Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Clipping levels
Burden of Proof
l0pht
Birthday attack

2. Continuation of Operations Plan
Artificial Neural Networks (ANN)
Guards
Active attacks
COOP

3. When security is managed at a central point in an organization
Centralized
Eavesdropping
Artificial Neural Networks (ANN)
Rolling hot sites

4. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Fraggle
Expert systems
Custodian
Wiretapping

5. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Trap Door
Buffer overflow
Fraggle
User

6. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
DMZ
SSH
Expert systems
Risk Transferring

7. Providing verification to a system
Routers
Fraggle
Authentication
Debug

8. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
TCP Wrappers
Degausser
Java
Closed network

9. Random Number Base
Quantitative
Nonce
Checksum
Hearsay Evidence

10. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Base-64
IRC
Callback Security/Call Forwarding
Trademark

11. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
Scanning
Debug
DDOS

12. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
COOP
Senior Management
Detective - Preventive - Corrective
Patent

13. These can be used to verify that public keys belong to certain individuals.
TCP Wrappers
Multipartite
User
Digital certificates

14. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Owner
Software development lifecycle
Out of band
War driving

15. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Firewall types
Raid 0 - 1 - 3 - 5
Asymmetric
Quality Assurance

16. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Dictionary Attack
Hearsay Evidence
Risk Acceptance
OLE

17. The frequency with which a threat is expected to occur.
Dictionary Attack
ARO (Annualized Rate of Occurrence)
CRC (Cyclic Redundancy Check)
Crosstalk

18. Dynamic Host Configuration Protocol.
UUEncode
DHCP
Dumpster diving
Data Mart

19. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Smart cards
Back door/ trap door/maintenance hook
Risk Management
Clipping levels

20. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Asymmetric
Compiler
Dumpster diving
DNS cache poisoning

21. A network entity that provides a single entrance / exit point to the Internet.
Bastion hosts
Skipjack
Change management
Fences

22. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Guards
Technical - Administrative - Physical
Spoofing
Kerberos

23. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Echelon
Crosstalk
Biometrics
Fraggle

24. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Call tree
Sniffing
Owner
Java

25. These viruses usually infect both boot records and files.
Digital signing
Fiber optic
Multipartite
CIA

26. Reasonable doubt
Burden of Proof
Wiretapping
Patriot Act
Certification

27. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Change management
Biometrics
CORBA
Closed network

28. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Tort
Probing
Privacy Act of 1974
Birthday attack

29. Network device that operates at layer 1. Concentrator.
Technical - Administrative - Physical
Digital signing
Hubs
Telnet

30. Scanning the airwaves for radio transmissions
Risk Analysis
Aggregation
Spoofing
Scanning

31. An attempt to trick the system into believing that something false is real
Penetration testing
Hoax
Switches / Bridges
Finger printing

32. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
BIOS
SLE (Single Loss Expectancy or Exposure)
Quality Assurance
Teardrop

33. When two or more processes are linked and execute multiple programs simultaneously
Schema
Multitasking
Security kernel
Multiprocessing

34. Object Linking and Embedding. The ability of an object to be embedded into another object.
COOP
Quantitative
Senior Management
OLE

35. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
WTLS (Wireless Transport Layer Security)
Privacy Act of 1974
ALE (Annualized Loss Expectancy)
Trade Secret

36. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
VLANs
Stream cipher
CIO
Salami Slicing

37. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Content dependant
VLANs
PAP (Password Authentication Protocol)
Echelon

38. This is an open international standard for applications that use wireless communications.
WAP (Wireless Application Protocol)
Compiler
Multithreading
Sabotage

39. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
IAB
WAP (Wireless Application Protocol)
CIA
Clipper Chip

40. A mechanism by which connections to TCP services on a system are allowed or disallowed
TCP Wrappers
Change management
Software development lifecycle
Digital certificates

41. The user
ARO (Annualized Rate of Occurrence)
User
Qualitative
Termination procedures

42. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
ActiveX Object Linking and Embedding
Crosstalk
WAP (Wireless Application Protocol)
Fire extinguisher

43. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Motion detector
DDOS
Software librarian
Object Oriented Programming

44. Also civil law
Embezzlement
Tort
COOP
Telnet

45. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Dictionary Attack
DHCP
Virtual Memory/Pagefile.sys
Due Care

46. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Macro
TCB
Toneloc
Granularity

47. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
CHAP
Content dependant
Teardrop
Toneloc

48. A network that uses proprietary protocols
Sabotage
Bastion hosts
Closed network
Cyphertext only

49. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
War driving
Replay
Software librarian
Polymorphic

50. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
DOS
Clipper Chip
FAR/FRR/CER
Twisted pair