SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network Address Translation
Service packs
NAT
PKI
Phreaker
2. Someone whose hacking is primarily targeted at the phone systems
Packet Sniffing
Asset Value
Exit interview
Phreaker
3. Be at least 8 foot tall and have three strands of barbed wire.
Fences
Firmware
Hot Site
Noise & perturbation
4. Access control method for database based on the content of the database to provide granular access
COOP
Audit Trail
CHAP
Content dependant
5. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
SSO (Single sign-on)
Audit Trail
BIOS
DDOS
6. A mechanism by which connections to TCP services on a system are allowed or disallowed
Hash
Probing
TCP Wrappers
Birthday attack
7. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Well-known ports
SSH
MitM
Honey pot
8. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Wiretapping
OEP
Logic bomb
DAD
9. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
CGI (The Common Gateway Interface)
Salami Slicing
OSI Model
Termination procedures
10. In a separation of duties model - this is where code is checked in and out
Software librarian
Cookies
Rolling hot sites
Dictionary Attack
11. The person that determines the permissions to files. The data owner.
Rijndael
Owner
Data Mart
Exit interview
12. A RFC standard. A mechanism for performing commands on a remote system
Clipping levels
Telnet
DHCP
CIO
13. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Biometrics
Risk Acceptance
Job rotation
Fiber optic
14. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
RADIUS (Remote authentication dial-in user service)
Java
DAD
Biometrics
15. The act of identifying yourself. Providing your identity to a system
Multithreading
Format 7 times
Eavesdropping
Identification
16. The user
DMZ
Hubs
User
Granularity
17. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
Burden of Proof
Clipping levels
Keystroke logging
18. A hidden communications channel on a system that allows for the bypassing of the system security policy
DDOS
Covert channels
CHAP
Digital certificates
19. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
l0pht
Audit Trail
Salami Slicing
VLANs
20. Animals with teeth. Not as discriminate as guards
Dogs
Expert System
Sabotage
Mandatory vacation
21. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
DOS
Schema
Cryptanalysis
Tokens
22. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
UUEncode
OEP
Diffie-Hellman
NAT
23. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Degausser
PAP (Password Authentication Protocol)
Worm
Brute force
24. Entails planning and system actions to ensure that a project is following good quality management practices
SSO (Single sign-on)
RAM (Random-access memory)
Quality Assurance
Hot Site
25. To not be legal (as far as law is concerned) or ethical
OEP
Sniffing
Entrapment
Illegal/Unethical
26. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Call tree
Inference
Tokens
Hot Site
27. A technique to eliminate data redundancy.
Expert System
Normalization
Software development lifecycle
CCTV
28. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Burden of Proof
Username/password
Cryptanalysis
Brute Force
29. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Callback Security/Call Forwarding
Trade Secret
Teardrop
Accountability
30. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Callback Security/Call Forwarding
Classes of IP networks
Honey pot
Tailgating / Piggybacking
31. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Spoofing
Authorization
Clipper Chip
Switches / Bridges
32. Occupant Emergency Plan - Employees are the most important!
OEP
Classes of IP networks
Tailgating / Piggybacking
Virtual machine
33. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Halon
Repeaters
Security Awareness Training
34. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Switches / Bridges
Digital signing
Back door/ trap door/maintenance hook
Acceptable use
35. White hat l0pht
CGI (The Common Gateway Interface)
Bugtraq
Polymorphism
Smurf
36. A system designed to stop piggybacking.
Man trap
Fire extinguisher
Finger printing
ROM (Read-only memory)
37. The ability to have more than one thread associated with a process
Multithreading
Security through obscurity
Biometric profile
RADIUS (Remote authentication dial-in user service)
38. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Asymmetric
Routers
Throughput of a Biometric System
Common criteria
39. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Warm Site
Acceptable use
Closed network
Technical - Administrative - Physical
40. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Digital certificates
Finger scanning
Schema
Hot Site
41. Confidentiality - Integrity - and Availability
Social engineering
CIA
Block cipher
Coax
42. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
Dictionary Attack
Decentralized
DHCP
43. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Symmetric
SLE (Single Loss Expectancy or Exposure)
WTLS (Wireless Transport Layer Security)
Clipping levels
44. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Throughput of a Biometric System
Call tree
Risk Acceptance
EF (Exposure Factor)
45. Chief Information Officer
CIO
Digital signing
Entrapment
Private Addressing
46. The practice of obtaining confidential information by manipulation of legitimate users.
Code of ethics
COM
TCP Wrappers
Social engineering
47. A sandbox. Emulates an operating environment.
Virtual machine
Privacy Act of 1974
Hoax
Aggregation
48. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Call tree
Social engineering
Packet Sniffing
Centralized
49. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Security Awareness Training
Accreditation
Replay
Custodian
50. Defines the objects and their attributes that exist in a database.
Software librarian
Schema
Risk Acceptance
Probing