SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Custodian
Kerberos
Hash
Salami Slicing
2. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
War dialing
Mandatory vacation
Common criteria
UUEncode
3. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Acceptable use
Carnivore
Spoofing
SSL/TLS
4. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Biometrics
Schema
Hash
OSI Model
5. Jumping into dumpsters to retrieve information about someone/something/a company
Fiber optic
Dumpster diving
Artificial Neural Networks (ANN)
War dialing
6. A mechanism by which connections to TCP services on a system are allowed or disallowed
Technical - Administrative - Physical
TCP Wrappers
Schema
Social engineering
7. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Honey pot
Accreditation
War dialing
Guards
8. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
OLE
CIO
Change management
9. Continuation of Operations Plan
Software
ALE (Annualized Loss Expectancy)
COOP
Cold Site
10. Network Address Translation
NAT
Job rotation
Diffie-Hellman
Incentive programs
11. Dynamic Host Configuration Protocol.
DCOM
DHCP
TCB
SSO (Single sign-on)
12. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
War dialing
Hackers
Biometrics
Change management
13. The real cost of acquiring/maintaining/developing a system
Asset Value
TACACS (Terminal access controller access control system)
Owner
Finger printing
14. More discriminate than dogs
Guards
Attenuation
Security kernel
SYN Flood
15. Component Object Model.
Caesar Cipher
Logic bomb
COM
Closed network
16. Software designed to infiltrate or damage a computer system - without the owner's consent.
Cryptanalysis
Malware
BIA
Risk Transferring
17. The intercepting of conversations by unintended recipients
CEO
Joke
Eavesdropping
MOM
18. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Aggregation
Macro
Firewall types
Sabotage
19. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
DMZ
Worm
Switches / Bridges
Accreditation
20. Someone who hacks
Carnivore
Boot-sector Virus
Hacker
Hash
21. Animals with teeth. Not as discriminate as guards
ALE (Annualized Loss Expectancy)
Dogs
Halon
IAB
22. A site that is ready physically but has no hardware in place - all it has is HVAC
MitM
Cold Site
Firmware
Technical - Administrative - Physical
23. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Tort
CEO
Active attacks
SSL/TLS
24. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
CHAP
Due Diligence
Virtual machine
Key Escrow
25. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
CGI (The Common Gateway Interface)
Private Addressing
Trademark
COM
26. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Quantitative
MitM
Expert System
Accreditation
27. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Polymorphic
CD-Rom
Asymmetric
Crosstalk
28. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Mandatory vacation
Risk Analysis
CIRT
Routers
29. Method of authenticating to a system. Something that you supply and something you know.
Probing
Back door/ trap door/maintenance hook
Username/password
Asset Value
30. Making individuals accountable for their actions on a system typically through the use of auditing
Non-repudiation
Risk Mitigation
Hardware
Accountability
31. A system designed to stop piggybacking.
Buffer overflow
Biometrics
Aggregation
Man trap
32. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
EF (Exposure Factor)
Biometric profile
Call tree
Reciprocal agreement
33. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
RAM (Random-access memory)
Acceptable use
Base-64
Worm
34. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
CD-Rom
Substitution
Hackers
35. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Wiretapping
DMZ
Covert channels
Patriot Act
36. A war dialing utility
Digest
ROM (Read-only memory)
Toneloc
DNS cache poisoning
37. A network that mimics the brain
Passive attacks
SQL (Structured Query Language)
Artificial Neural Networks (ANN)
SSO (Single sign-on)
38. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
Format 7 times
Carnivore
Accountability
39. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Patent
Identification
Rijndael
40. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Classes of IP networks
CHAP
Caesar Cipher
Custodian
41. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Script kiddies
Covert channels
Keystroke logging
42. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Teardrop
Caesar Cipher
Security kernel
Classes of IP networks
43. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Transposition
Digital certificates
Coax
Hackers
44. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Decentralized
TCSEC
Quantitative
Audit Trail
45. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Coax
Mandatory vacation
Clipper Chip
Joke
46. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Teardrop
OSI Model
Trademark
Key Escrow
47. Threat to physical security.
ISDN (Integrated Services Digital Network)
Owner
Change management
Sabotage
48. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Inference
Trademark
Patriot Act
Diffie-Hellman
49. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Hardware
Normalization
Nonce
SSO (Single sign-on)
50. A technique to eliminate data redundancy.
Encryption
Privacy Act of 1974
Normalization
CCTV
