SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Skipjack
CCTV
Dogs
2. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
COOP
Boot-sector Virus
Caesar Cipher
PAP (Password Authentication Protocol)
3. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
OLE
Session Hijacking
Transposition
CIRT
4. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Qualitative
Risk Management
Copyright
Due Diligence
5. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Hash
Smurf
War driving
UUEncode
6. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Bastion hosts
WAP (Wireless Application Protocol)
Hubs
Aggregation
7. Confidentiality - Integrity - and Availability
Termination procedures
CIA
Wiretapping
Multiprocessing
8. Enticing people to hit your honeypot to see how they try to access your system.
Identification
Enticement
Classes of IP networks
Content dependant
9. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Granularity
OEP
Closed network
Back door/ trap door/maintenance hook
10. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
ALE (Annualized Loss Expectancy)
Logic bomb
Carnivore
Buffer overflow
11. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Inference
Reciprocal agreement
ROT-13
SSL/TLS
12. Software designed to infiltrate or damage a computer system - without the owner's consent.
Malware
Smart cards
Qualitative
CIRT
13. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Call tree
Throughput of a Biometric System
Granularity
14. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Hot Site
Inference
Encryption
Software librarian
15. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Authorization
Fraud
Java
SSO (Single sign-on)
16. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
NAT
Schema
Smurf
WTLS (Wireless Transport Layer Security)
17. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Embezzlement
Macro
Trap Door
COOP
18. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
ARO (Annualized Rate of Occurrence)
Digital signing
Social engineering
19. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Dumpster diving
Senior Management
TACACS (Terminal access controller access control system)
CHAP
20. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Toneloc
DMZ
Detective - Preventive - Corrective
Masquerade
21. Common Object Request Broker Architecture.
Security through obscurity
CORBA
Biometrics
TACACS (Terminal access controller access control system)
22. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Digital signing
Embezzlement
Teardrop
CIA
23. A hidden communications channel on a system that allows for the bypassing of the system security policy
Digital certificates
Transposition
Covert channels
Call tree
24. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Logic bomb
Brewer-Nash model
Due Care
Privacy Act of 1974
25. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
UUEncode
Encryption
Dictionary Attack
EF (Exposure Factor)
26. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Hot Site
BIA
Fraggle
DDOS
27. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Username/password
Fraud
Cookies
NAT
28. Defines the objects and their attributes that exist in a database.
Schema
Due Care
Sabotage
Active attacks
29. Assuming someone's session who is unaware of what you are doing
Telnet
Technical - Administrative - Physical
Session Hijacking
Software librarian
30. In a separation of duties model - this is where code is checked in and out
Identification
Hoax
Twisted pair
Software librarian
31. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Sabotage
Smurf
War driving
ISDN (Integrated Services Digital Network)
32. When security is managed at a central point in an organization
Throughput of a Biometric System
Halon
Centralized
Cyphertext only
33. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
DHCP
Risk Acceptance
Audit Trail
Throughput of a Biometric System
34. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
AES (Advanced Encryption Standard)
Authentication
Service packs
Patent
35. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Nonce
Covert channels
RADIUS (Remote authentication dial-in user service)
COOP
36. Also civil law
Termination procedures
Tort
DHCP
Digital certificates
37. Network devices that operate at layer 3. This device separates broadcast domains.
Security through obscurity
Routers
Common criteria
Key Escrow
38. The person that controls access to the data
Custodian
Tailgating / Piggybacking
Honey pot
SQL (Structured Query Language)
39. In cryptography - it is a block cipher
Illegal/Unethical
CD-Rom
Skipjack
Rolling hot sites
40. Using ICMP to diagram a network
Bastion hosts
Social engineering
Boot-sector Virus
Probing
41. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Certification
Encryption
Incentive programs
Bastion hosts
42. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Exit interview
Replay
Change management
Acceptable use
43. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Trojan horses
CIO
Debug
Packet Sniffing
44. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Certification
VPN (Virtual Private Network)
Block cipher
45. A war dialing utility
Toneloc
Rolling hot sites
Multitasking
OEP
46. CISSPs subscribe to a code of ethics for building up the security profession
Substitution
Multitasking
Passive attacks
Code of ethics
47. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
SQL (Structured Query Language)
Object Oriented Programming
Polymorphic
DAD
48. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Checksum
ROM (Read-only memory)
Scanning
MitM
49. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Clipper Chip
ROT-13
COM
Privacy Act of 1974
50. Good for distance - longer than 100M
Two-Factor Authentication
Coax
Salami Slicing
Well-known ports