SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Software librarian
TACACS (Terminal access controller access control system)
UUEncode
Attenuation
2. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
FAR/FRR/CER
Routers
Brewer-Nash model
Crosstalk
3. The act of identifying yourself. Providing your identity to a system
User
Penetration testing
Worm
Identification
4. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
SSL/TLS
Brute force
Replay
Finger printing
5. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Illegal/Unethical
Multithreading
BIOS
Echelon
6. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Echelon
Worm
Technical - Administrative - Physical
Dumpster diving
7. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Fences
Encryption
Masquerade
BIOS
8. Personal - Network - and Application
Firewall types
DNS cache poisoning
Buffer overflow
Session Hijacking
9. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
MitM
Digest
DMZ
Cold Site
10. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Script
Smurf
Quantitative
SSH
11. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Data Mart
Macro
OSI Model
Software librarian
12. A mechanism by which connections to TCP services on a system are allowed or disallowed
Sabotage
Key Escrow
Reciprocal agreement
TCP Wrappers
13. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Coax
Reciprocal agreement
Certification
Exit interview
14. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
TCB
Risk Analysis
Private Addressing
Dogs
15. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Encryption
Trap Door
Embezzlement
Fire extinguisher
16. Closed Circuit Television
Entrapment
Custodian
BIOS
CCTV
17. Network Address Translation
Probing
Coax
Identification
NAT
18. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Dumpster diving
Virtual Memory/Pagefile.sys
PAP (Password Authentication Protocol)
AES (Advanced Encryption Standard)
19. Method of authenticating to a system. Something that you supply and something you know.
Username/password
Brewer-Nash model
Risk Management
ARP (Address Resolution Protocol)
20. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Entrapment
Inference
Rolling hot sites
Firewall types
21. A network entity that provides a single entrance / exit point to the Internet.
Scanning
DDOS
Java
Bastion hosts
22. Chief Executive Officer
CEO
Multipartite
Cyphertext only
Finger scanning
23. When two or more processes are linked and execute multiple programs simultaneously
War driving
Block cipher
Masquerade
Multiprocessing
24. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Out of band
Due Care
Multipartite
Risk Mitigation
25. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
DAD
Transposition
Content dependant
Quality Assurance
26. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
WAP (Wireless Application Protocol)
Digest
Mandatory vacation
Accountability
27. Confidentiality - Integrity - and Availability
WTLS (Wireless Transport Layer Security)
Virtual Memory/Pagefile.sys
Privacy Act of 1974
CIA
28. A war dialing utility
Toneloc
AES (Advanced Encryption Standard)
Logic bomb
Carnivore
29. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Throughput of a Biometric System
Dogs
Virtual Memory/Pagefile.sys
Finger scanning
30. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Hacker
NAT
Trap Door
Malware
31. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Sniffing
Brewer-Nash model
Open network
War dialing
32. Software designed to infiltrate or damage a computer system - without the owner's consent.
Malware
Finger scanning
Substitution
Diffie-Hellman
33. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Security kernel
Copyright
TCB
Centralized
34. Threat to physical security.
Digital signing
Sabotage
TCB
Brute force
35. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Due Care
Covert channels
Asset Value
Polymorphic
36. Motive - Opportunity - and Means. These deal with crime.
Authorization
MOM
Tailgating / Piggybacking
Hash
37. Accepting all packets
Security through obscurity
Bastion hosts
Promiscuous mode
Artificial Neural Networks (ANN)
38. These can be used to verify that public keys belong to certain individuals.
TCP Wrappers
Digital certificates
Common criteria
COM
39. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Worm
Authentication
Salami Slicing
Warm Site
40. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
Packet Sniffing
Dictionary Attack
Repeaters
41. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Tailgating / Piggybacking
l0pht
Expert systems
ISDN (Integrated Services Digital Network)
42. 'If you cant see it - its secure'. Bad policy to live by.
Rijndael
Certification
Wiretapping
Security through obscurity
43. CISSPs subscribe to a code of ethics for building up the security profession
Smurf
Quality Assurance
SQL (Structured Query Language)
Code of ethics
44. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Hearsay Evidence
UUEncode
Well-known ports
WAP (Wireless Application Protocol)
45. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Nonce
Passive attacks
Schema
ActiveX Object Linking and Embedding
46. Internet Architecture Board. This board is responsible for protecting the Internet.
IAB
Open network
Firewall types
Software development lifecycle
47. Object Linking and Embedding. The ability of an object to be embedded into another object.
TACACS (Terminal access controller access control system)
TCB
Macro
OLE
48. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Virtual Memory/Pagefile.sys
Nonce
PAP (Password Authentication Protocol)
Cyphertext only
49. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Aggregation
Illegal/Unethical
Digital certificates
50. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Expert System
Decentralized
Common criteria
Acceptable use
