SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attempt to trick the system into believing that something false is real
Hoax
Data Mart
Encryption
RAM (Random-access memory)
2. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Scanning
Burden of Proof
UUEncode
Expert System
3. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
EF (Exposure Factor)
SYN Flood
l0pht
Cryptanalysis
4. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Encryption
Hubs
Echelon
Identification
5. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
ARP (Address Resolution Protocol)
Common criteria
Back door/ trap door/maintenance hook
Trojan horses
6. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Noise & perturbation
Virtual Memory/Pagefile.sys
Hearsay Evidence
Repeaters
7. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Authorization creep
Expert systems
Audit Trail
Malware
8. Network device that operates at layer 1. Concentrator.
Risk Mitigation
Centralized
UUEncode
Hubs
9. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Passive attacks
Telnet
MitM
Halon
10. When one key of a two-key pair has more encryption pattern than the other
RADIUS (Remote authentication dial-in user service)
Fraud
Buffer overflow
Asymmetric
11. A site that has some equipment in place - and can be up within days
Entrapment
Warm Site
ISDN (Integrated Services Digital Network)
Carnivore
12. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Expert System
Social engineering
Keystroke logging
Dumpster diving
13. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Polymorphism
Debug
TEMPEST
Service packs
14. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Throughput of a Biometric System
Finger printing
Birthday attack
Finger scanning
15. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Mandatory vacation
Birthday attack
Skipjack
Compiler
16. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Non-repudiation
Rolling hot sites
Brute Force
CGI (The Common Gateway Interface)
17. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Rolling hot sites
Change management
Expert System
Mandatory vacation
18. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Patriot Act
Crosstalk
Reciprocal agreement
Wiretapping
19. The real cost of acquiring/maintaining/developing a system
Code of ethics
Hackers
Brewer-Nash model
Asset Value
20. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
DNS cache poisoning
Software development lifecycle
SESAME
Toneloc
21. These can be used to verify that public keys belong to certain individuals.
Audit Trail
TACACS (Terminal access controller access control system)
CIO
Digital certificates
22. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Technical - Administrative - Physical
Hacker
CHAP
Toneloc
23. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Cookies
Certification
PKI
Mandatory vacation
24. Common Object Request Broker Architecture.
CORBA
Transposition
Social engineering
VLANs
25. Signal degradation as it moves farther from its source
Warm Site
Fire extinguisher
Attenuation
CEO
26. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Software
Incentive programs
Passive attacks
Callback Security/Call Forwarding
27. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Firmware
Finger scanning
DDOS
DAD
28. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Asset Value
ActiveX Object Linking and Embedding
EF (Exposure Factor)
Callback Security/Call Forwarding
29. Setting up the user to access the honeypot for reasons other than the intent to harm.
Expert System
Wiretapping
Entrapment
NAT
30. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Fiber optic
Transposition
Back door/ trap door/maintenance hook
Carnivore
31. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Active attacks
COM
DCOM
Block cipher
32. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
War driving
Risk Management
TCB
COOP
33. Entails planning and system actions to ensure that a project is following good quality management practices
Quality Assurance
Joke
Hoax
Base-64
34. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Brute force
Tort
Granularity
Decentralized
35. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Sabotage
Job rotation
Expert systems
TCP Wrappers
36. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Carnivore
SSL/TLS
Copyright
Hackers
37. Dynamic Host Configuration Protocol.
Warm Site
Tailgating / Piggybacking
DHCP
Motion detector
38. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Stream cipher
Trojan horses
Replay
Multithreading
39. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
Authentication
l0pht
Clipper Chip
40. Network devices that operate at layer 3. This device separates broadcast domains.
Decentralized
DMZ
Routers
Boot-sector Virus
41. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Entrapment
PKI
Service packs
Throughput of a Biometric System
42. Confidentiality - Integrity - and Availability
Technical - Administrative - Physical
Exit interview
Boot-sector Virus
CIA
43. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Patent
Out of band
Classes of IP networks
Packet Sniffing
44. Chief Information Officer
Back door/ trap door/maintenance hook
DDOS
Vulnerability analysis tools
CIO
45. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Cryptanalysis
TACACS (Terminal access controller access control system)
Embezzlement
Transposition
46. A site that is ready physically but has no hardware in place - all it has is HVAC
Security Perimeter
Exit interview
Key Escrow
Cold Site
47. Reasonable doubt
Burden of Proof
Noise & perturbation
Non-repudiation
Acceptable use
48. Assuming someone's session who is unaware of what you are doing
Audit Trail
Privacy Act of 1974
Session Hijacking
Transposition
49. Defines the objects and their attributes that exist in a database.
Schema
OLE
Non-repudiation
Degausser
50. Distributed Component Object Model. Microsoft's implementation of CORBA.
COOP
COM
DCOM
CGI (The Common Gateway Interface)