SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Chief Information Officer
Aggregation
CIO
WAP (Wireless Application Protocol)
Asymmetric
2. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Base-64
Macro
Noise & perturbation
CRC (Cyclic Redundancy Check)
3. Personal - Network - and Application
COOP
OEP
Patent
Firewall types
4. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Detective - Preventive - Corrective
Patent
Honey pot
Birthday attack
5. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
User
Data Mart
Base-64
Authorization
6. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
l0pht
Switches / Bridges
Custodian
Penetration testing
7. Emanations from one wire coupling with another wire
Twisted pair
Boot-sector Virus
Crosstalk
Kerberos
8. Continuation of Operations Plan
Base-64
COOP
Illegal/Unethical
Technical - Administrative - Physical
9. In a separation of duties model - this is where code is checked in and out
Macro
Software librarian
Raid 0 - 1 - 3 - 5
Audit Trail
10. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
War driving
Patriot Act
Cookies
Motion detector
11. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
MitM
Man trap
TCSEC
Clipper Chip
12. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Transposition
Hearsay Evidence
MitM
Passive attacks
13. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Senior Management
Raid 0 - 1 - 3 - 5
War driving
Object Oriented Programming
14. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Change management
Callback Security/Call Forwarding
Senior Management
Rijndael
15. Occupant Emergency Plan - Employees are the most important!
SSH
OEP
ActiveX Object Linking and Embedding
Java
16. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Data remanence
SLE (Single Loss Expectancy or Exposure)
Multitasking
Termination procedures
17. The intercepting of conversations by unintended recipients
Kerberos
Audit Trail
CEO
Eavesdropping
18. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Toneloc
Joke
Back door/ trap door/maintenance hook
Risk Transferring
19. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Well-known ports
Fire extinguisher
Smurf
Quality Assurance
20. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
IAB
Brewer-Nash model
Virtual machine
Fraggle
21. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
OSI Model
Certification
Degausser
Risk Transferring
22. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Software development lifecycle
Audit Trail
Salami Slicing
COM
23. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Sabotage
VPN (Virtual Private Network)
Call tree
TEMPEST
24. Ethernet - Cat5 - Twisted to allow for longer runs.
Incentive programs
Technical - Administrative - Physical
Copyright
Twisted pair
25. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
CEO
Sniffing
Hearsay Evidence
Virtual Memory/Pagefile.sys
26. Encompasses Risk Analysis and Risk Mitigation
Risk Management
Open network
Smurf
DAD
27. Signal degradation as it moves farther from its source
Halon
Granularity
Separation of duties
Attenuation
28. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
ROT-13
Smurf
ARP (Address Resolution Protocol)
Risk Analysis
29. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
DOS
Hot Site
Enticement
Incentive programs
30. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Authorization
Hardware
Job rotation
Joke
31. Setting up the user to access the honeypot for reasons other than the intent to harm.
Virtual machine
Digest
Entrapment
Risk Acceptance
32. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Hash
Brute Force
Salami Slicing
Degausser
33. Internet Relay Chat.
User
CD-Rom
IRC
Fiber optic
34. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DOS
Classes of IP networks
Social engineering
PAP (Password Authentication Protocol)
35. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
COM
Brute force
CIA
AES (Advanced Encryption Standard)
36. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Debug
CIA
Audit Trail
Centralized
37. These can be used to verify that public keys belong to certain individuals.
Digital certificates
Cyphertext only
Schema
Exit interview
38. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Replay
CGI (The Common Gateway Interface)
Symmetric
Risk Analysis
39. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
MitM
Back door/ trap door/maintenance hook
Security Perimeter
Two-Factor Authentication
40. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Copyright
Kerberos
CRC (Cyclic Redundancy Check)
Biometric profile
41. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Risk Transferring
Security Perimeter
Base-64
Well-known ports
42. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
/etc/passwd
DCOM
Repeaters
Hubs
43. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Worm
MitM
Clipping levels
CHAP
44. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Data Mart
Job rotation
Penetration testing
Boot-sector Virus
45. A gas used in fire suppression. Not human safe. Chemical reaction.
Technical - Administrative - Physical
/etc/passwd
Halon
Brewer-Nash model
46. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Multipartite
DNS cache poisoning
SSL/TLS
Private Addressing
47. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Smurf
WTLS (Wireless Transport Layer Security)
Fraggle
Classes of IP networks
48. Network Address Translation
Brute force
DHCP
Birthday attack
NAT
49. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Echelon
CGI (The Common Gateway Interface)
Throughput of a Biometric System
Username/password
50. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Brute force
Degausser
Key Escrow
Software development lifecycle