SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Common criteria
SSO (Single sign-on)
Classes of IP networks
Hearsay Evidence
2. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Caesar Cipher
Technical - Administrative - Physical
Call tree
Boot-sector Virus
3. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
SSH
Out of band
Carnivore
Raid 0 - 1 - 3 - 5
4. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Sniffing
Format 7 times
SSL/TLS
5. Dialing fixed sets telephone numbers looking for open modem connections to machines
Certification
War dialing
Hearsay Evidence
Trademark
6. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Callback Security/Call Forwarding
Job rotation
Hackers
Skipjack
7. Closed Circuit Television
Trap Door
SESAME
Routers
CCTV
8. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Salami Slicing
WAP (Wireless Application Protocol)
Smart cards
Halon
9. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Cookies
Quantitative
Due Care
Active attacks
10. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Hash
Cold Site
SLE (Single Loss Expectancy or Exposure)
Tailgating / Piggybacking
11. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
CEO
Base-64
Smurf
SLE (Single Loss Expectancy or Exposure)
12. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Bugtraq
CIRT
Kerberos
Halon
13. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
DAD
Decentralized
Change management
Polymorphic
14. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Hash
Brute force
Authorization creep
15. These can be used to verify that public keys belong to certain individuals.
ActiveX Object Linking and Embedding
Digital certificates
Substitution
Carnivore
16. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Private Addressing
Fences
Termination procedures
CGI (The Common Gateway Interface)
17. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Checksum
Hacker
Back door/ trap door/maintenance hook
Fire extinguisher
18. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Service packs
NAT
Certification
Two-Factor Authentication
19. Internet Architecture Board. This board is responsible for protecting the Internet.
Accountability
Security Awareness Training
IAB
Virtual Memory/Pagefile.sys
20. Internet Relay Chat.
DNS cache poisoning
Security Perimeter
IRC
Transposition
21. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
Cyphertext only
CEO
Non-repudiation
22. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Tort
Clipper Chip
Privacy Act of 1974
Polymorphism
23. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
CHAP
Boot-sector Virus
FAR/FRR/CER
Routers
24. An instance of a scripting language
Smart cards
l0pht
Script
Cold Site
25. The practice of obtaining confidential information by manipulation of legitimate users.
Audit Trail
Identification
Social engineering
Technical - Administrative - Physical
26. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Fiber optic
Format 7 times
Probing
Virtual Memory/Pagefile.sys
27. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Non-repudiation
MOM
Data Mart
Copyright
28. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Security through obscurity
Halon
Back door/ trap door/maintenance hook
29. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Passive attacks
Asymmetric
Trade Secret
Hearsay Evidence
30. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
ISDN (Integrated Services Digital Network)
Clipping levels
Tokens
Multipartite
31. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
CIA
Block cipher
Fraud
Buffer overflow
32. Entails planning and system actions to ensure that a project is following good quality management practices
Data Mart
PAP (Password Authentication Protocol)
Callback Security/Call Forwarding
Quality Assurance
33. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Back door/ trap door/maintenance hook
Object Oriented Programming
RADIUS (Remote authentication dial-in user service)
Man trap
34. Jumping into dumpsters to retrieve information about someone/something/a company
Well-known ports
Cold Site
Dumpster diving
Twisted pair
35. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Aggregation
Data remanence
Carnivore
Asset Value
36. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
UUEncode
Degausser
CGI (The Common Gateway Interface)
Trojan horses
37. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
BIA
Transposition
CGI (The Common Gateway Interface)
Trojan horses
38. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Spoofing
Key Escrow
Rolling hot sites
DOS
39. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Finger printing
Certification
Finger scanning
DMZ
40. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Termination procedures
OLE
OSI Model
Masquerade
41. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Noise & perturbation
Compiler
/etc/passwd
Hot Site
42. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Echelon
NAT
Brute force
Block cipher
43. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Dictionary Attack
Schema
Multipartite
Dogs
44. Repeats the signal. It amplifies the signal before sending it on.
FAR/FRR/CER
Transposition
Skipjack
Repeaters
45. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
DDOS
Java
Teardrop
Due Care
46. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Birthday attack
Boot-sector Virus
Honey pot
OLE
47. The art of breaking code. Testing the strength of an algorithm.
Boot-sector Virus
Masquerade
Object Oriented Programming
Cryptanalysis
48. Once authenticated - the level of access you have to a system
Authorization
IAB
Senior Management
CGI (The Common Gateway Interface)
49. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Scanning
Object Oriented Programming
Non-repudiation
User
50. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
TACACS (Terminal access controller access control system)
/etc/passwd
Wiretapping
Detective - Preventive - Corrective