SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
Virtual Memory/Pagefile.sys
AES (Advanced Encryption Standard)
Echelon
2. Confidentiality - Integrity - and Availability
Back door/ trap door/maintenance hook
CIA
RADIUS (Remote authentication dial-in user service)
Multipartite
3. The real cost of acquiring/maintaining/developing a system
Caesar Cipher
Asset Value
Man trap
ALE (Annualized Loss Expectancy)
4. Object Linking and Embedding. The ability of an object to be embedded into another object.
Classes of IP networks
Birthday attack
OLE
Granularity
5. When security is managed at many different points in an organization
Non-repudiation
Sniffing
Decentralized
Coax
6. Once authenticated - the level of access you have to a system
Authorization
Schema
Kerberos
DOS
7. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Expert System
Replay
COOP
VLANs
8. Rolling command center with UPS - satellite - uplink - power - etc.
Accreditation
Rolling hot sites
Data remanence
Senior Management
9. Enticing people to hit your honeypot to see how they try to access your system.
Multitasking
DNS cache poisoning
Enticement
War driving
10. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
Aggregation
DDOS
EF (Exposure Factor)
11. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Two-Factor Authentication
FAR/FRR/CER
Brute Force
Software
12. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Rijndael
/etc/passwd
OEP
Trojan horses
13. Entails planning and system actions to ensure that a project is following good quality management practices
Worm
Brewer-Nash model
Bugtraq
Quality Assurance
14. Random Number Base
Biometric profile
Authorization
Nonce
Risk Mitigation
15. The user
Data remanence
Code of ethics
ROT-13
User
16. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Incentive programs
Private Addressing
Encryption
Data remanence
17. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Buffer overflow
Embezzlement
Macro
Accreditation
18. Threat to physical security.
Substitution
Expert systems
Sabotage
User
19. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Block cipher
Tokens
Incentive programs
Probing
20. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Spoofing
VPN (Virtual Private Network)
Debug
Twisted pair
21. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
ActiveX Object Linking and Embedding
Base-64
Back door/ trap door/maintenance hook
PAP (Password Authentication Protocol)
22. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Tokens
Security Awareness Training
Software development lifecycle
Coax
23. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Username/password
Sniffing
CGI (The Common Gateway Interface)
Job rotation
24. Continuation of Operations Plan
Burden of Proof
COOP
Multithreading
CIRT
25. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
UUEncode
Tort
Smurf
CRC (Cyclic Redundancy Check)
26. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Separation of duties
Block cipher
Honey pot
Username/password
27. Must be in place for you to use a biometric system
Software development lifecycle
Virtual Memory/Pagefile.sys
Multitasking
Biometric profile
28. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Attenuation
AES (Advanced Encryption Standard)
Substitution
Dogs
29. A network that uses standard protocols (TCP/IP)
Risk Analysis
Open network
SYN Flood
CIO
30. Defines the objects and their attributes that exist in a database.
Hash
Schema
Normalization
ROT-13
31. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Detective - Preventive - Corrective
Software development lifecycle
ActiveX Object Linking and Embedding
Telnet
32. A network that uses proprietary protocols
Security kernel
Patent
Closed network
SLE (Single Loss Expectancy or Exposure)
33. Scanning the airwaves for radio transmissions
Scanning
Birthday attack
Authorization
DMZ
34. Disclosure - Alteration - Destruction. These things break the CIA triad
PKI
SSO (Single sign-on)
DAD
Multiprocessing
35. A hidden communications channel on a system that allows for the bypassing of the system security policy
Cookies
Hash
Covert channels
Repeaters
36. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Enticement
Motion detector
l0pht
Session Hijacking
37. Distributed Component Object Model. Microsoft's implementation of CORBA.
War dialing
DCOM
Multitasking
Hacker
38. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Normalization
Security Perimeter
Finger scanning
SLE (Single Loss Expectancy or Exposure)
39. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Phreaker
WTLS (Wireless Transport Layer Security)
Base-64
Trap Door
40. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
VPN (Virtual Private Network)
Crosstalk
CIRT
TACACS (Terminal access controller access control system)
41. Access control method for database based on the content of the database to provide granular access
Reciprocal agreement
Content dependant
Base-64
Passive attacks
42. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
Wiretapping
PKI
ALE (Annualized Loss Expectancy)
43. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
Cryptanalysis
Cookies
Crosstalk
44. CISSPs subscribe to a code of ethics for building up the security profession
Well-known ports
Crosstalk
VLANs
Code of ethics
45. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Throughput of a Biometric System
COM
BIA
Boot-sector Virus
46. Involving the measurement of quantity or amount.
Firewall types
AES (Advanced Encryption Standard)
Coax
Quantitative
47. Occupant Emergency Plan - Employees are the most important!
Caesar Cipher
ROT-13
Termination procedures
OEP
48. A war dialing utility
Twisted pair
Toneloc
CD-Rom
Joke
49. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Base-64
Due Care
Inference
Accreditation
50. When one key of a two-key pair has more encryption pattern than the other
Asymmetric
Bastion hosts
Privacy Act of 1974
Finger scanning
