SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
DNS cache poisoning
Guards
Authorization
Hearsay Evidence
2. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
MitM
BIOS
Cookies
3. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
EF (Exposure Factor)
Detective - Preventive - Corrective
Virtual Memory/Pagefile.sys
SSO (Single sign-on)
4. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Risk Transferring
Raid 0 - 1 - 3 - 5
DOS
Brute Force
5. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Entrapment
War driving
EF (Exposure Factor)
Checksum
6. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Normalization
Polymorphic
Caesar Cipher
ISDN (Integrated Services Digital Network)
7. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Hardware
SSH
Covert channels
Toneloc
8. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Fences
Security through obscurity
SESAME
Halon
9. A network that mimics the brain
Aggregation
Teardrop
Artificial Neural Networks (ANN)
Audit Trail
10. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Cryptanalysis
Teardrop
Patent
Clipping levels
11. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Attenuation
Accountability
TACACS (Terminal access controller access control system)
TEMPEST
12. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Expert systems
SQL (Structured Query Language)
Security kernel
ROT-13
13. When two or more processes are linked and execute multiple programs simultaneously
Hash
Worm
Firewall types
Multiprocessing
14. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Sniffing
DDOS
CEO
Accountability
15. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Call tree
TCSEC
ActiveX Object Linking and Embedding
Asset Value
16. Common Object Request Broker Architecture.
Trojan horses
CORBA
Privacy Act of 1974
DNS cache poisoning
17. Internet Relay Chat.
Authorization creep
IAB
IRC
Object Oriented Programming
18. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Clipper Chip
Call tree
Normalization
Trojan horses
19. White hat l0pht
Bugtraq
Polymorphism
AES (Advanced Encryption Standard)
Packet Sniffing
20. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Carnivore
Hoax
Call tree
Biometric profile
21. Once authenticated - the level of access you have to a system
SSL/TLS
Authorization
BIOS
Rijndael
22. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Birthday attack
Stream cipher
Identification
DNS cache poisoning
23. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Masquerade
WAP (Wireless Application Protocol)
Trade Secret
ARP (Address Resolution Protocol)
24. To not be legal (as far as law is concerned) or ethical
UUEncode
Degausser
Illegal/Unethical
Covert channels
25. In a separation of duties model - this is where code is checked in and out
Compiler
Caesar Cipher
Software librarian
Expert systems
26. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Acceptable use
Hearsay Evidence
Twisted pair
Callback Security/Call Forwarding
27. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Centralized
Joke
Patent
Certification
28. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Dogs
DDOS
Encryption
MitM
29. Dialing fixed sets telephone numbers looking for open modem connections to machines
Degausser
Multipartite
Honey pot
War dialing
30. Chief Executive Officer
TEMPEST
Rijndael
Script
CEO
31. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Keystroke logging
Macro
Packet Sniffing
NAT
32. A card that holds information that must be authenticated to before it can reveal the information that it is holding
UUEncode
Owner
War driving
Smart cards
33. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Packet Sniffing
Teardrop
Burden of Proof
34. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
ROM (Read-only memory)
Granularity
Hearsay Evidence
35. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
CIRT
Skipjack
Due Diligence
Honey pot
36. An attempt to trick the system into believing that something false is real
Checksum
Hoax
Format 7 times
Software librarian
37. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Echelon
Hearsay Evidence
Penetration testing
Honey pot
38. Good for distance - longer than 100M
Well-known ports
Senior Management
Coax
Replay
39. Reasonable doubt
Burden of Proof
Audit Trail
Firmware
Separation of duties
40. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Penetration testing
Granularity
CIA
Repeaters
41. The person that determines the permissions to files. The data owner.
Polymorphic
Owner
Copyright
Dictionary Attack
42. Confidentiality - Integrity - and Availability
Smurf
Exit interview
Polymorphism
CIA
43. Network devices that operate at layer 3. This device separates broadcast domains.
Well-known ports
Fire extinguisher
CCTV
Routers
44. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
Twisted pair
Tailgating / Piggybacking
Artificial Neural Networks (ANN)
45. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Job rotation
Asymmetric
Malware
Digest
46. Animals with teeth. Not as discriminate as guards
Crosstalk
Multipartite
Hash
Dogs
47. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Risk Transferring
ISDN (Integrated Services Digital Network)
Certification
Granularity
48. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
RADIUS (Remote authentication dial-in user service)
Software
Open network
Telnet
49. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
DHCP
Reciprocal agreement
Classes of IP networks
Noise & perturbation
50. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
PKI
Penetration testing
VPN (Virtual Private Network)