SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The person that determines the permissions to files. The data owner.
TEMPEST
TCP Wrappers
Owner
Artificial Neural Networks (ANN)
2. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Transposition
Kerberos
Service packs
Identification
3. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
Logic bomb
Trade Secret
Out of band
4. A network that mimics the brain
SESAME
Authorization creep
Patriot Act
Artificial Neural Networks (ANN)
5. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
CCTV
Script kiddies
TCB
Digital signing
6. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DOS
WAP (Wireless Application Protocol)
MOM
Aggregation
7. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Accreditation
PAP (Password Authentication Protocol)
Risk Mitigation
Base-64
8. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
WTLS (Wireless Transport Layer Security)
Mandatory vacation
Detective - Preventive - Corrective
9. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
DCOM
Brewer-Nash model
Patent
Object Oriented Programming
10. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
l0pht
Brute Force
Promiscuous mode
11. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Bastion hosts
Code of ethics
SLE (Single Loss Expectancy or Exposure)
l0pht
12. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Termination procedures
Service packs
COM
Switches / Bridges
13. Also known as a tunnel)
Coax
VPN (Virtual Private Network)
ARO (Annualized Rate of Occurrence)
Software librarian
14. Network Address Translation
Reciprocal agreement
Non-repudiation
Detective - Preventive - Corrective
NAT
15. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Callback Security/Call Forwarding
Brute Force
Privacy Act of 1974
Identification
16. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
Man trap
Twisted pair
Dogs
17. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Keystroke logging
Two-Factor Authentication
Privacy Act of 1974
Out of band
18. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
AES (Advanced Encryption Standard)
Call tree
Fire extinguisher
Caesar Cipher
19. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Crosstalk
SSL/TLS
DHCP
ActiveX Object Linking and Embedding
20. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Copyright
Firewall types
Object Oriented Programming
PKI
21. The output of a hash function is a digest.
Debug
Digest
Tort
Fences
22. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Common criteria
Degausser
Expert System
Bugtraq
23. In a separation of duties model - this is where code is checked in and out
Software librarian
Firewall types
Security Perimeter
Illegal/Unethical
24. Setting up the user to access the honeypot for reasons other than the intent to harm.
RADIUS (Remote authentication dial-in user service)
Switches / Bridges
IAB
Entrapment
25. Motive - Opportunity - and Means. These deal with crime.
Incentive programs
Kerberos
Two-Factor Authentication
MOM
26. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Social engineering
PAP (Password Authentication Protocol)
Non-repudiation
Echelon
27. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Digital certificates
Burden of Proof
COOP
28. A system designed to stop piggybacking.
Man trap
Routers
Buffer overflow
Username/password
29. Dynamic Host Configuration Protocol.
Asset Value
Firewall types
ROT-13
DHCP
30. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
CRC (Cyclic Redundancy Check)
Raid 0 - 1 - 3 - 5
Exit interview
31. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Joke
TCB
ARP (Address Resolution Protocol)
Code of ethics
32. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Quality Assurance
SSO (Single sign-on)
Mandatory vacation
Carnivore
33. Motivational tools for employee awareness to get them to report security flaws in an organization
Service packs
Scanning
Incentive programs
Kerberos
34. Personal - Network - and Application
Content dependant
Decentralized
Firewall types
Malware
35. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Key Escrow
DNS cache poisoning
Risk Mitigation
Substitution
36. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Private Addressing
Patent
CIRT
Vulnerability analysis tools
37. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Certification
Acceptable use
Qualitative
Risk Acceptance
38. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Passive attacks
DDOS
Promiscuous mode
Risk Mitigation
39. Scanning the airwaves for radio transmissions
Expert systems
SYN Flood
Session Hijacking
Scanning
40. These can be used to verify that public keys belong to certain individuals.
Phreaker
Scanning
Digital certificates
Active attacks
41. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Salami Slicing
Embezzlement
Bugtraq
Accreditation
42. The frequency with which a threat is expected to occur.
Halon
Fraud
ARO (Annualized Rate of Occurrence)
Fraggle
43. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
War dialing
Artificial Neural Networks (ANN)
ARP (Address Resolution Protocol)
Patent
44. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Warm Site
Vulnerability analysis tools
Brute Force
Joke
45. The practice of obtaining confidential information by manipulation of legitimate users.
Hubs
Classes of IP networks
Substitution
Social engineering
46. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Detective - Preventive - Corrective
ALE (Annualized Loss Expectancy)
Key Escrow
Copyright
47. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
VLANs
Back door/ trap door/maintenance hook
IRC
DHCP
48. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
WTLS (Wireless Transport Layer Security)
Fire extinguisher
Job rotation
Object Oriented Programming
49. An instance of a scripting language
Script
Teardrop
Finger scanning
Asymmetric
50. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Enticement
SSH
Fire extinguisher
Promiscuous mode