SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Motivational tools for employee awareness to get them to report security flaws in an organization
Technical - Administrative - Physical
Incentive programs
Fraggle
Honey pot
2. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Sniffing
Copyright
Job rotation
CHAP
3. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Buffer overflow
War driving
Bastion hosts
Technical - Administrative - Physical
4. Providing verification to a system
DAD
Sabotage
Authentication
Biometrics
5. Scanning the airwaves for radio transmissions
Audit Trail
SQL (Structured Query Language)
User
Scanning
6. In the broadest sense - a fraud is a deception made for personal gain
Fraud
Audit Trail
DHCP
Halon
7. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
Halon
Joke
Digest
8. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
SSH
Callback Security/Call Forwarding
COM
9. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Caesar Cipher
Copyright
War dialing
10. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Brewer-Nash model
Security kernel
Aggregation
/etc/passwd
11. Emanations from one wire coupling with another wire
Brewer-Nash model
Tokens
Crosstalk
DCOM
12. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Stream cipher
Brute force
NAT
Block cipher
13. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
FAR/FRR/CER
Job rotation
CORBA
ActiveX Object Linking and Embedding
14. Repeats the signal. It amplifies the signal before sending it on.
OEP
Repeaters
Worm
Hot Site
15. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
Risk Mitigation
Brute Force
Virtual Memory/Pagefile.sys
16. The act of identifying yourself. Providing your identity to a system
Identification
Logic bomb
Authorization creep
ROM (Read-only memory)
17. Threat to physical security.
Birthday attack
Sabotage
MitM
Session Hijacking
18. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Callback Security/Call Forwarding
Authentication
Service packs
Privacy Act of 1974
19. Closed Circuit Television
CCTV
Diffie-Hellman
Inference
Keystroke logging
20. An instance of a scripting language
Script
Copyright
Authentication
Trojan horses
21. The real cost of acquiring/maintaining/developing a system
Asset Value
Technical - Administrative - Physical
Crosstalk
DAD
22. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
VPN (Virtual Private Network)
Rijndael
Multitasking
Hacker
23. Network Address Translation
Schema
NAT
Worm
Code of ethics
24. Confidentiality - Integrity - and Availability
Due Care
Trademark
DCOM
CIA
25. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Hearsay Evidence
Toneloc
Masquerade
Firmware
26. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Scanning
DMZ
OSI Model
CIA
27. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
War driving
Clipper Chip
Replay
CGI (The Common Gateway Interface)
28. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Detective - Preventive - Corrective
Embezzlement
MitM
Birthday attack
29. Assuming someone's session who is unaware of what you are doing
TCSEC
Session Hijacking
Masquerade
CIRT
30. Something used to put out a fire. Can be in Classes A - B - C - D - or H
BIA
SSO (Single sign-on)
Fire extinguisher
Artificial Neural Networks (ANN)
31. A network that mimics the brain
Accreditation
Trap Door
Vulnerability analysis tools
Artificial Neural Networks (ANN)
32. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
DOS
Carnivore
Digital signing
Fiber optic
33. Ethernet - Cat5 - Twisted to allow for longer runs.
DMZ
Teardrop
Twisted pair
Reciprocal agreement
34. The user
Patent
Multithreading
Checksum
User
35. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Clipping levels
Security Perimeter
Compiler
Boot-sector Virus
36. When two or more processes are linked and execute multiple programs simultaneously
Accountability
Session Hijacking
Multiprocessing
DCOM
37. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Service packs
Compiler
Decentralized
CRC (Cyclic Redundancy Check)
38. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Polymorphic
PKI
Authorization creep
ALE (Annualized Loss Expectancy)
39. More discriminate than dogs
Hot Site
Session Hijacking
Owner
Guards
40. To not be legal (as far as law is concerned) or ethical
Scanning
Illegal/Unethical
Nonce
Guards
41. An attempt to trick the system into believing that something false is real
Finger printing
Hoax
DNS cache poisoning
SSO (Single sign-on)
42. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Penetration testing
War driving
Dogs
PKI
43. Good for distance - longer than 100M
Risk Analysis
Job rotation
Script kiddies
Coax
44. Chief Executive Officer
Hardware
CEO
OSI Model
Worm
45. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Security kernel
Cookies
Cold Site
Checksum
46. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
OLE
Vulnerability analysis tools
Two-Factor Authentication
Out of band
47. This is an open international standard for applications that use wireless communications.
Bastion hosts
RADIUS (Remote authentication dial-in user service)
WAP (Wireless Application Protocol)
Rijndael
48. Reasonable doubt
Burden of Proof
Rijndael
Buffer overflow
Trade Secret
49. A mechanism by which connections to TCP services on a system are allowed or disallowed
Key Escrow
Technical - Administrative - Physical
TCP Wrappers
Tort
50. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Mandatory vacation
Exit interview
Cookies
FAR/FRR/CER
