SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Object Linking and Embedding. The ability of an object to be embedded into another object.
OLE
Sabotage
Replay
Multitasking
2. Relating to quality or kind. This assigns a level of importance to something.
Nonce
Incentive programs
Software development lifecycle
Qualitative
3. The act of identifying yourself. Providing your identity to a system
Non-repudiation
Enticement
Debug
Identification
4. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Key Escrow
Logic bomb
ALE (Annualized Loss Expectancy)
Software librarian
5. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
/etc/passwd
Finger scanning
DHCP
Private Addressing
6. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
Well-known ports
Risk Analysis
Keystroke logging
7. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Script kiddies
Java
IRC
Trade Secret
8. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Audit Trail
ALE (Annualized Loss Expectancy)
Virtual machine
9. Access control method for database based on the content of the database to provide granular access
DNS cache poisoning
COM
Content dependant
CIA
10. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Patriot Act
Biometrics
Multitasking
OSI Model
11. More discriminate than dogs
Risk Analysis
Digital signing
Guards
Cold Site
12. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Illegal/Unethical
Teardrop
SSH
Finger printing
13. Dialing fixed sets telephone numbers looking for open modem connections to machines
Privacy Act of 1974
War dialing
TACACS (Terminal access controller access control system)
Reciprocal agreement
14. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Polymorphism
Privacy Act of 1974
Asset Value
Biometrics
15. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Detective - Preventive - Corrective
Copyright
Dumpster diving
OSI Model
16. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Dumpster diving
Hash
ISDN (Integrated Services Digital Network)
Smart cards
17. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Biometrics
Raid 0 - 1 - 3 - 5
Trap Door
Java
18. A gas used in fire suppression. Not human safe. Chemical reaction.
TCSEC
Symmetric
Macro
Halon
19. A RFC standard. A mechanism for performing commands on a remote system
ARO (Annualized Rate of Occurrence)
Multiprocessing
Telnet
Birthday attack
20. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
CRC (Cyclic Redundancy Check)
Reciprocal agreement
Due Care
21. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Identification
Software
OSI Model
ARO (Annualized Rate of Occurrence)
22. Closed Circuit Television
ARO (Annualized Rate of Occurrence)
Phreaker
Two-Factor Authentication
CCTV
23. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
DDOS
Custodian
Checksum
Diffie-Hellman
24. In the broadest sense - a fraud is a deception made for personal gain
Fraud
Incentive programs
Kerberos
Echelon
25. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Sniffing
Warm Site
Patent
Software librarian
26. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Out of band
Reciprocal agreement
CEO
Software development lifecycle
27. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Trojan horses
Tokens
Aggregation
Hackers
28. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Digital certificates
Job rotation
Out of band
ROT-13
29. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
FAR/FRR/CER
CHAP
SESAME
Cryptanalysis
30. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Nonce
Echelon
Kerberos
Skipjack
31. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Penetration testing
Script kiddies
Mandatory vacation
Digest
32. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Bugtraq
RAM (Random-access memory)
Granularity
DHCP
33. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Honey pot
Sabotage
COM
Checksum
34. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Session Hijacking
Worm
Data remanence
Raid 0 - 1 - 3 - 5
35. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Checksum
Switches / Bridges
ARP (Address Resolution Protocol)
Inference
36. Threat to physical security.
Sabotage
Java
Biometric profile
Security Perimeter
37. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Risk Transferring
Finger printing
Detective - Preventive - Corrective
Smurf
38. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
SESAME
DNS cache poisoning
Well-known ports
Covert channels
39. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Fraggle
Throughput of a Biometric System
Multipartite
Hash
40. Entails planning and system actions to ensure that a project is following good quality management practices
ROM (Read-only memory)
Quality Assurance
FAR/FRR/CER
DCOM
41. Transferring your risk to someone else - typically an insurance company
Raid 0 - 1 - 3 - 5
Schema
Risk Transferring
War driving
42. White hat l0pht
Hacker
Bugtraq
Due Care
TACACS (Terminal access controller access control system)
43. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Due Diligence
Audit Trail
Cookies
Granularity
44. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
CHAP
CIA
Tailgating / Piggybacking
Format 7 times
45. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Telnet
Risk Analysis
Asymmetric
Senior Management
46. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Biometrics
DMZ
MitM
SYN Flood
47. Good for distance - longer than 100M
Coax
Call tree
Debug
Job rotation
48. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Authorization
Masquerade
Covert channels
Spoofing
49. The process of reducing your risks to an acceptable level based on your risk analysis
DCOM
Noise & perturbation
Risk Mitigation
Trade Secret
50. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
Separation of duties
Username/password
Custodian
