SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Macro
Mandatory vacation
Sniffing
Cryptanalysis
2. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Data Mart
TCB
Hot Site
l0pht
3. Chief Information Officer
CIO
Decentralized
Packet Sniffing
Phreaker
4. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Key Escrow
MitM
DAD
Java
5. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Incentive programs
Hoax
Spoofing
Sabotage
6. Ethernet - Cat5 - Twisted to allow for longer runs.
Brute force
DCOM
Tokens
Twisted pair
7. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
MOM
Multithreading
Schema
Classes of IP networks
8. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Object Oriented Programming
Patriot Act
Brewer-Nash model
Crosstalk
9. Be at least 8 foot tall and have three strands of barbed wire.
Vulnerability analysis tools
Fences
OSI Model
CD-Rom
10. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Expert systems
Change management
SSO (Single sign-on)
Checksum
11. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Embezzlement
Buffer overflow
Brute Force
Echelon
12. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Format 7 times
Fraggle
Exit interview
TCB
13. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Java
CIO
Wiretapping
Accreditation
14. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
CIA
ROT-13
Mandatory vacation
15. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Senior Management
Clipper Chip
Username/password
Trap Door
16. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
FAR/FRR/CER
Code of ethics
Trade Secret
OSI Model
17. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Birthday attack
Java
TEMPEST
Symmetric
18. In a separation of duties model - this is where code is checked in and out
Software librarian
SESAME
Routers
TCP Wrappers
19. Emanations from one wire coupling with another wire
Decentralized
Authorization creep
ISDN (Integrated Services Digital Network)
Crosstalk
20. The ability to have more than one thread associated with a process
Identification
Cryptanalysis
WAP (Wireless Application Protocol)
Multithreading
21. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Clipper Chip
War driving
Scanning
Senior Management
22. When one key of a two-key pair has more encryption pattern than the other
Hearsay Evidence
Asymmetric
Keystroke logging
Technical - Administrative - Physical
23. A RFC standard. A mechanism for performing commands on a remote system
Hash
Dumpster diving
Telnet
Security kernel
24. The user
Caesar Cipher
Patent
User
Multithreading
25. Network Address Translation
Vulnerability analysis tools
Script kiddies
VPN (Virtual Private Network)
NAT
26. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Script
Keystroke logging
Sniffing
Digital certificates
27. Confidentiality - Integrity - and Availability
Call tree
CIA
Enticement
Due Diligence
28. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Script
TCB
Carnivore
Out of band
29. Rolling command center with UPS - satellite - uplink - power - etc.
Cookies
PAP (Password Authentication Protocol)
Rolling hot sites
Centralized
30. A technique to eliminate data redundancy.
Buffer overflow
Normalization
Technical - Administrative - Physical
Multitasking
31. Data storage formats and equipment that allow the stored data to be accessed in any order
Exit interview
Diffie-Hellman
RAM (Random-access memory)
DDOS
32. Personal - Network - and Application
Firewall types
Software
BIA
Two-Factor Authentication
33. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Open network
Raid 0 - 1 - 3 - 5
Promiscuous mode
AES (Advanced Encryption Standard)
34. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Hackers
Cookies
Vulnerability analysis tools
Out of band
35. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Software
Hardware
MOM
Audit Trail
36. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Security Perimeter
Granularity
SLE (Single Loss Expectancy or Exposure)
Finger scanning
37. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Replay
RADIUS (Remote authentication dial-in user service)
Acceptable use
Risk Management
38. Scanning the airwaves for radio transmissions
DMZ
Scanning
Non-repudiation
DOS
39. A network that uses standard protocols (TCP/IP)
MitM
Open network
Penetration testing
Salami Slicing
40. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Normalization
Hackers
Penetration testing
Clipper Chip
41. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Mandatory vacation
War driving
NAT
Smurf
42. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Scanning
Out of band
Software
Java
43. Disclosure - Alteration - Destruction. These things break the CIA triad
Birthday attack
DAD
TCB
CIRT
44. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Cookies
Callback Security/Call Forwarding
CHAP
Buffer overflow
45. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Finger scanning
Worm
Service packs
Passive attacks
46. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Penetration testing
Buffer overflow
Cryptanalysis
UUEncode
47. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
Fences
Worm
Key Escrow
48. An attempt to trick the system into believing that something false is real
Probing
Hoax
Fire extinguisher
Security Perimeter
49. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Risk Acceptance
Script kiddies
SQL (Structured Query Language)
Accreditation
50. More discriminate than dogs
Guards
Burden of Proof
SSO (Single sign-on)
Raid 0 - 1 - 3 - 5
