SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Service packs
Termination procedures
Kerberos
Tokens
2. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Checksum
ActiveX Object Linking and Embedding
Spoofing
3. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
CD-Rom
MOM
Polymorphic
Clipping levels
4. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Script
Tokens
Logic bomb
TCP Wrappers
5. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
TCP Wrappers
Fiber optic
Twisted pair
Code of ethics
6. Chief Information Officer
Toneloc
Transposition
Degausser
CIO
7. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Data Mart
IAB
Risk Acceptance
Kerberos
8. Same as a block cipher except that it is applied to a data stream one bit at a time
Stream cipher
Multiprocessing
Keystroke logging
Authentication
9. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Separation of duties
Trap Door
Kerberos
Rijndael
10. When one key of a two-key pair has more encryption pattern than the other
Asymmetric
Incentive programs
Risk Mitigation
Guards
11. When security is managed at many different points in an organization
Decentralized
DAD
Security kernel
Stream cipher
12. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
IAB
Digital signing
Dogs
13. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Senior Management
Polymorphic
Transposition
Encryption
14. Disclosure - Alteration - Destruction. These things break the CIA triad
Skipjack
DAD
Sniffing
DMZ
15. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brewer-Nash model
Base-64
Firmware
SQL (Structured Query Language)
16. Basic Input/Output System
Inference
Fences
UUEncode
BIOS
17. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Block cipher
Finger scanning
Incentive programs
Salami Slicing
18. Internet Architecture Board. This board is responsible for protecting the Internet.
PAP (Password Authentication Protocol)
Trademark
IAB
Risk Mitigation
19. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Smurf
Granularity
Worm
20. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
ROT-13
Security kernel
Worm
Skipjack
21. Internet Relay Chat.
DOS
User
IRC
Social engineering
22. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Callback Security/Call Forwarding
Wiretapping
Raid 0 - 1 - 3 - 5
DOS
23. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Call tree
Sniffing
l0pht
Degausser
24. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Classes of IP networks
ROM (Read-only memory)
Risk Acceptance
Vulnerability analysis tools
25. Animals with teeth. Not as discriminate as guards
Software development lifecycle
DOS
Dogs
Noise & perturbation
26. Network devices that operate at layer 3. This device separates broadcast domains.
TCB
UUEncode
Routers
Closed network
27. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
CRC (Cyclic Redundancy Check)
Code of ethics
Classes of IP networks
Social engineering
28. A RFC standard. A mechanism for performing commands on a remote system
Honey pot
Security Awareness Training
Telnet
Warm Site
29. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
TEMPEST
Halon
Masquerade
Kerberos
30. Common Object Request Broker Architecture.
CORBA
Illegal/Unethical
CIRT
SSL/TLS
31. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
WAP (Wireless Application Protocol)
Sniffing
Patent
CCTV
32. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
Guards
Dumpster diving
Joke
33. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
War driving
Clipping levels
Finger printing
Detective - Preventive - Corrective
34. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
War driving
Data Mart
OSI Model
SSH
35. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Polymorphism
VPN (Virtual Private Network)
Dumpster diving
FAR/FRR/CER
36. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
WAP (Wireless Application Protocol)
Change management
Smurf
Guards
37. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
SLE (Single Loss Expectancy or Exposure)
Man trap
Schema
38. Ethernet - Cat5 - Twisted to allow for longer runs.
Username/password
Due Diligence
OLE
Twisted pair
39. Setting up the user to access the honeypot for reasons other than the intent to harm.
Passive attacks
Entrapment
Base-64
Promiscuous mode
40. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Technical - Administrative - Physical
Birthday attack
Probing
Masquerade
41. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Vulnerability analysis tools
Toneloc
Script
42. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Replay
Kerberos
Two-Factor Authentication
SYN Flood
43. Motive - Opportunity - and Means. These deal with crime.
MOM
Trap Door
Software development lifecycle
CRC (Cyclic Redundancy Check)
44. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Motion detector
Classes of IP networks
Clipping levels
Audit Trail
45. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Vulnerability analysis tools
Object Oriented Programming
Risk Acceptance
Cyphertext only
46. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Rolling hot sites
Object Oriented Programming
Multipartite
Common criteria
47. Someone whose hacking is primarily targeted at the phone systems
Logic bomb
Telnet
SSL/TLS
Phreaker
48. Using ICMP to diagram a network
Trade Secret
DNS cache poisoning
Probing
Expert systems
49. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Senior Management
Guards
Owner
50. Object Linking and Embedding. The ability of an object to be embedded into another object.
OLE
Bugtraq
Cryptanalysis
ROM (Read-only memory)
