SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Format 7 times
Keystroke logging
Exit interview
Risk Management
2. Motive - Opportunity - and Means. These deal with crime.
Cryptanalysis
Finger scanning
Script kiddies
MOM
3. Dialing fixed sets telephone numbers looking for open modem connections to machines
Expert systems
Embezzlement
Multitasking
War dialing
4. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Penetration testing
Trojan horses
Smurf
Trademark
5. Object Linking and Embedding. The ability of an object to be embedded into another object.
Clipper Chip
OLE
Nonce
Hacker
6. To not be legal (as far as law is concerned) or ethical
Finger scanning
Key Escrow
ISDN (Integrated Services Digital Network)
Illegal/Unethical
7. Be at least 8 foot tall and have three strands of barbed wire.
MitM
Username/password
Fences
AES (Advanced Encryption Standard)
8. Threat to physical security.
Sabotage
Bugtraq
Wiretapping
SQL (Structured Query Language)
9. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Private Addressing
Tort
Caesar Cipher
SESAME
10. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Artificial Neural Networks (ANN)
Due Care
Service packs
ROM (Read-only memory)
11. Software designed to infiltrate or damage a computer system - without the owner's consent.
Clipper Chip
Embezzlement
SLE (Single Loss Expectancy or Exposure)
Malware
12. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Raid 0 - 1 - 3 - 5
ROM (Read-only memory)
Virtual machine
Incentive programs
13. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Risk Acceptance
Key Escrow
Patriot Act
14. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
SQL (Structured Query Language)
Data Mart
Biometrics
CIRT
15. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
DHCP
Promiscuous mode
Copyright
Object Oriented Programming
16. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
OLE
Hoax
Encryption
Degausser
17. The output of a hash function is a digest.
Asymmetric
Enticement
Digest
Tailgating / Piggybacking
18. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
Out of band
Hearsay Evidence
Burden of Proof
19. Network device that operates at layer 1. Concentrator.
Block cipher
Sniffing
Security Perimeter
Hubs
20. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Private Addressing
Security Perimeter
Joke
Covert channels
21. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
Embezzlement
Acceptable use
Trade Secret
22. An attempt to trick the system into believing that something false is real
Hoax
Worm
Sabotage
Joke
23. Entails planning and system actions to ensure that a project is following good quality management practices
Quality Assurance
Substitution
Checksum
Reciprocal agreement
24. The person that determines the permissions to files. The data owner.
Debug
Virtual Memory/Pagefile.sys
Multithreading
Owner
25. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
COM
Call tree
Digital signing
Java
26. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Out of band
Packet Sniffing
Asymmetric
Guards
27. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Wiretapping
Probing
Qualitative
Trademark
28. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Buffer overflow
Granularity
DOS
Caesar Cipher
29. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Fiber optic
Separation of duties
Clipper Chip
Carnivore
30. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Covert channels
Buffer overflow
Trade Secret
UUEncode
31. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Quantitative
Tailgating / Piggybacking
Hackers
32. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Data remanence
Key Escrow
Scanning
PKI
33. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
ISDN (Integrated Services Digital Network)
SESAME
Certification
Bugtraq
34. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Normalization
SLE (Single Loss Expectancy or Exposure)
SQL (Structured Query Language)
TCP Wrappers
35. When one key of a two-key pair has more encryption pattern than the other
CD-Rom
Format 7 times
CRC (Cyclic Redundancy Check)
Asymmetric
36. The user
Expert systems
User
Illegal/Unethical
Birthday attack
37. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Due Diligence
Expert systems
Trademark
Hash
38. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Object Oriented Programming
Open network
Teardrop
Eavesdropping
39. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
War driving
Biometric profile
TCSEC
40. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Fraggle
CIA
Routers
DHCP
41. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
/etc/passwd
Technical - Administrative - Physical
Accreditation
Kerberos
42. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Toneloc
DOS
Expert systems
Risk Management
43. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
/etc/passwd
Trade Secret
RAM (Random-access memory)
Cold Site
44. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Cookies
Polymorphism
Transposition
Finger scanning
45. Jumping into dumpsters to retrieve information about someone/something/a company
Audit Trail
Attenuation
Java
Dumpster diving
46. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Malware
Change management
Attenuation
Inference
47. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
WTLS (Wireless Transport Layer Security)
Degausser
CIRT
ROM (Read-only memory)
48. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Hearsay Evidence
Trojan horses
CGI (The Common Gateway Interface)
Fences
49. Providing verification to a system
Brewer-Nash model
Carnivore
Authentication
Privacy Act of 1974
50. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Risk Analysis
Cold Site
CIA
Clipper Chip