SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Internet Architecture Board. This board is responsible for protecting the Internet.
Security Perimeter
CEO
IAB
Detective - Preventive - Corrective
2. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Username/password
Hardware
Security kernel
Firmware
3. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ALE (Annualized Loss Expectancy)
BIOS
Sniffing
Dumpster diving
4. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Compiler
Digital certificates
DMZ
Entrapment
5. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Service packs
SQL (Structured Query Language)
Birthday attack
Virtual machine
6. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Masquerade
UUEncode
Granularity
Mandatory vacation
7. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Audit Trail
Expert System
Risk Management
CCTV
8. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Audit Trail
Penetration testing
AES (Advanced Encryption Standard)
Data remanence
9. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Detective - Preventive - Corrective
Change management
Probing
Biometrics
10. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Social engineering
Caesar Cipher
Finger printing
Substitution
11. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
OSI Model
Covert channels
Incentive programs
12. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Due Diligence
DNS cache poisoning
Qualitative
Degausser
13. Public Key Infrastructure
CEO
Fire extinguisher
Motion detector
PKI
14. Dynamic Host Configuration Protocol.
Biometrics
DHCP
Expert System
Username/password
15. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Fraggle
Enticement
Certification
Joke
16. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Brute Force
NAT
BIA
Tailgating / Piggybacking
17. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Software
FAR/FRR/CER
Substitution
Fences
18. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
Burden of Proof
Key Escrow
DDOS
19. Network Address Translation
NAT
Polymorphic
Trademark
Hoax
20. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Object Oriented Programming
Digital signing
Sniffing
Firmware
21. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Qualitative
Noise & perturbation
CORBA
Senior Management
22. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Owner
Object Oriented Programming
Centralized
Fire extinguisher
23. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
Caesar Cipher
Clipper Chip
Buffer overflow
24. These can be used to verify that public keys belong to certain individuals.
Covert channels
Dogs
Promiscuous mode
Digital certificates
25. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Clipper Chip
Replay
ROT-13
OLE
26. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
MitM
Raid 0 - 1 - 3 - 5
IAB
Fences
27. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Due Care
Attenuation
Block cipher
Multipartite
28. The real cost of acquiring/maintaining/developing a system
Tokens
Debug
Bugtraq
Asset Value
29. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
TACACS (Terminal access controller access control system)
Passive attacks
Toneloc
VPN (Virtual Private Network)
30. Confidentiality - Integrity - and Availability
Biometrics
Smurf
Substitution
CIA
31. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Worm
SLE (Single Loss Expectancy or Exposure)
Masquerade
Brewer-Nash model
32. The output of a hash function is a digest.
Social engineering
MOM
Code of ethics
Digest
33. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Kerberos
Audit Trail
Boot-sector Virus
Java
34. When one key of a two-key pair has more encryption pattern than the other
SSH
Asymmetric
Attenuation
Firmware
35. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Phreaker
Worm
Qualitative
Packet Sniffing
36. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
CGI (The Common Gateway Interface)
Private Addressing
SQL (Structured Query Language)
Risk Management
37. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Joke
Firewall types
Closed network
Substitution
38. An attempt to trick the system into believing that something false is real
Noise & perturbation
Hoax
Object Oriented Programming
Open network
39. Data storage formats and equipment that allow the stored data to be accessed in any order
Callback Security/Call Forwarding
RAM (Random-access memory)
Private Addressing
Polymorphic
40. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
Phreaker
Identification
Clipper Chip
41. Disclosure - Alteration - Destruction. These things break the CIA triad
Debug
DAD
Dictionary Attack
Smart cards
42. Chief Executive Officer
Multiprocessing
Acceptable use
Multithreading
CEO
43. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Malware
Callback Security/Call Forwarding
Diffie-Hellman
Brewer-Nash model
44. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Asset Value
Switches / Bridges
Separation of duties
MitM
45. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
FAR/FRR/CER
SQL (Structured Query Language)
Incentive programs
Nonce
46. Providing verification to a system
WTLS (Wireless Transport Layer Security)
Repeaters
Brute Force
Authentication
47. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Smurf
CORBA
CCTV
Callback Security/Call Forwarding
48. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Toneloc
Common criteria
/etc/passwd
Joke
49. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Virtual machine
Attenuation
Job rotation
Digital signing
50. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Cryptanalysis
CIA
Hash
Dogs
