SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A network that uses proprietary protocols
Back door/ trap door/maintenance hook
Software development lifecycle
Patent
Closed network
2. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Fraggle
Java
Risk Management
Firmware
3. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Firmware
OLE
Rolling hot sites
Carnivore
4. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
Custodian
Hash
Security kernel
5. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Hubs
Logic bomb
Callback Security/Call Forwarding
Rolling hot sites
6. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Software librarian
Callback Security/Call Forwarding
WTLS (Wireless Transport Layer Security)
VLANs
7. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Symmetric
Brewer-Nash model
Vulnerability analysis tools
Trade Secret
8. The process of reducing your risks to an acceptable level based on your risk analysis
DCOM
Burden of Proof
Risk Mitigation
BIOS
9. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Boot-sector Virus
Multitasking
Covert channels
10. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
CEO
OSI Model
Hacker
Service packs
11. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
DCOM
Privacy Act of 1974
Embezzlement
Quality Assurance
12. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
SSL/TLS
Risk Analysis
PAP (Password Authentication Protocol)
Dumpster diving
13. Transferring your risk to someone else - typically an insurance company
Copyright
Private Addressing
Illegal/Unethical
Risk Transferring
14. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Hash
Man trap
User
TCSEC
15. More discriminate than dogs
Guards
Rolling hot sites
Risk Analysis
Spoofing
16. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Security kernel
Guards
Digital signing
Caesar Cipher
17. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
TCSEC
TEMPEST
Acceptable use
Accountability
18. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
Classes of IP networks
PAP (Password Authentication Protocol)
Polymorphic
19. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
UUEncode
Buffer overflow
/etc/passwd
ALE (Annualized Loss Expectancy)
20. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Diffie-Hellman
Object Oriented Programming
ROM (Read-only memory)
ActiveX Object Linking and Embedding
21. Internet Architecture Board. This board is responsible for protecting the Internet.
IAB
VPN (Virtual Private Network)
Format 7 times
Copyright
22. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Multitasking
Multithreading
Security through obscurity
Motion detector
23. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
l0pht
Private Addressing
Passive attacks
Separation of duties
24. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Warm Site
Attenuation
Motion detector
Non-repudiation
25. Same as a block cipher except that it is applied to a data stream one bit at a time
Stream cipher
DMZ
Authorization
EF (Exposure Factor)
26. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Trademark
Digest
Polymorphic
/etc/passwd
27. The person that controls access to the data
Custodian
CORBA
l0pht
Spoofing
28. A hidden communications channel on a system that allows for the bypassing of the system security policy
Open network
Covert channels
Service packs
Cold Site
29. Animals with teeth. Not as discriminate as guards
Dogs
FAR/FRR/CER
Throughput of a Biometric System
Cryptanalysis
30. Object Linking and Embedding. The ability of an object to be embedded into another object.
Checksum
Script
Risk Management
OLE
31. Using ICMP to diagram a network
Back door/ trap door/maintenance hook
Probing
ISDN (Integrated Services Digital Network)
FAR/FRR/CER
32. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Trap Door
CIA
Separation of duties
Code of ethics
33. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Artificial Neural Networks (ANN)
Phreaker
Security through obscurity
Joke
34. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Patent
Closed network
TCB
Guards
35. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Script
Sniffing
Noise & perturbation
Encryption
36. When security is managed at a central point in an organization
Carnivore
Tort
Centralized
Phreaker
37. A site that is ready physically but has no hardware in place - all it has is HVAC
Active attacks
Cold Site
Job rotation
Security Awareness Training
38. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Asset Value
Hackers
Base-64
Common criteria
39. Be at least 8 foot tall and have three strands of barbed wire.
Fences
Reciprocal agreement
IRC
Motion detector
40. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Birthday attack
Trade Secret
Coax
Carnivore
41. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Honey pot
Trademark
Normalization
Inference
42. The ability to have more than one thread associated with a process
Joke
Multithreading
Phreaker
Dumpster diving
43. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Coax
MitM
Skipjack
SESAME
44. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Bastion hosts
Trap Door
Enticement
Data remanence
45. Also known as a tunnel)
Keystroke logging
Well-known ports
VPN (Virtual Private Network)
Replay
46. When one key of a two-key pair has more encryption pattern than the other
Asymmetric
Guards
Eavesdropping
Service packs
47. Reasonable doubt
ARP (Address Resolution Protocol)
Clipper Chip
Security through obscurity
Burden of Proof
48. Defines the objects and their attributes that exist in a database.
Service packs
Diffie-Hellman
Qualitative
Schema
49. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Scanning
Owner
COM
Detective - Preventive - Corrective
50. Chief Information Officer
CIO
Routers
Script
SSO (Single sign-on)
