SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Salami Slicing
Honey pot
Fire extinguisher
Software development lifecycle
2. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Digest
PAP (Password Authentication Protocol)
SYN Flood
Rijndael
3. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Dictionary Attack
Fire extinguisher
Embezzlement
Virtual Memory/Pagefile.sys
4. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Qualitative
Decentralized
Classes of IP networks
Acceptable use
5. Someone who hacks
SSL/TLS
Hacker
Security Awareness Training
Coax
6. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
Data Mart
Compiler
Enticement
7. This is an open international standard for applications that use wireless communications.
Worm
Certification
CD-Rom
WAP (Wireless Application Protocol)
8. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Firewall types
Man trap
Motion detector
Masquerade
9. Personal - Network - and Application
Trap Door
Firewall types
DHCP
Expert System
10. Emanations from one wire coupling with another wire
Custodian
Kerberos
Due Diligence
Crosstalk
11. Method of authenticating to a system. Something that you supply and something you know.
Security through obscurity
Username/password
Tort
Key Escrow
12. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Entrapment
Service packs
Key Escrow
13. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
TCSEC
Hardware
Multitasking
Phreaker
14. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Motion detector
Expert System
VPN (Virtual Private Network)
WTLS (Wireless Transport Layer Security)
15. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Bugtraq
Quality Assurance
Open network
Format 7 times
16. A site that has some equipment in place - and can be up within days
DDOS
Exit interview
Username/password
Warm Site
17. A card that holds information that must be authenticated to before it can reveal the information that it is holding
BIA
Artificial Neural Networks (ANN)
Smart cards
Rijndael
18. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Smurf
Keystroke logging
Replay
Fences
19. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Open network
Birthday attack
Data remanence
ARP (Address Resolution Protocol)
20. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Hardware
Probing
Logic bomb
Custodian
21. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
Halon
Malware
Callback Security/Call Forwarding
22. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Attenuation
Format 7 times
Macro
CHAP
23. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
CIO
Motion detector
Cryptanalysis
BIOS
24. A technique to eliminate data redundancy.
Nonce
Normalization
Skipjack
NAT
25. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Macro
Smurf
IRC
MitM
26. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Teardrop
DCOM
Trap Door
Substitution
27. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Encryption
SESAME
Accreditation
Key Escrow
28. These can be used to verify that public keys belong to certain individuals.
ISDN (Integrated Services Digital Network)
Digital certificates
Substitution
Identification
29. A war dialing utility
Smart cards
Toneloc
TCB
Decentralized
30. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Custodian
SSO (Single sign-on)
Telnet
31. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Passive attacks
WAP (Wireless Application Protocol)
ALE (Annualized Loss Expectancy)
Biometric profile
32. Motive - Opportunity - and Means. These deal with crime.
MOM
Hacker
Risk Transferring
Man trap
33. These viruses usually infect both boot records and files.
Multipartite
RAM (Random-access memory)
Security Awareness Training
Fences
34. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
OSI Model
ROT-13
SSH
Active attacks
35. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Polymorphic
Cold Site
Schema
TCB
36. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Multitasking
Authentication
SESAME
Non-repudiation
37. In a separation of duties model - this is where code is checked in and out
Fraggle
Macro
Twisted pair
Software librarian
38. A system designed to stop piggybacking.
Firmware
Man trap
Hoax
Username/password
39. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Code of ethics
Cookies
Artificial Neural Networks (ANN)
Debug
40. Must be in place for you to use a biometric system
Audit Trail
Base-64
Biometric profile
COOP
41. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Entrapment
Buffer overflow
Authorization
Rolling hot sites
42. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
PKI
Checksum
Buffer overflow
CIRT
43. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
ROT-13
Session Hijacking
Acceptable use
Spoofing
44. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Clipping levels
DMZ
Smart cards
Eavesdropping
45. Using ICMP to diagram a network
Probing
Repeaters
Crosstalk
Enticement
46. A network that mimics the brain
Artificial Neural Networks (ANN)
Salami Slicing
Replay
Copyright
47. Confidentiality - Integrity - and Availability
Noise & perturbation
Quantitative
MitM
CIA
48. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Identification
Well-known ports
SSL/TLS
Due Diligence
49. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
CGI (The Common Gateway Interface)
CORBA
RADIUS (Remote authentication dial-in user service)
Clipper Chip
50. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Firewall types
Change management
Telnet
Technical - Administrative - Physical
