SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The frequency with which a threat is expected to occur.
MitM
ROM (Read-only memory)
ARO (Annualized Rate of Occurrence)
Non-repudiation
2. Scanning the airwaves for radio transmissions
Honey pot
Expert systems
Guards
Scanning
3. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Privacy Act of 1974
Digital signing
Vulnerability analysis tools
Rolling hot sites
4. Rolling command center with UPS - satellite - uplink - power - etc.
Carnivore
Patent
Rolling hot sites
Routers
5. Same as a block cipher except that it is applied to a data stream one bit at a time
Encryption
l0pht
Stream cipher
OLE
6. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
Senior Management
Expert System
Authorization
7. A technique to eliminate data redundancy.
Job rotation
Normalization
BIOS
Virtual machine
8. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Identification
Teardrop
Due Diligence
Embezzlement
9. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Software development lifecycle
Centralized
Cryptanalysis
Expert systems
10. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Cryptanalysis
Separation of duties
PKI
Trap Door
11. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Expert System
Nonce
Normalization
12. Using ICMP to diagram a network
Copyright
Software
Probing
Hacker
13. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Brewer-Nash model
WTLS (Wireless Transport Layer Security)
SESAME
Cold Site
14. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Toneloc
DDOS
UUEncode
Raid 0 - 1 - 3 - 5
15. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Buffer overflow
Classes of IP networks
DAD
Detective - Preventive - Corrective
16. Also known as a tunnel)
Logic bomb
Finger printing
Entrapment
VPN (Virtual Private Network)
17. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Smart cards
VPN (Virtual Private Network)
Rolling hot sites
Well-known ports
18. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Call tree
BIOS
Warm Site
Polymorphic
19. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Patriot Act
Qualitative
Degausser
Toneloc
20. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
UUEncode
Entrapment
DOS
Technical - Administrative - Physical
21. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Bugtraq
Coax
Brewer-Nash model
IRC
22. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
BIOS
Biometric profile
Joke
Nonce
23. When security is managed at a central point in an organization
Probing
Centralized
Replay
Phreaker
24. More discriminate than dogs
Guards
Promiscuous mode
Data remanence
OLE
25. When two or more processes are linked and execute multiple programs simultaneously
IRC
Hash
Identification
Multiprocessing
26. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Two-Factor Authentication
Man trap
Caesar Cipher
27. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Data remanence
Java
Vulnerability analysis tools
Classes of IP networks
28. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Throughput of a Biometric System
Raid 0 - 1 - 3 - 5
Clipper Chip
Security through obscurity
29. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Echelon
Authentication
EF (Exposure Factor)
SLE (Single Loss Expectancy or Exposure)
30. Common Object Request Broker Architecture.
Patriot Act
ALE (Annualized Loss Expectancy)
Asymmetric
CORBA
31. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Multiprocessing
Privacy Act of 1974
Authentication
Coax
32. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Birthday attack
Fire extinguisher
War driving
Boot-sector Virus
33. An instance of a scripting language
Schema
Script
Authorization creep
Kerberos
34. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Key Escrow
TCB
Audit Trail
Granularity
35. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
ROM (Read-only memory)
COM
Echelon
Open network
36. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
MOM
Dictionary Attack
Boot-sector Virus
TCSEC
37. An attempt to trick the system into believing that something false is real
Hoax
Keystroke logging
Checksum
Cold Site
38. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Java
Worm
Cryptanalysis
SQL (Structured Query Language)
39. Enticing people to hit your honeypot to see how they try to access your system.
Data Mart
Enticement
Sabotage
Software librarian
40. White hat l0pht
Digital certificates
Bugtraq
Software librarian
Bastion hosts
41. A RFC standard. A mechanism for performing commands on a remote system
Schema
Mandatory vacation
Privacy Act of 1974
Telnet
42. Access control method for database based on the content of the database to provide granular access
Switches / Bridges
Custodian
Script
Content dependant
43. When one key of a two-key pair has more encryption pattern than the other
Expert systems
Asymmetric
Incentive programs
Packet Sniffing
44. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Code of ethics
Smurf
SSL/TLS
Cold Site
45. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Expert systems
Motion detector
Mandatory vacation
Dictionary Attack
46. Making individuals accountable for their actions on a system typically through the use of auditing
OLE
Spoofing
Accountability
Callback Security/Call Forwarding
47. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Burden of Proof
Termination procedures
/etc/passwd
Risk Analysis
48. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
COM
UUEncode
WTLS (Wireless Transport Layer Security)
Debug
49. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Smart cards
Script kiddies
COM
Transposition
50. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Trap Door
Format 7 times
Due Care
Caesar Cipher