SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Disclosure - Alteration - Destruction. These things break the CIA triad
Risk Mitigation
Masquerade
Detective - Preventive - Corrective
DAD
2. These can be used to verify that public keys belong to certain individuals.
UUEncode
Dictionary Attack
Digital certificates
Logic bomb
3. A sandbox. Emulates an operating environment.
Virtual machine
Promiscuous mode
ROM (Read-only memory)
ALE (Annualized Loss Expectancy)
4. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Inference
Wiretapping
Tokens
Diffie-Hellman
5. A technique to eliminate data redundancy.
Normalization
RAM (Random-access memory)
OSI Model
FAR/FRR/CER
6. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Probing
Telnet
Trademark
Nonce
7. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
CEO
FAR/FRR/CER
Spoofing
Honey pot
8. Signal degradation as it moves farther from its source
Cryptanalysis
SSO (Single sign-on)
Attenuation
Decentralized
9. A hidden communications channel on a system that allows for the bypassing of the system security policy
ISDN (Integrated Services Digital Network)
Covert channels
User
MitM
10. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
DNS cache poisoning
Brewer-Nash model
Certification
Service packs
11. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Base-64
SSL/TLS
Closed network
Man trap
12. Random Number Base
Brute force
Nonce
CRC (Cyclic Redundancy Check)
Buffer overflow
13. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Substitution
Fiber optic
Clipper Chip
Separation of duties
14. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
Authorization creep
Format 7 times
Digest
ARO (Annualized Rate of Occurrence)
15. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Spoofing
Security Perimeter
Fraud
Termination procedures
16. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Hot Site
VPN (Virtual Private Network)
Virtual Memory/Pagefile.sys
Birthday attack
17. The practice of obtaining confidential information by manipulation of legitimate users.
Social engineering
Virtual Memory/Pagefile.sys
Authorization
Risk Mitigation
18. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Spoofing
Bastion hosts
Granularity
Stream cipher
19. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Schema
Transposition
UUEncode
Security Perimeter
20. When security is managed at many different points in an organization
CCTV
Decentralized
Joke
Multithreading
21. Chief Information Officer
CHAP
Due Diligence
War driving
CIO
22. Ethernet - Cat5 - Twisted to allow for longer runs.
Twisted pair
TCP Wrappers
MOM
Attenuation
23. Internet Relay Chat.
Expert systems
Coax
Boot-sector Virus
IRC
24. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Hardware
Hubs
Echelon
SSH
25. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
TCP Wrappers
Hubs
CD-Rom
Polymorphic
26. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Digest
RADIUS (Remote authentication dial-in user service)
MOM
Caesar Cipher
27. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Packet Sniffing
CIA
Telnet
28. The user
Mandatory vacation
User
Coax
Debug
29. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Echelon
Buffer overflow
Trap Door
Separation of duties
30. 'If you cant see it - its secure'. Bad policy to live by.
ROM (Read-only memory)
Degausser
Software development lifecycle
Security through obscurity
31. Relating to quality or kind. This assigns a level of importance to something.
Firewall types
Digital signing
Spoofing
Qualitative
32. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Software librarian
Stream cipher
ALE (Annualized Loss Expectancy)
Fiber optic
33. Closed Circuit Television
CCTV
Firewall types
DHCP
Multiprocessing
34. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Asset Value
TACACS (Terminal access controller access control system)
Man trap
35. The frequency with which a threat is expected to occur.
ARO (Annualized Rate of Occurrence)
Session Hijacking
Aggregation
Illegal/Unethical
36. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Acceptable use
Bugtraq
Smurf
WAP (Wireless Application Protocol)
37. Animals with teeth. Not as discriminate as guards
MOM
Rolling hot sites
Separation of duties
Dogs
38. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Attenuation
Fire extinguisher
SYN Flood
TCB
39. The intercepting of conversations by unintended recipients
Object Oriented Programming
Eavesdropping
Symmetric
NAT
40. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Reciprocal agreement
Expert systems
Granularity
ISDN (Integrated Services Digital Network)
41. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Cookies
VLANs
Non-repudiation
Dogs
42. Enticing people to hit your honeypot to see how they try to access your system.
Quantitative
Hash
Burden of Proof
Enticement
43. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Centralized
Security kernel
Virtual Memory/Pagefile.sys
Back door/ trap door/maintenance hook
44. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Risk Analysis
PAP (Password Authentication Protocol)
SESAME
OEP
45. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Change management
Block cipher
Coax
Exit interview
46. White hat l0pht
VLANs
Bugtraq
PKI
Closed network
47. Entails planning and system actions to ensure that a project is following good quality management practices
ROM (Read-only memory)
/etc/passwd
Quality Assurance
Active attacks
48. Public Key Infrastructure
PKI
TCSEC
Normalization
Incentive programs
49. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Noise & perturbation
Code of ethics
Patriot Act
Toneloc
50. Providing verification to a system
Cookies
Authentication
Accountability
Eavesdropping
