
Detective - Preventive - Corrective
SSH
3. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Toneloc
Service packs
Due Diligence
Sniffing
4. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Object Oriented Programming
Patriot Act
Certification
Hardware
5. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Inference
OLE
Private Addressing
Centralized
6. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Closed network
Finger printing
Fraggle
Java
7. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Cold Site
FAR/FRR/CER
Acceptable use
Separation of duties
8. Providing verification to a system
Owner
Authentication
Coax
Data remanence
9. After implementing countermeasures - accepting risk for the amount of vulnerability left over
User
Risk Acceptance
Tort
Warm Site
10. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Call tree
Accreditation
Tailgating / Piggybacking
Digital signing
11. Motive - Opportunity - and Means. These deal with crime.
Artificial Neural Networks (ANN)
Key Escrow
MOM
Code of ethics
12. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Wiretapping
Encryption
Eavesdropping
Motion detector
13. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
WTLS (Wireless Transport Layer Security)
Call tree
Content dependant
Key Escrow
14. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Sabotage
Script kiddies
PKI
Tailgating / Piggybacking
15. Animals with teeth. Not as discriminate as guards
Caesar Cipher
Noise & perturbation
Dogs
Data remanence
16. Transferring your risk to someone else - typically an insurance company
TCSEC
CIRT
Hash
Risk Transferring
17. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
BIOS
Two-Factor Authentication
Clipper Chip
COM
18. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Decentralized
Authorization
SSL/TLS
Macro
19. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
User
Content dependant
Privacy Act of 1974
Entrapment
20. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Private Addressing
Bugtraq
Hackers
Cookies
21. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
TEMPEST
VLANs
Data remanence
Teardrop
22. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Hardware
War dialing
Java
Digest
23. White hat l0pht
Clipper Chip
Out of band
Biometrics
Bugtraq
24. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
Embezzlement
Risk Acceptance
Script
25. An attempt to trick the system into believing that something false is real
Hoax
Identification
Centralized
Authorization
26. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Buffer overflow
Worm
BIOS
Privacy Act of 1974
27. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Dictionary Attack
Transposition
Tokens
28. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Data Mart
OLE
Guards
Hearsay Evidence
29. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Fences
Hubs
Penetration testing
SSO (Single sign-on)
30. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Quantitative
OLE
Noise & perturbation
Caesar Cipher
31. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Eavesdropping
ARO (Annualized Rate of Occurrence)
Attenuation
32. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Copyright
Degausser
Masquerade
SESAME
33. The practice of obtaining confidential information by manipulation of legitimate users.
Guards
Social engineering
DAD
SQL (Structured Query Language)
34. The frequency with which a threat is expected to occur.
Code of ethics
Hot Site
Change management
ARO (Annualized Rate of Occurrence)
35. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Artificial Neural Networks (ANN)
Granularity
Format 7 times
RADIUS (Remote authentication dial-in user service)
36. A site that has some equipment in place - and can be up within days
Warm Site
Enticement
Privacy Act of 1974
SSO (Single sign-on)
37. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Burden of Proof
RADIUS (Remote authentication dial-in user service)
Smurf
Normalization
38. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Open network
Debug
DAD
Substitution
39. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Fraud
WAP (Wireless Application Protocol)
Joke
40. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Private Addressing
Keystroke logging
Carnivore
Script
41. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Nonce
Schema
Attenuation
Key Escrow
42. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Crosstalk
Sabotage
Expert systems
War dialing
43. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Embezzlement
VLANs
Passive attacks
Eavesdropping
44. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Polymorphism
ROT-13
Private Addressing
IAB
45. The real cost of acquiring/maintaining/developing a system
Asset Value
Call tree
Sabotage
Dumpster diving
46. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Cyphertext only
Reciprocal agreement
Multipartite
Repeaters
47. Threat to physical security.
Firewall types
OLE
Sabotage
ARO (Annualized Rate of Occurrence)
48. The act of identifying yourself. Providing your identity to a system
Hash
PKI
OSI Model
Identification
49. A gas used in fire suppression. Not human safe. Chemical reaction.
Inference
Data Mart
Halon
Trademark
50. Network Address Translation
Social engineering
NAT
Carnivore
Firewall types