SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The person that determines the permissions to files. The data owner.
Telnet
Rijndael
Owner
Bastion hosts
2. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
SESAME
Warm Site
CGI (The Common Gateway Interface)
ARO (Annualized Rate of Occurrence)
3. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
DMZ
MitM
Cold Site
4. A system designed to stop piggybacking.
DMZ
Copyright
Job rotation
Man trap
5. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Birthday attack
Decentralized
Switches / Bridges
6. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
UUEncode
Logic bomb
Open network
Hardware
7. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Man trap
Transposition
Trademark
Job rotation
8. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Custodian
Worm
EF (Exposure Factor)
Symmetric
9. The practice of obtaining confidential information by manipulation of legitimate users.
Authentication
Social engineering
Biometrics
Tort
10. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Echelon
DAD
TCB
Service packs
11. In cryptography - it is a block cipher
Granularity
Hearsay Evidence
Fraggle
Skipjack
12. Also known as a tunnel)
Firmware
VPN (Virtual Private Network)
Closed network
Multiprocessing
13. A war dialing utility
SSL/TLS
Active attacks
Toneloc
Covert channels
14. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
Identification
Data remanence
COM
15. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
/etc/passwd
Cyphertext only
Malware
Common criteria
16. Personal - Network - and Application
SSO (Single sign-on)
Clipping levels
Burden of Proof
Firewall types
17. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Tailgating / Piggybacking
Quality Assurance
SSH
Stream cipher
18. Computer Incident Response Team
SESAME
Burden of Proof
Crosstalk
CIRT
19. Motivational tools for employee awareness to get them to report security flaws in an organization
Quantitative
Incentive programs
Change management
CD-Rom
20. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Finger scanning
Due Care
Dogs
Security Awareness Training
21. Assuming someone's session who is unaware of what you are doing
Digital signing
Polymorphic
Session Hijacking
Cryptanalysis
22. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Sniffing
Replay
Multipartite
Service packs
23. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Authentication
Quality Assurance
Toneloc
VLANs
24. Closed Circuit Television
CCTV
Out of band
Symmetric
Stream cipher
25. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
DDOS
Data remanence
CORBA
Detective - Preventive - Corrective
26. The ability to have more than one thread associated with a process
Dumpster diving
Expert systems
Multithreading
Teardrop
27. Data storage formats and equipment that allow the stored data to be accessed in any order
Encryption
RAM (Random-access memory)
Spoofing
Content dependant
28. Basic Input/Output System
Polymorphic
Caesar Cipher
BIOS
SYN Flood
29. The real cost of acquiring/maintaining/developing a system
SESAME
Asset Value
Sabotage
Inference
30. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Checksum
Man trap
Covert channels
Asset Value
31. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Spoofing
Software librarian
Patriot Act
Security Perimeter
32. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
IAB
BIA
Patent
CCTV
33. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Brute Force
Diffie-Hellman
Key Escrow
DCOM
34. A RFC standard. A mechanism for performing commands on a remote system
SYN Flood
Telnet
/etc/passwd
CCTV
35. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
l0pht
Asymmetric
Patriot Act
Salami Slicing
36. The frequency with which a threat is expected to occur.
ARO (Annualized Rate of Occurrence)
User
Script
Username/password
37. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Key Escrow
Guards
Hot Site
Asset Value
38. Motive - Opportunity - and Means. These deal with crime.
UUEncode
Entrapment
MOM
Common criteria
39. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Polymorphism
Hacker
Firmware
Penetration testing
40. Be at least 8 foot tall and have three strands of barbed wire.
Private Addressing
CGI (The Common Gateway Interface)
DHCP
Fences
41. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Audit Trail
Acceptable use
Granularity
SYN Flood
42. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
DDOS
Certification
Call tree
Hearsay Evidence
43. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Detective - Preventive - Corrective
CGI (The Common Gateway Interface)
Inference
FAR/FRR/CER
44. Dynamic Host Configuration Protocol.
EF (Exposure Factor)
DHCP
Call tree
Out of band
45. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Teardrop
Dictionary Attack
Malware
Salami Slicing
46. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Buffer overflow
Fraggle
Clipping levels
Risk Acceptance
47. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Multithreading
Guards
SQL (Structured Query Language)
Sniffing
48. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Code of ethics
Classes of IP networks
Tailgating / Piggybacking
Diffie-Hellman
49. In the broadest sense - a fraud is a deception made for personal gain
Fraud
Security Awareness Training
Virtual Memory/Pagefile.sys
Malware
50. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Boot-sector Virus
Multitasking
Separation of duties
Macro
