SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The frequency with which a threat is expected to occur.
VPN (Virtual Private Network)
Kerberos
Java
ARO (Annualized Rate of Occurrence)
2. Chief Executive Officer
Digital certificates
CEO
Reciprocal agreement
Authorization creep
3. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Trade Secret
War driving
Spoofing
Inference
4. Data storage formats and equipment that allow the stored data to be accessed in any order
Due Diligence
Multitasking
RAM (Random-access memory)
Transposition
5. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Hash
Degausser
AES (Advanced Encryption Standard)
Multithreading
6. Ethernet - Cat5 - Twisted to allow for longer runs.
Due Diligence
TCSEC
Twisted pair
Schema
7. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
CIRT
Smurf
Risk Analysis
Switches / Bridges
8. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Motion detector
Tokens
Clipping levels
Identification
9. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Quality Assurance
Spoofing
Fiber optic
PAP (Password Authentication Protocol)
10. Someone who hacks
Hacker
Keystroke logging
Masquerade
Accountability
11. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
FAR/FRR/CER
Risk Management
Teardrop
Patriot Act
12. Using ICMP to diagram a network
Common criteria
Tailgating / Piggybacking
Digest
Probing
13. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Bugtraq
Risk Analysis
Kerberos
Centralized
14. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Teardrop
Patriot Act
BIOS
Masquerade
15. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Artificial Neural Networks (ANN)
Aggregation
Brute Force
DNS cache poisoning
16. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Back door/ trap door/maintenance hook
Block cipher
Senior Management
Covert channels
17. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
SSH
Penetration testing
Honey pot
Schema
18. A site that is ready physically but has no hardware in place - all it has is HVAC
SSL/TLS
Compiler
Data remanence
Cold Site
19. Also known as a tunnel)
Open network
Granularity
VPN (Virtual Private Network)
Fraggle
20. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Tokens
TACACS (Terminal access controller access control system)
Audit Trail
SSH
21. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Cold Site
Termination procedures
Multitasking
Firewall types
22. Computer Incident Response Team
TACACS (Terminal access controller access control system)
CIRT
Active attacks
BIA
23. Someone whose hacking is primarily targeted at the phone systems
ALE (Annualized Loss Expectancy)
Phreaker
Masquerade
Security Perimeter
24. Encompasses Risk Analysis and Risk Mitigation
Risk Management
Transposition
Firewall types
War dialing
25. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Hubs
Virtual machine
Security Perimeter
Service packs
26. Motivational tools for employee awareness to get them to report security flaws in an organization
MOM
NAT
Security through obscurity
Incentive programs
27. Good for distance - longer than 100M
Base-64
Masquerade
IRC
Coax
28. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Data remanence
CD-Rom
Spoofing
CIRT
29. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Acceptable use
UUEncode
Firewall types
OEP
30. Animals with teeth. Not as discriminate as guards
Dogs
Attenuation
Degausser
TCB
31. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
ActiveX Object Linking and Embedding
TCSEC
Quality Assurance
32. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Risk Mitigation
ActiveX Object Linking and Embedding
Toneloc
Joke
33. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Authentication
ROT-13
/etc/passwd
Fiber optic
34. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Carnivore
Service packs
Penetration testing
ALE (Annualized Loss Expectancy)
35. A network that uses proprietary protocols
Code of ethics
Hardware
Closed network
CORBA
36. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Illegal/Unethical
SSO (Single sign-on)
Finger printing
Bastion hosts
37. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Authorization creep
DMZ
TEMPEST
Trojan horses
38. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Degausser
Trap Door
Encryption
Authorization creep
39. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Fraud
Digital signing
MitM
Firmware
40. Relating to quality or kind. This assigns a level of importance to something.
Java
Qualitative
DDOS
Echelon
41. An attempt to trick the system into believing that something false is real
Macro
Throughput of a Biometric System
Hoax
Authorization creep
42. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
UUEncode
Digest
Cyphertext only
Hot Site
43. More discriminate than dogs
Guards
RAM (Random-access memory)
Security Perimeter
Software
44. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Fraggle
Detective - Preventive - Corrective
Risk Acceptance
Sniffing
45. Must be in place for you to use a biometric system
Mandatory vacation
ISDN (Integrated Services Digital Network)
CEO
Biometric profile
46. In the broadest sense - a fraud is a deception made for personal gain
Fraud
Multitasking
Software development lifecycle
CIO
47. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Compiler
RADIUS (Remote authentication dial-in user service)
ROM (Read-only memory)
Multiprocessing
48. Threat to physical security.
Carnivore
Multipartite
Finger scanning
Sabotage
49. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Coax
Privacy Act of 1974
Covert channels
Diffie-Hellman
50. When security is managed at many different points in an organization
Decentralized
Key Escrow
Content dependant
Routers
