SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Man trap
Twisted pair
Tokens
Wiretapping
2. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Open network
Privacy Act of 1974
CRC (Cyclic Redundancy Check)
Back door/ trap door/maintenance hook
3. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Packet Sniffing
Certification
Repeaters
Embezzlement
4. Closed Circuit Television
CCTV
ALE (Annualized Loss Expectancy)
Qualitative
Data remanence
5. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Dumpster diving
SESAME
Authorization
6. Dynamic Host Configuration Protocol.
DHCP
UUEncode
Multipartite
Username/password
7. White hat l0pht
Identification
Risk Analysis
Bugtraq
Hoax
8. Using ICMP to diagram a network
Noise & perturbation
Trade Secret
Probing
/etc/passwd
9. Animals with teeth. Not as discriminate as guards
Guards
Compiler
Dogs
Software development lifecycle
10. Method of authenticating to a system. Something that you supply and something you know.
Hash
Mandatory vacation
Username/password
Honey pot
11. Personal - Network - and Application
Risk Transferring
DDOS
Firewall types
Fences
12. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Polymorphism
Tokens
Degausser
Embezzlement
13. Network Address Translation
Passive attacks
Risk Mitigation
Firewall types
NAT
14. A network that uses standard protocols (TCP/IP)
Packet Sniffing
Open network
Spoofing
TACACS (Terminal access controller access control system)
15. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
NAT
Format 7 times
Brewer-Nash model
WAP (Wireless Application Protocol)
16. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Digital signing
Accreditation
Trademark
Common criteria
17. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Tailgating / Piggybacking
Switches / Bridges
Halon
Dogs
18. The user
User
Embezzlement
Separation of duties
Format 7 times
19. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Trap Door
CD-Rom
Buffer overflow
DNS cache poisoning
20. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Carnivore
Finger scanning
Asymmetric
Certification
21. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
DCOM
COOP
AES (Advanced Encryption Standard)
Patriot Act
22. The person that determines the permissions to files. The data owner.
Coax
Owner
Embezzlement
War dialing
23. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Tokens
Asymmetric
Motion detector
24. Object Linking and Embedding. The ability of an object to be embedded into another object.
WTLS (Wireless Transport Layer Security)
Cookies
User
OLE
25. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
MOM
Honey pot
Audit Trail
Java
26. Good for distance - longer than 100M
Noise & perturbation
Security kernel
Coax
OSI Model
27. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Closed network
Trademark
Dictionary Attack
ALE (Annualized Loss Expectancy)
28. A site that is ready physically but has no hardware in place - all it has is HVAC
Accountability
Authentication
Crosstalk
Cold Site
29. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Worm
Caesar Cipher
Common criteria
Aggregation
30. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
DMZ
Joke
Authorization creep
Sniffing
31. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Warm Site
SYN Flood
Separation of duties
Probing
32. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Replay
Expert systems
Hash
Digital certificates
33. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
DHCP
Fraud
Phreaker
34. Disclosure - Alteration - Destruction. These things break the CIA triad
Worm
DAD
Security Perimeter
Enticement
35. A technique to eliminate data redundancy.
OEP
CRC (Cyclic Redundancy Check)
Rijndael
Normalization
36. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Transposition
Private Addressing
Covert channels
37. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Virtual machine
FAR/FRR/CER
Brewer-Nash model
RAM (Random-access memory)
38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Raid 0 - 1 - 3 - 5
Bugtraq
Risk Transferring
Owner
39. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Smurf
Carnivore
Closed network
WAP (Wireless Application Protocol)
40. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
RADIUS (Remote authentication dial-in user service)
Buffer overflow
VPN (Virtual Private Network)
Brewer-Nash model
41. More discriminate than dogs
Guards
Script
Digest
Encryption
42. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Artificial Neural Networks (ANN)
IAB
Coax
Boot-sector Virus
43. Relating to quality or kind. This assigns a level of importance to something.
Degausser
DOS
MitM
Qualitative
44. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Carnivore
PAP (Password Authentication Protocol)
Worm
45. An attempt to trick the system into believing that something false is real
ActiveX Object Linking and Embedding
Call tree
Expert System
Hoax
46. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Routers
Well-known ports
Macro
Fences
47. In cryptography - it is a block cipher
Hacker
Two-Factor Authentication
Skipjack
Accountability
48. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Finger printing
Dumpster diving
OSI Model
Polymorphic
49. Confidentiality - Integrity - and Availability
Expert systems
Digital signing
CIA
Security through obscurity
50. Reasonable doubt
Burden of Proof
CORBA
Back door/ trap door/maintenance hook
Finger printing
