Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
CRC (Cyclic Redundancy Check)
Rolling hot sites
Non-repudiation
Hash

2. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Service packs
Call tree
Smart cards
Eavesdropping

3. Scanning the airwaves for radio transmissions
Fiber optic
Coax
CIRT
Scanning

4. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
OSI Model
Clipper Chip
Coax

5. Using ICMP to diagram a network
Cyphertext only
Fiber optic
Probing
Masquerade

6. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
Eavesdropping
CIRT
SSL/TLS

7. Access control method for database based on the content of the database to provide granular access
Risk Transferring
Content dependant
Hacker
Detective - Preventive - Corrective

8. Common Object Request Broker Architecture.
Centralized
DHCP
CORBA
Object Oriented Programming

9. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
/etc/passwd
Embezzlement
Warm Site
Rijndael

10. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
SSO (Single sign-on)
Finger scanning
Authorization
Classes of IP networks

11. Random Number Base
Non-repudiation
Centralized
Nonce
Burden of Proof

12. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Carnivore
Data remanence
Active attacks
Risk Analysis

13. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Quality Assurance
PAP (Password Authentication Protocol)
Active attacks
l0pht

14. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Boot-sector Virus
Granularity
Active attacks
Biometrics

15. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Incentive programs
CIRT
Dictionary Attack
Digital certificates

16. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Bugtraq
Boot-sector Virus
AES (Advanced Encryption Standard)
IRC

17. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Data remanence
CHAP
Clipper Chip
EF (Exposure Factor)

18. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Multipartite
Dogs
Hardware
Replay

19. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Active attacks
ISDN (Integrated Services Digital Network)
Honey pot
ARO (Annualized Rate of Occurrence)

20. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
TACACS (Terminal access controller access control system)
CEO
Object Oriented Programming
Accreditation

21. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
CCTV
Qualitative
Firmware
Hardware

22. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Multithreading
Malware
Decentralized
Fire extinguisher

23. Involving the measurement of quantity or amount.
PKI
Incentive programs
Wiretapping
Quantitative

24. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
SESAME
Nonce
Finger scanning
Multiprocessing

25. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Warm Site
Motion detector
Vulnerability analysis tools
Cryptanalysis

26. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Digest
Tailgating / Piggybacking
SQL (Structured Query Language)
Expert systems

27. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Fraggle
DDOS
Custodian
Expert System

28. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Buffer overflow
Joke
Software
Cryptanalysis

29. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
TCB
RAM (Random-access memory)
Privacy Act of 1974
Checksum

30. Setting up the user to access the honeypot for reasons other than the intent to harm.
Entrapment
Non-repudiation
SSH
Kerberos

31. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
EF (Exposure Factor)
Smurf
Guards
Trademark

32. When two or more processes are linked and execute multiple programs simultaneously
Dumpster diving
Multiprocessing
Crosstalk
Routers

33. White hat l0pht
Fences
Bugtraq
VPN (Virtual Private Network)
Back door/ trap door/maintenance hook

34. In cryptography - it is a block cipher
Trojan horses
Digital signing
Skipjack
Promiscuous mode

35. Computer Incident Response Team
TCB
CIRT
CORBA
Owner

36. Accepting all packets
Tort
Fiber optic
Promiscuous mode
Code of ethics

37. Network device that operates at layer 1. Concentrator.
Back door/ trap door/maintenance hook
Boot-sector Virus
Hubs
Acceptable use

38. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Brute Force
Penetration testing
Change management
Risk Transferring

39. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Asset Value
Common criteria
Toneloc
Active attacks

40. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Artificial Neural Networks (ANN)
Covert channels
Callback Security/Call Forwarding
Smurf

41. The user
SSL/TLS
User
MitM
Salami Slicing

42. Defines the objects and their attributes that exist in a database.
Joke
Call tree
Schema
Normalization

43. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Exit interview
Risk Management
Inference
Polymorphic

44. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Script
Echelon
Artificial Neural Networks (ANN)
BIOS

45. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Teardrop
Twisted pair
Biometrics
Accreditation

46. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Artificial Neural Networks (ANN)
Birthday attack
Tort
Caesar Cipher

47. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Worm
Checksum
UUEncode
Wiretapping

48. Chief Information Officer
Skipjack
DMZ
CIO
Reciprocal agreement

49. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
War dialing
Guards
Well-known ports
UUEncode

50. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Repeaters
DNS cache poisoning
Boot-sector Virus
Technical - Administrative - Physical