SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Jumping into dumpsters to retrieve information about someone/something/a company
Software
Dumpster diving
Boot-sector Virus
Normalization
2. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
War driving
Mandatory vacation
Acceptable use
3. Personal - Network - and Application
Firewall types
IRC
Accountability
Carnivore
4. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Due Care
Cyphertext only
Finger printing
Rijndael
5. Entails planning and system actions to ensure that a project is following good quality management practices
Masquerade
Quality Assurance
Vulnerability analysis tools
Decentralized
6. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Substitution
Mandatory vacation
Multitasking
/etc/passwd
7. A system designed to stop piggybacking.
Software development lifecycle
Risk Management
Man trap
AES (Advanced Encryption Standard)
8. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Transposition
Multitasking
Teardrop
CHAP
9. The user
Virtual Memory/Pagefile.sys
Polymorphic
User
Fiber optic
10. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Passive attacks
RADIUS (Remote authentication dial-in user service)
ARP (Address Resolution Protocol)
SSH
11. Chief Executive Officer
Eavesdropping
CEO
Block cipher
Callback Security/Call Forwarding
12. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Tailgating / Piggybacking
Username/password
Smart cards
Open network
13. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
l0pht
Echelon
Session Hijacking
Nonce
14. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
DDOS
Exit interview
CIO
Dictionary Attack
15. Involving the measurement of quantity or amount.
Code of ethics
CRC (Cyclic Redundancy Check)
ARP (Address Resolution Protocol)
Quantitative
16. Confidentiality - Integrity - and Availability
CIA
Username/password
Separation of duties
l0pht
17. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
DMZ
Encryption
VPN (Virtual Private Network)
Copyright
18. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Joke
Fiber optic
Honey pot
User
19. Accepting all packets
Code of ethics
Aggregation
Promiscuous mode
User
20. Someone whose hacking is primarily targeted at the phone systems
/etc/passwd
COOP
Phreaker
Toneloc
21. A network that uses proprietary protocols
Closed network
Non-repudiation
Expert systems
Classes of IP networks
22. Encompasses Risk Analysis and Risk Mitigation
TCP Wrappers
Carnivore
Risk Management
WTLS (Wireless Transport Layer Security)
23. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Code of ethics
Enticement
Substitution
24. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Risk Transferring
Boot-sector Virus
Privacy Act of 1974
Authorization creep
25. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
TCSEC
Service packs
OSI Model
Privacy Act of 1974
26. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Man trap
DDOS
Finger scanning
Privacy Act of 1974
27. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Asymmetric
Detective - Preventive - Corrective
Format 7 times
OLE
28. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Smurf
Hardware
Dogs
SLE (Single Loss Expectancy or Exposure)
29. White hat l0pht
Nonce
Data Mart
Dictionary Attack
Bugtraq
30. More discriminate than dogs
Debug
Separation of duties
Risk Analysis
Guards
31. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Keystroke logging
COOP
Well-known ports
Hearsay Evidence
32. Method of authenticating to a system. Something that you supply and something you know.
DOS
Username/password
Technical - Administrative - Physical
Fire extinguisher
33. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Granularity
Private Addressing
Back door/ trap door/maintenance hook
Teardrop
34. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Private Addressing
Attenuation
Masquerade
AES (Advanced Encryption Standard)
35. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Checksum
Compiler
DAD
36. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Repeaters
Keystroke logging
Expert System
Artificial Neural Networks (ANN)
37. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
User
Halon
FAR/FRR/CER
Format 7 times
38. Ethernet - Cat5 - Twisted to allow for longer runs.
CIRT
Twisted pair
Promiscuous mode
Tort
39. When one key of a two-key pair has more encryption pattern than the other
IRC
CIRT
User
Asymmetric
40. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Expert systems
Honey pot
Polymorphism
ARP (Address Resolution Protocol)
41. In cryptography - it is a block cipher
Worm
Skipjack
UUEncode
Eavesdropping
42. The act of identifying yourself. Providing your identity to a system
Object Oriented Programming
EF (Exposure Factor)
Sabotage
Identification
43. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
CIA
Symmetric
Fences
Cookies
44. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Fences
Buffer overflow
Rolling hot sites
Audit Trail
45. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
/etc/passwd
Well-known ports
SYN Flood
Format 7 times
46. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Telnet
Reciprocal agreement
AES (Advanced Encryption Standard)
Private Addressing
47. Access control method for database based on the content of the database to provide granular access
FAR/FRR/CER
Content dependant
Software development lifecycle
Macro
48. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Decentralized
Keystroke logging
Clipping levels
Quality Assurance
49. Continuation of Operations Plan
DAD
COOP
Audit Trail
TCP Wrappers
50. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
RADIUS (Remote authentication dial-in user service)
SESAME
Risk Mitigation
Tokens
