SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
Wiretapping
Privacy Act of 1974
WTLS (Wireless Transport Layer Security)
2. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Incentive programs
Well-known ports
Telnet
Trademark
3. The output of a hash function is a digest.
Digest
TCP Wrappers
TCSEC
Decentralized
4. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
SSH
Noise & perturbation
Eavesdropping
User
5. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Dumpster diving
Embezzlement
Authorization
Hoax
6. Dynamic Host Configuration Protocol.
Teardrop
Separation of duties
Biometric profile
DHCP
7. Same as a block cipher except that it is applied to a data stream one bit at a time
Boot-sector Virus
Stream cipher
Man trap
Spoofing
8. Public Key Infrastructure
PKI
TCSEC
DHCP
Eavesdropping
9. Confidentiality - Integrity - and Availability
CIA
IRC
Vulnerability analysis tools
SYN Flood
10. The intercepting of conversations by unintended recipients
Eavesdropping
Risk Management
Asset Value
IRC
11. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Asset Value
Accountability
Decentralized
Macro
12. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
Motion detector
Dumpster diving
Security through obscurity
13. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Authentication
Due Care
Well-known ports
Clipping levels
14. Chief Executive Officer
Rolling hot sites
Content dependant
Accreditation
CEO
15. Network devices that operate at layer 3. This device separates broadcast domains.
Salami Slicing
Routers
Granularity
Digital certificates
16. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
DAD
Dumpster diving
/etc/passwd
CGI (The Common Gateway Interface)
17. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Risk Acceptance
Tailgating / Piggybacking
Mandatory vacation
Object Oriented Programming
18. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Telnet
Termination procedures
Biometric profile
Spoofing
19. Reasonable doubt
Hearsay Evidence
Incentive programs
Burden of Proof
Fiber optic
20. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Hot Site
ROT-13
Two-Factor Authentication
Halon
21. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
TCSEC
Trademark
Schema
Biometrics
22. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
Warm Site
Certification
Out of band
23. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Tort
Software librarian
Honey pot
Content dependant
24. CISSPs subscribe to a code of ethics for building up the security profession
Rijndael
Hearsay Evidence
Expert System
Code of ethics
25. Dialing fixed sets telephone numbers looking for open modem connections to machines
DAD
Risk Acceptance
Data remanence
War dialing
26. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
Cold Site
Birthday attack
Hubs
27. Computer Incident Response Team
Username/password
Twisted pair
Callback Security/Call Forwarding
CIRT
28. The person that determines the permissions to files. The data owner.
l0pht
Owner
Back door/ trap door/maintenance hook
SSL/TLS
29. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
ISDN (Integrated Services Digital Network)
Hoax
Kerberos
Copyright
30. In the broadest sense - a fraud is a deception made for personal gain
Security Awareness Training
Fraud
Raid 0 - 1 - 3 - 5
Transposition
31. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
ROM (Read-only memory)
Risk Transferring
MitM
Warm Site
32. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Smart cards
Hacker
Centralized
OEP
33. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Code of ethics
Brewer-Nash model
Hackers
Kerberos
34. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Routers
Accountability
BIA
SSO (Single sign-on)
35. Also civil law
Malware
Tort
Cold Site
Teardrop
36. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
DOS
Inference
Buffer overflow
NAT
37. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
SQL (Structured Query Language)
Tokens
Hoax
Qualitative
38. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ALE (Annualized Loss Expectancy)
Fire extinguisher
Due Diligence
Promiscuous mode
39. Internet Relay Chat.
Exit interview
Back door/ trap door/maintenance hook
Security Awareness Training
IRC
40. The user
Artificial Neural Networks (ANN)
Risk Analysis
User
Passive attacks
41. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DOS
Callback Security/Call Forwarding
Finger printing
Multitasking
42. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Hot Site
Debug
COOP
Key Escrow
43. Relating to quality or kind. This assigns a level of importance to something.
Telnet
Qualitative
Throughput of a Biometric System
FAR/FRR/CER
44. Closed Circuit Television
CCTV
Qualitative
Phreaker
EF (Exposure Factor)
45. Signal degradation as it moves farther from its source
Script kiddies
Guards
Attenuation
Noise & perturbation
46. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Acceptable use
Echelon
Logic bomb
CIA
47. Emanations from one wire coupling with another wire
Crosstalk
ARP (Address Resolution Protocol)
SSH
Polymorphism
48. An instance of a scripting language
Warm Site
Script
Stream cipher
MOM
49. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Private Addressing
Two-Factor Authentication
Service packs
CIRT
50. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Base-64
NAT
Promiscuous mode
Noise & perturbation