SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A site that is ready physically but has no hardware in place - all it has is HVAC
WAP (Wireless Application Protocol)
Hoax
BIA
Cold Site
2. Public Key Infrastructure
Hash
Tailgating / Piggybacking
PKI
DHCP
3. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Rijndael
Smart cards
CORBA
Format 7 times
4. The person that determines the permissions to files. The data owner.
Owner
SLE (Single Loss Expectancy or Exposure)
Virtual machine
Phreaker
5. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Hearsay Evidence
CRC (Cyclic Redundancy Check)
War dialing
Expert System
6. Scanning the airwaves for radio transmissions
Salami Slicing
OSI Model
Scanning
Fiber optic
7. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
DAD
WTLS (Wireless Transport Layer Security)
DDOS
Rolling hot sites
8. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Buffer overflow
Raid 0 - 1 - 3 - 5
Qualitative
Cyphertext only
9. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brewer-Nash model
Termination procedures
Hardware
DNS cache poisoning
10. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Brewer-Nash model
Logic bomb
SQL (Structured Query Language)
OEP
11. Internet Architecture Board. This board is responsible for protecting the Internet.
Closed network
Burden of Proof
IAB
ARO (Annualized Rate of Occurrence)
12. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Mandatory vacation
Transposition
ROM (Read-only memory)
Polymorphic
13. Motivational tools for employee awareness to get them to report security flaws in an organization
l0pht
VPN (Virtual Private Network)
Keystroke logging
Incentive programs
14. A network that mimics the brain
Copyright
Halon
Artificial Neural Networks (ANN)
Entrapment
15. In a separation of duties model - this is where code is checked in and out
Digest
Multithreading
Virtual Memory/Pagefile.sys
Software librarian
16. Distributed Component Object Model. Microsoft's implementation of CORBA.
SQL (Structured Query Language)
CRC (Cyclic Redundancy Check)
DCOM
Kerberos
17. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Clipper Chip
Schema
Passive attacks
ISDN (Integrated Services Digital Network)
18. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Cookies
Separation of duties
DMZ
Java
19. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Risk Analysis
Centralized
UUEncode
Script kiddies
20. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Joke
Username/password
Service packs
TCB
21. Also known as a tunnel)
VPN (Virtual Private Network)
Data remanence
Trade Secret
Man trap
22. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
Common criteria
Illegal/Unethical
Covert channels
23. Making individuals accountable for their actions on a system typically through the use of auditing
Hardware
Owner
Accountability
Entrapment
24. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
CCTV
Non-repudiation
Hash
Fire extinguisher
25. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Well-known ports
Encryption
TCSEC
Hardware
26. The practice of obtaining confidential information by manipulation of legitimate users.
Trade Secret
Social engineering
Firmware
Script
27. Access control method for database based on the content of the database to provide granular access
Content dependant
Sniffing
War dialing
RADIUS (Remote authentication dial-in user service)
28. A mechanism by which connections to TCP services on a system are allowed or disallowed
Multipartite
TCP Wrappers
Raid 0 - 1 - 3 - 5
Quality Assurance
29. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Substitution
Compiler
Warm Site
Hearsay Evidence
30. Accepting all packets
Acceptable use
Promiscuous mode
Non-repudiation
Hearsay Evidence
31. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Tailgating / Piggybacking
OEP
Birthday attack
Biometric profile
32. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Normalization
DOS
DHCP
33. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
SESAME
Digest
Due Care
Substitution
34. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Two-Factor Authentication
Copyright
Brute force
Transposition
35. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Script kiddies
TCSEC
Spoofing
BIOS
36. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Twisted pair
Script kiddies
SSH
Macro
37. Data storage formats and equipment that allow the stored data to be accessed in any order
RADIUS (Remote authentication dial-in user service)
Logic bomb
CGI (The Common Gateway Interface)
RAM (Random-access memory)
38. Encompasses Risk Analysis and Risk Mitigation
Risk Acceptance
Risk Management
Brewer-Nash model
CIO
39. Someone whose hacking is primarily targeted at the phone systems
Software librarian
Termination procedures
Quality Assurance
Phreaker
40. White hat l0pht
PKI
Bugtraq
ARO (Annualized Rate of Occurrence)
Trojan horses
41. Method of authenticating to a system. Something that you supply and something you know.
Nonce
Username/password
PAP (Password Authentication Protocol)
Noise & perturbation
42. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Multitasking
Brewer-Nash model
COM
Dictionary Attack
43. A system designed to stop piggybacking.
OEP
Man trap
TEMPEST
RAM (Random-access memory)
44. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Hardware
DAD
RADIUS (Remote authentication dial-in user service)
Hubs
45. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Script
Brute force
Finger scanning
Risk Analysis
46. An attempt to trick the system into believing that something false is real
Hoax
Dictionary Attack
CD-Rom
Tokens
47. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Format 7 times
Aggregation
AES (Advanced Encryption Standard)
User
48. Motive - Opportunity - and Means. These deal with crime.
MOM
Bugtraq
MitM
Security kernel
49. When security is managed at a central point in an organization
ARO (Annualized Rate of Occurrence)
Copyright
DCOM
Centralized
50. Chief Information Officer
Cyphertext only
CIO
Spoofing
Finger printing
