SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network Address Translation
Risk Management
Asymmetric
Social engineering
NAT
2. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Audit Trail
Trojan horses
Copyright
Non-repudiation
3. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Fire extinguisher
Symmetric
Guards
AES (Advanced Encryption Standard)
4. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Software
Entrapment
Man trap
Security Perimeter
5. Distributed Component Object Model. Microsoft's implementation of CORBA.
Illegal/Unethical
ARO (Annualized Rate of Occurrence)
DCOM
SQL (Structured Query Language)
6. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Authorization
Logic bomb
Reciprocal agreement
Code of ethics
7. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
RAM (Random-access memory)
Compiler
Clipper Chip
Exit interview
8. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Penetration testing
Packet Sniffing
Bugtraq
Termination procedures
9. Ethernet - Cat5 - Twisted to allow for longer runs.
Twisted pair
Fire extinguisher
Cyphertext only
Owner
10. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Switches / Bridges
Asset Value
Authorization creep
Custodian
11. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Multiprocessing
EF (Exposure Factor)
DMZ
Java
12. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Replay
SLE (Single Loss Expectancy or Exposure)
Back door/ trap door/maintenance hook
Substitution
13. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Smurf
Compiler
Substitution
Trade Secret
14. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
AES (Advanced Encryption Standard)
Multithreading
Expert systems
Hacker
15. Disclosure - Alteration - Destruction. These things break the CIA triad
DAD
Change management
Senior Management
Promiscuous mode
16. The ability to have more than one thread associated with a process
Multithreading
Hearsay Evidence
Accreditation
Firmware
17. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Security kernel
DHCP
Halon
CCTV
18. A system designed to stop piggybacking.
Man trap
Finger scanning
Macro
ARP (Address Resolution Protocol)
19. Component Object Model.
Brewer-Nash model
Salami Slicing
Toneloc
COM
20. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Biometrics
Bastion hosts
Multiprocessing
Macro
21. A sandbox. Emulates an operating environment.
Security kernel
Virtual machine
Digital signing
Brute Force
22. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
War dialing
CIO
CD-Rom
Nonce
23. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Termination procedures
Classes of IP networks
COOP
Hot Site
24. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Certification
Illegal/Unethical
Data remanence
Masquerade
25. Dialing fixed sets telephone numbers looking for open modem connections to machines
War dialing
Risk Acceptance
VPN (Virtual Private Network)
Social engineering
26. The act of identifying yourself. Providing your identity to a system
Risk Management
Identification
Hearsay Evidence
ARP (Address Resolution Protocol)
27. Threat to physical security.
TEMPEST
FAR/FRR/CER
Wiretapping
Sabotage
28. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Digest
Patriot Act
PAP (Password Authentication Protocol)
VPN (Virtual Private Network)
29. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Guards
FAR/FRR/CER
CHAP
MitM
30. An instance of a scripting language
Wiretapping
Motion detector
Service packs
Script
31. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Polymorphic
Common criteria
Artificial Neural Networks (ANN)
Hardware
32. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
EF (Exposure Factor)
Object Oriented Programming
Mandatory vacation
Virtual Memory/Pagefile.sys
33. A network that mimics the brain
Brute Force
AES (Advanced Encryption Standard)
Artificial Neural Networks (ANN)
Bastion hosts
34. Data storage formats and equipment that allow the stored data to be accessed in any order
OEP
WAP (Wireless Application Protocol)
Man trap
RAM (Random-access memory)
35. Basic Input/Output System
CGI (The Common Gateway Interface)
CORBA
VLANs
BIOS
36. Defines the objects and their attributes that exist in a database.
TCB
Patent
Data remanence
Schema
37. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Security Awareness Training
CEO
Key Escrow
Teardrop
38. Chief Information Officer
Teardrop
CIO
UUEncode
Centralized
39. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Sabotage
Expert System
Noise & perturbation
Authorization
40. Relating to quality or kind. This assigns a level of importance to something.
Social engineering
Open network
/etc/passwd
Qualitative
41. These can be used to verify that public keys belong to certain individuals.
Digital certificates
Masquerade
Block cipher
DAD
42. Someone whose hacking is primarily targeted at the phone systems
Aggregation
Smurf
OEP
Phreaker
43. A RFC standard. A mechanism for performing commands on a remote system
Finger scanning
Bastion hosts
WTLS (Wireless Transport Layer Security)
Telnet
44. The output of a hash function is a digest.
CIRT
Tokens
Digest
Trojan horses
45. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Covert channels
Artificial Neural Networks (ANN)
Accreditation
Phreaker
46. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ALE (Annualized Loss Expectancy)
Checksum
Hash
ROM (Read-only memory)
47. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Fire extinguisher
Buffer overflow
Code of ethics
Qualitative
48. An attempt to trick the system into believing that something false is real
Degausser
DAD
Hoax
IAB
49. A mechanism by which connections to TCP services on a system are allowed or disallowed
Schema
TCP Wrappers
Finger scanning
Penetration testing
50. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Inference
Clipping levels
Expert systems
OSI Model
