SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Ethernet - Cat5 - Twisted to allow for longer runs.
Telnet
Username/password
Coax
Twisted pair
2. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Routers
FAR/FRR/CER
Degausser
DOS
3. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
Fiber optic
Skipjack
Man trap
4. The user
Classes of IP networks
ROM (Read-only memory)
User
DOS
5. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Due Diligence
Risk Transferring
Kerberos
Expert systems
6. Closed Circuit Television
Tort
Nonce
CCTV
CRC (Cyclic Redundancy Check)
7. Relating to quality or kind. This assigns a level of importance to something.
Cyphertext only
Enticement
Qualitative
Reciprocal agreement
8. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Throughput of a Biometric System
Debug
Polymorphic
Switches / Bridges
9. These can be used to verify that public keys belong to certain individuals.
SSO (Single sign-on)
Multithreading
Digital certificates
Fences
10. In a separation of duties model - this is where code is checked in and out
Multitasking
Eavesdropping
Software librarian
RADIUS (Remote authentication dial-in user service)
11. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fire extinguisher
Expert System
Privacy Act of 1974
Patriot Act
12. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Substitution
Debug
Trojan horses
Sniffing
13. A war dialing utility
Digital certificates
Termination procedures
Toneloc
Risk Mitigation
14. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
Entrapment
COOP
Software development lifecycle
15. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Replay
BIA
DDOS
Digest
16. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Mandatory vacation
Senior Management
CIA
Fraud
17. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Social engineering
Compiler
Dictionary Attack
Job rotation
18. The frequency with which a threat is expected to occur.
Multithreading
Username/password
ARO (Annualized Rate of Occurrence)
Java
19. The practice of obtaining confidential information by manipulation of legitimate users.
Social engineering
TCP Wrappers
Debug
VPN (Virtual Private Network)
20. Motivational tools for employee awareness to get them to report security flaws in an organization
Incentive programs
Software librarian
Session Hijacking
Authorization creep
21. Common Object Request Broker Architecture.
ALE (Annualized Loss Expectancy)
Trap Door
CORBA
Expert systems
22. The act of identifying yourself. Providing your identity to a system
Transposition
Identification
Toneloc
Format 7 times
23. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Key Escrow
Logic bomb
Substitution
Coax
24. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Script
Trademark
Asymmetric
Enticement
25. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Security Awareness Training
Trademark
Boot-sector Virus
26. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Halon
Biometric profile
Data Mart
27. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
DDOS
/etc/passwd
Java
SSL/TLS
28. White hat l0pht
Bugtraq
Authorization creep
Risk Acceptance
Security Perimeter
29. A network that uses standard protocols (TCP/IP)
SQL (Structured Query Language)
Open network
Accountability
Worm
30. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
CGI (The Common Gateway Interface)
Data remanence
CIRT
Expert systems
31. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Smart cards
Reciprocal agreement
Authorization creep
32. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Accountability
Noise & perturbation
Reciprocal agreement
Degausser
33. Dynamic Host Configuration Protocol.
DHCP
Carnivore
Qualitative
Copyright
34. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
PKI
IRC
Fraud
Buffer overflow
35. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Embezzlement
Digital signing
Logic bomb
Separation of duties
36. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Spoofing
Probing
Packet Sniffing
Risk Mitigation
37. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
ROM (Read-only memory)
Risk Mitigation
Software
Authorization creep
38. Chief Information Officer
OLE
Hackers
CIO
Risk Acceptance
39. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Raid 0 - 1 - 3 - 5
Java
TCB
Brute force
40. A site that is ready physically but has no hardware in place - all it has is HVAC
Finger scanning
Cold Site
Multipartite
Tailgating / Piggybacking
41. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
DNS cache poisoning
Fiber optic
Incentive programs
Inference
42. Good for distance - longer than 100M
Firmware
ISDN (Integrated Services Digital Network)
Coax
Biometrics
43. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
Worm
War dialing
Salami Slicing
44. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
SLE (Single Loss Expectancy or Exposure)
Software
ActiveX Object Linking and Embedding
Authorization
45. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
UUEncode
OSI Model
Carnivore
FAR/FRR/CER
46. Continuation of Operations Plan
User
Hardware
Enticement
COOP
47. Network Address Translation
Burden of Proof
Vulnerability analysis tools
Skipjack
NAT
48. A mechanism by which connections to TCP services on a system are allowed or disallowed
ALE (Annualized Loss Expectancy)
Skipjack
TCP Wrappers
Termination procedures
49. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Hacker
Fiber optic
BIA
Rolling hot sites
50. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Callback Security/Call Forwarding
Technical - Administrative - Physical
Hubs
War driving
