SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Toneloc
Covert channels
SSL/TLS
Dumpster diving
2. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Asymmetric
Fiber optic
Telnet
CRC (Cyclic Redundancy Check)
3. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
War driving
Multiprocessing
RADIUS (Remote authentication dial-in user service)
FAR/FRR/CER
4. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Hash
ActiveX Object Linking and Embedding
Qualitative
MitM
5. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Tokens
Substitution
Eavesdropping
Salami Slicing
6. Network device that operates at layer 1. Concentrator.
Hubs
SQL (Structured Query Language)
SESAME
TACACS (Terminal access controller access control system)
7. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
SESAME
MitM
Passive attacks
l0pht
8. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
VLANs
Firewall types
Echelon
ROM (Read-only memory)
9. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Wiretapping
Biometric profile
Software development lifecycle
Checksum
10. To not be legal (as far as law is concerned) or ethical
DOS
Illegal/Unethical
Dumpster diving
Incentive programs
11. The real cost of acquiring/maintaining/developing a system
Echelon
DOS
Asset Value
BIA
12. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
ISDN (Integrated Services Digital Network)
Kerberos
Hackers
Block cipher
13. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Fiber optic
Debug
Exit interview
Spoofing
14. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Certification
UUEncode
SLE (Single Loss Expectancy or Exposure)
Script kiddies
15. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
SSH
Switches / Bridges
Script kiddies
Keystroke logging
16. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
SSH
DNS cache poisoning
Qualitative
Crosstalk
17. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Worm
Replay
Covert channels
Smurf
18. Basic Input/Output System
Toneloc
WAP (Wireless Application Protocol)
Bugtraq
BIOS
19. More discriminate than dogs
Compiler
Guards
Checksum
Tailgating / Piggybacking
20. The process of reducing your risks to an acceptable level based on your risk analysis
MOM
Entrapment
Risk Mitigation
CRC (Cyclic Redundancy Check)
21. When security is managed at a central point in an organization
Senior Management
Centralized
Content dependant
ActiveX Object Linking and Embedding
22. A network that uses standard protocols (TCP/IP)
Burden of Proof
Switches / Bridges
War driving
Open network
23. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
War driving
Tailgating / Piggybacking
Motion detector
Compiler
24. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Hacker
Reciprocal agreement
Cookies
Patriot Act
25. Internet Architecture Board. This board is responsible for protecting the Internet.
IAB
Termination procedures
DNS cache poisoning
Bugtraq
26. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
Tailgating / Piggybacking
Software librarian
PAP (Password Authentication Protocol)
27. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
BIA
DHCP
Security Awareness Training
Open network
28. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Toneloc
Sniffing
Non-repudiation
Software librarian
29. Setting up the user to access the honeypot for reasons other than the intent to harm.
ROM (Read-only memory)
Entrapment
ALE (Annualized Loss Expectancy)
Data Mart
30. Good for distance - longer than 100M
Masquerade
DDOS
Coax
Aggregation
31. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Base-64
Guards
Data remanence
Spoofing
32. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Authorization creep
Compiler
CGI (The Common Gateway Interface)
Inference
33. Method of authenticating to a system. Something that you supply and something you know.
BIOS
Joke
Cold Site
Username/password
34. A military standard defining controls for emanation protection
Asymmetric
TEMPEST
Classes of IP networks
WTLS (Wireless Transport Layer Security)
35. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
DMZ
Technical - Administrative - Physical
Macro
Compiler
36. Dynamic Host Configuration Protocol.
Back door/ trap door/maintenance hook
Accountability
Buffer overflow
DHCP
37. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
UUEncode
ALE (Annualized Loss Expectancy)
OLE
38. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Authentication
Risk Transferring
Brewer-Nash model
DDOS
39. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Hot Site
ActiveX Object Linking and Embedding
PKI
Finger scanning
40. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Noise & perturbation
CHAP
SYN Flood
Smart cards
41. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Throughput of a Biometric System
DDOS
Username/password
SQL (Structured Query Language)
42. Someone whose hacking is primarily targeted at the phone systems
Tailgating / Piggybacking
Finger scanning
Encryption
Phreaker
43. A RFC standard. A mechanism for performing commands on a remote system
Echelon
Software
Telnet
Multithreading
44. A site that has some equipment in place - and can be up within days
Session Hijacking
Eavesdropping
Warm Site
Custodian
45. Software designed to infiltrate or damage a computer system - without the owner's consent.
ActiveX Object Linking and Embedding
Birthday attack
Joke
Malware
46. Chief Information Officer
Repeaters
CIO
Patriot Act
Probing
47. Involving the measurement of quantity or amount.
DAD
Macro
VPN (Virtual Private Network)
Quantitative
48. The intercepting of conversations by unintended recipients
Biometrics
Patriot Act
Cold Site
Eavesdropping
49. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
COOP
Code of ethics
Joke
50. A site that is ready physically but has no hardware in place - all it has is HVAC
VLANs
Cold Site
DAD
Trap Door
