SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Someone whose hacking is primarily targeted at the phone systems
Dictionary Attack
Checksum
Birthday attack
Phreaker
2. Object Linking and Embedding. The ability of an object to be embedded into another object.
Substitution
Dumpster diving
OLE
Penetration testing
3. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Probing
Hardware
Motion detector
CIO
4. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Certification
Data Mart
OLE
Risk Management
5. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Two-Factor Authentication
Smurf
Polymorphic
Firmware
6. Random Number Base
Accreditation
ALE (Annualized Loss Expectancy)
Finger printing
Nonce
7. The person that determines the permissions to files. The data owner.
Owner
Debug
IRC
Bugtraq
8. Be at least 8 foot tall and have three strands of barbed wire.
Bastion hosts
OLE
Fences
Asymmetric
9. Transferring your risk to someone else - typically an insurance company
Key Escrow
Diffie-Hellman
Granularity
Risk Transferring
10. Confidentiality - Integrity - and Availability
WAP (Wireless Application Protocol)
Teardrop
Transposition
CIA
11. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Wiretapping
Boot-sector Virus
PAP (Password Authentication Protocol)
Schema
12. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Guards
ARP (Address Resolution Protocol)
DOS
13. Jumping into dumpsters to retrieve information about someone/something/a company
Penetration testing
FAR/FRR/CER
Multithreading
Dumpster diving
14. When one key of a two-key pair has more encryption pattern than the other
Bastion hosts
Call tree
Asymmetric
Promiscuous mode
15. The frequency with which a threat is expected to occur.
ARO (Annualized Rate of Occurrence)
Twisted pair
SLE (Single Loss Expectancy or Exposure)
Base-64
16. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Toneloc
Digest
AES (Advanced Encryption Standard)
Dumpster diving
17. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
RADIUS (Remote authentication dial-in user service)
Patent
Decentralized
Sabotage
18. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Code of ethics
Probing
Digital signing
Common criteria
19. Defines the objects and their attributes that exist in a database.
Schema
Penetration testing
AES (Advanced Encryption Standard)
User
20. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Audit Trail
CEO
Macro
Rolling hot sites
21. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Packet Sniffing
Patent
SESAME
Enticement
22. Encompasses Risk Analysis and Risk Mitigation
Quality Assurance
Risk Management
Asymmetric
MitM
23. Someone who hacks
Promiscuous mode
Hacker
Classes of IP networks
NAT
24. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Common criteria
Java
Active attacks
Entrapment
25. Chief Executive Officer
SQL (Structured Query Language)
CEO
Trojan horses
Object Oriented Programming
26. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
ISDN (Integrated Services Digital Network)
SSH
Back door/ trap door/maintenance hook
Well-known ports
27. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
War dialing
Penetration testing
Risk Transferring
/etc/passwd
28. When security is managed at many different points in an organization
Decentralized
TEMPEST
Boot-sector Virus
Buffer overflow
29. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Hoax
Dogs
ActiveX Object Linking and Embedding
Well-known ports
30. Personal - Network - and Application
Digital signing
BIA
Firewall types
Virtual Memory/Pagefile.sys
31. The output of a hash function is a digest.
Digest
Entrapment
Boot-sector Virus
Audit Trail
32. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Dictionary Attack
Finger printing
SSO (Single sign-on)
Coax
33. Network Address Translation
CIO
Job rotation
NAT
Hoax
34. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DOS
User
Fences
Biometric profile
35. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Embezzlement
Trojan horses
ALE (Annualized Loss Expectancy)
Asset Value
36. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
DCOM
Dictionary Attack
Substitution
Common criteria
37. Using ICMP to diagram a network
Script
Probing
Exit interview
Call tree
38. When security is managed at a central point in an organization
Brewer-Nash model
l0pht
Centralized
Virtual Memory/Pagefile.sys
39. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Checksum
ARO (Annualized Rate of Occurrence)
Accreditation
Keystroke logging
40. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ALE (Annualized Loss Expectancy)
CORBA
Sniffing
Software development lifecycle
41. A technique to eliminate data redundancy.
Normalization
Joke
COOP
DOS
42. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
SSH
Rijndael
Entrapment
Biometric profile
43. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Cookies
Schema
Well-known ports
Two-Factor Authentication
44. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Classes of IP networks
Risk Analysis
Hot Site
Probing
45. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Data remanence
Closed network
Kerberos
46. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
AES (Advanced Encryption Standard)
Callback Security/Call Forwarding
Eavesdropping
Accountability
47. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Data Mart
Polymorphism
Packet Sniffing
Object Oriented Programming
48. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Granularity
Clipper Chip
Exit interview
Separation of duties
49. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Finger scanning
Man trap
SQL (Structured Query Language)
Back door/ trap door/maintenance hook
50. Component Object Model.
Aggregation
ROM (Read-only memory)
COM
Trap Door