SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Method of authenticating to a system. Something that you supply and something you know.
Digital signing
Centralized
Username/password
Logic bomb
2. Object Linking and Embedding. The ability of an object to be embedded into another object.
Degausser
Data remanence
Code of ethics
OLE
3. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Active attacks
Object Oriented Programming
Promiscuous mode
Custodian
4. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Schema
COM
Closed network
5. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
IRC
Biometric profile
Joke
Hearsay Evidence
6. A war dialing utility
Accountability
Two-Factor Authentication
Toneloc
War dialing
7. Once authenticated - the level of access you have to a system
DAD
Telnet
Authorization
Security Awareness Training
8. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Mandatory vacation
Common criteria
Birthday attack
Fiber optic
9. The user
Schema
Hoax
User
Mandatory vacation
10. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Scanning
Closed network
Raid 0 - 1 - 3 - 5
Exit interview
11. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
CORBA
Caesar Cipher
Data Mart
Block cipher
12. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Software development lifecycle
Multithreading
AES (Advanced Encryption Standard)
TCP Wrappers
13. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
Repeaters
Risk Analysis
Software
14. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Enticement
Reciprocal agreement
Multithreading
Change management
15. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Software librarian
Security Awareness Training
Hardware
Embezzlement
16. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
SESAME
Block cipher
Expert systems
CGI (The Common Gateway Interface)
17. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
BIOS
Embezzlement
Audit Trail
ActiveX Object Linking and Embedding
18. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Trademark
Coax
War dialing
SESAME
19. In the broadest sense - a fraud is a deception made for personal gain
Boot-sector Virus
Authorization creep
Fraud
Privacy Act of 1974
20. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Embezzlement
Vulnerability analysis tools
Social engineering
Base-64
21. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Wiretapping
Rolling hot sites
Trademark
Smurf
22. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Separation of duties
Caesar Cipher
Block cipher
PKI
23. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
COOP
Hearsay Evidence
Aggregation
Keystroke logging
24. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
OSI Model
Privacy Act of 1974
TCSEC
Non-repudiation
25. Network device that operates at layer 1. Concentrator.
Cryptanalysis
Hubs
Hearsay Evidence
Crosstalk
26. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Common criteria
DDOS
Symmetric
Cold Site
27. Component Object Model.
Common criteria
Format 7 times
COM
Quantitative
28. White hat l0pht
Debug
SESAME
Fences
Bugtraq
29. Defines the objects and their attributes that exist in a database.
Tort
Hoax
Vulnerability analysis tools
Schema
30. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Authorization
Compiler
Rijndael
SLE (Single Loss Expectancy or Exposure)
31. Animals with teeth. Not as discriminate as guards
Birthday attack
SSL/TLS
Dogs
Artificial Neural Networks (ANN)
32. Disclosure - Alteration - Destruction. These things break the CIA triad
Software librarian
Block cipher
Trademark
DAD
33. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Stream cipher
Audit Trail
Service packs
Trap Door
34. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
COM
Guards
Patriot Act
MOM
35. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Polymorphic
Script kiddies
Worm
Change management
36. A hidden communications channel on a system that allows for the bypassing of the system security policy
Aggregation
Owner
Penetration testing
Covert channels
37. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Clipping levels
Trade Secret
Passive attacks
Call tree
38. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Masquerade
PAP (Password Authentication Protocol)
Content dependant
Logic bomb
39. Network Address Translation
CGI (The Common Gateway Interface)
Security through obscurity
Software librarian
NAT
40. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
Out of band
Centralized
DDOS
41. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Security Perimeter
RADIUS (Remote authentication dial-in user service)
CEO
42. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
MitM
Accountability
l0pht
43. When two or more processes are linked and execute multiple programs simultaneously
Kerberos
Multiprocessing
SSO (Single sign-on)
Warm Site
44. A network that mimics the brain
SLE (Single Loss Expectancy or Exposure)
Burden of Proof
Artificial Neural Networks (ANN)
Routers
45. CISSPs subscribe to a code of ethics for building up the security profession
Code of ethics
Aggregation
Embezzlement
RAM (Random-access memory)
46. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Privacy Act of 1974
Patent
Session Hijacking
Smart cards
47. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Debug
Well-known ports
Common criteria
Asymmetric
48. Random Number Base
Nonce
DHCP
Artificial Neural Networks (ANN)
Virtual Memory/Pagefile.sys
49. Encompasses Risk Analysis and Risk Mitigation
DDOS
Encryption
SQL (Structured Query Language)
Risk Management
50. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Packet Sniffing
Active attacks
Wiretapping
Firmware
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests