SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
DAD
Finger scanning
Change management
Smart cards
2. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
VLANs
CRC (Cyclic Redundancy Check)
Software development lifecycle
Identification
3. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Honey pot
Vulnerability analysis tools
Hot Site
Detective - Preventive - Corrective
4. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Scanning
Technical - Administrative - Physical
Honey pot
Expert systems
5. The user
User
Aggregation
Smurf
CORBA
6. In the broadest sense - a fraud is a deception made for personal gain
Symmetric
Fraud
Logic bomb
Fiber optic
7. Continuation of Operations Plan
NAT
COOP
Hacker
Biometrics
8. Motive - Opportunity - and Means. These deal with crime.
Technical - Administrative - Physical
MOM
VLANs
Trademark
9. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
ActiveX Object Linking and Embedding
ALE (Annualized Loss Expectancy)
Finger printing
Probing
10. Basic Input/Output System
Exit interview
Biometrics
BIOS
Technical - Administrative - Physical
11. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Hot Site
Digital signing
Risk Management
Covert channels
12. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Clipper Chip
Hearsay Evidence
Cryptanalysis
Trojan horses
13. Good for distance - longer than 100M
ISDN (Integrated Services Digital Network)
Coax
PAP (Password Authentication Protocol)
Throughput of a Biometric System
14. Confidentiality - Integrity - and Availability
Warm Site
Rolling hot sites
VLANs
CIA
15. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Noise & perturbation
Hardware
Inference
Aggregation
16. Same as a block cipher except that it is applied to a data stream one bit at a time
Tokens
Hearsay Evidence
Debug
Stream cipher
17. Involving the measurement of quantity or amount.
COOP
Cold Site
Symmetric
Quantitative
18. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Detective - Preventive - Corrective
Diffie-Hellman
DNS cache poisoning
CRC (Cyclic Redundancy Check)
19. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Expert systems
Fire extinguisher
TCSEC
Scanning
20. Public Key Infrastructure
Eavesdropping
AES (Advanced Encryption Standard)
PKI
Attenuation
21. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Well-known ports
Qualitative
Penetration testing
Two-Factor Authentication
22. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Brute Force
Halon
TCB
Expert systems
23. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
PAP (Password Authentication Protocol)
Trademark
Patriot Act
Fraggle
24. Jumping into dumpsters to retrieve information about someone/something/a company
Key Escrow
Detective - Preventive - Corrective
Clipping levels
Dumpster diving
25. A network entity that provides a single entrance / exit point to the Internet.
ARO (Annualized Rate of Occurrence)
Bastion hosts
Cold Site
CIRT
26. A war dialing utility
Key Escrow
Fraud
Toneloc
Crosstalk
27. A technique to eliminate data redundancy.
Tort
Hearsay Evidence
DHCP
Normalization
28. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
SLE (Single Loss Expectancy or Exposure)
Repeaters
OEP
Man trap
29. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Macro
Exit interview
Centralized
Sabotage
30. Dialing fixed sets telephone numbers looking for open modem connections to machines
Copyright
Audit Trail
Biometrics
War dialing
31. A network that uses standard protocols (TCP/IP)
Open network
Kerberos
Hoax
Data remanence
32. Be at least 8 foot tall and have three strands of barbed wire.
OSI Model
Privacy Act of 1974
CORBA
Fences
33. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Worm
Warm Site
Polymorphic
TCB
34. This is an open international standard for applications that use wireless communications.
CHAP
Dumpster diving
WAP (Wireless Application Protocol)
Cold Site
35. The real cost of acquiring/maintaining/developing a system
NAT
Senior Management
Enticement
Asset Value
36. A site that is ready physically but has no hardware in place - all it has is HVAC
SSO (Single sign-on)
Honey pot
Private Addressing
Cold Site
37. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
/etc/passwd
Java
Promiscuous mode
Call tree
38. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Fences
WAP (Wireless Application Protocol)
Sniffing
Cyphertext only
39. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Biometric profile
Data remanence
Virtual machine
Accreditation
40. Random Number Base
l0pht
Nonce
SQL (Structured Query Language)
Privacy Act of 1974
41. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Trade Secret
CEO
Username/password
42. Rolling command center with UPS - satellite - uplink - power - etc.
Hoax
Dogs
Rolling hot sites
DMZ
43. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Vulnerability analysis tools
Risk Analysis
Authentication
Block cipher
44. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
Smart cards
Cryptanalysis
DDOS
45. The process of reducing your risks to an acceptable level based on your risk analysis
Hash
Authentication
DOS
Risk Mitigation
46. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Biometrics
Common criteria
Dictionary Attack
Hacker
47. CISSPs subscribe to a code of ethics for building up the security profession
Telnet
Code of ethics
Biometrics
Smurf
48. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Hash
CIO
SLE (Single Loss Expectancy or Exposure)
49. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
OEP
War driving
FAR/FRR/CER
Kerberos
50. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Digital signing
Keystroke logging
SSO (Single sign-on)
