SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Probing
Diffie-Hellman
Callback Security/Call Forwarding
Coax
2. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Private Addressing
Open network
Polymorphism
Granularity
3. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Rolling hot sites
Rijndael
Copyright
/etc/passwd
4. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Security through obscurity
Key Escrow
Custodian
SSH
5. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
IRC
Throughput of a Biometric System
SQL (Structured Query Language)
COM
6. When security is managed at many different points in an organization
Decentralized
BIA
Quantitative
Fire extinguisher
7. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Hearsay Evidence
Privacy Act of 1974
Multitasking
Hardware
8. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Polymorphism
CEO
Motion detector
CRC (Cyclic Redundancy Check)
9. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Back door/ trap door/maintenance hook
Hubs
Multithreading
Symmetric
10. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Accountability
TEMPEST
SSL/TLS
Cookies
11. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
TACACS (Terminal access controller access control system)
Hash
Salami Slicing
Data remanence
12. Animals with teeth. Not as discriminate as guards
AES (Advanced Encryption Standard)
Enticement
Probing
Dogs
13. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Joke
DMZ
Birthday attack
Fences
14. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
DCOM
Hot Site
Fire extinguisher
TCB
15. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Quality Assurance
Caesar Cipher
Skipjack
Trap Door
16. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Worm
Risk Acceptance
/etc/passwd
Polymorphism
17. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
TEMPEST
Polymorphism
SLE (Single Loss Expectancy or Exposure)
18. A RFC standard. A mechanism for performing commands on a remote system
Clipping levels
Probing
Telnet
Digest
19. Network device that operates at layer 1. Concentrator.
Trap Door
Hubs
Risk Acceptance
Polymorphic
20. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Script
PKI
EF (Exposure Factor)
ActiveX Object Linking and Embedding
21. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Block cipher
Due Care
Hash
Clipping levels
22. Transferring your risk to someone else - typically an insurance company
Fences
Diffie-Hellman
Firmware
Risk Transferring
23. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Granularity
Biometric profile
Salami Slicing
Script
24. A technique to eliminate data redundancy.
Hash
Normalization
CGI (The Common Gateway Interface)
Bastion hosts
25. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Warm Site
War driving
Fiber optic
SSL/TLS
26. Be at least 8 foot tall and have three strands of barbed wire.
Decentralized
SQL (Structured Query Language)
Fences
Embezzlement
27. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Security kernel
SQL (Structured Query Language)
DMZ
TEMPEST
28. A hidden communications channel on a system that allows for the bypassing of the system security policy
RADIUS (Remote authentication dial-in user service)
CGI (The Common Gateway Interface)
Hubs
Covert channels
29. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Virtual Memory/Pagefile.sys
Code of ethics
ARP (Address Resolution Protocol)
Compiler
30. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
l0pht
WAP (Wireless Application Protocol)
Firmware
Authorization
31. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Common criteria
TACACS (Terminal access controller access control system)
Qualitative
Substitution
32. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Out of band
Dictionary Attack
Copyright
33. Relating to quality or kind. This assigns a level of importance to something.
Certification
Qualitative
Teardrop
Schema
34. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Phreaker
Patent
Replay
Clipper Chip
35. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
Salami Slicing
Clipping levels
CIRT
36. Computer Incident Response Team
CIRT
SYN Flood
Exit interview
Custodian
37. Internet Architecture Board. This board is responsible for protecting the Internet.
SYN Flood
IAB
AES (Advanced Encryption Standard)
/etc/passwd
38. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Passive attacks
DOS
Risk Management
Bastion hosts
39. Software designed to infiltrate or damage a computer system - without the owner's consent.
BIOS
SESAME
Embezzlement
Malware
40. When two or more processes are linked and execute multiple programs simultaneously
Replay
Multiprocessing
Illegal/Unethical
Social engineering
41. Component Object Model.
Aggregation
Attenuation
DDOS
COM
42. Someone whose hacking is primarily targeted at the phone systems
EF (Exposure Factor)
Checksum
Phreaker
Substitution
43. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
War dialing
Security kernel
Vulnerability analysis tools
44. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Object Oriented Programming
Worm
SESAME
Promiscuous mode
45. Scanning the airwaves for radio transmissions
Scanning
SESAME
Bastion hosts
PAP (Password Authentication Protocol)
46. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Kerberos
Fraggle
Risk Mitigation
47. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
CIRT
Due Diligence
Data Mart
Multipartite
48. A site that is ready physically but has no hardware in place - all it has is HVAC
Cold Site
Well-known ports
Mandatory vacation
Digital certificates
49. Confidentiality - Integrity - and Availability
Covert channels
Worm
CIA
Fences
50. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Finger printing
Logic bomb
Virtual machine
Social engineering