SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Repeats the signal. It amplifies the signal before sending it on.
Burden of Proof
Repeaters
Callback Security/Call Forwarding
Checksum
2. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Normalization
/etc/passwd
Security Awareness Training
3. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
War dialing
Scanning
Copyright
Classes of IP networks
4. A network that mimics the brain
WAP (Wireless Application Protocol)
Hacker
Artificial Neural Networks (ANN)
DNS cache poisoning
5. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Kerberos
PAP (Password Authentication Protocol)
Replay
Fraggle
6. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
CCTV
PAP (Password Authentication Protocol)
ROM (Read-only memory)
Exit interview
7. Good for distance - longer than 100M
Debug
Honey pot
Expert systems
Coax
8. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Compiler
Substitution
Call tree
Normalization
9. Jumping into dumpsters to retrieve information about someone/something/a company
Cold Site
Dumpster diving
CRC (Cyclic Redundancy Check)
Username/password
10. The act of identifying yourself. Providing your identity to a system
Polymorphism
CIO
Session Hijacking
Identification
11. The real cost of acquiring/maintaining/developing a system
Degausser
Bastion hosts
Asset Value
Virtual machine
12. In cryptography - it is a block cipher
Skipjack
FAR/FRR/CER
Authorization creep
ALE (Annualized Loss Expectancy)
13. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Tailgating / Piggybacking
Hackers
Java
Mandatory vacation
14. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Multithreading
Object Oriented Programming
l0pht
Keystroke logging
15. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Aggregation
Exit interview
Telnet
Format 7 times
16. A military standard defining controls for emanation protection
Bastion hosts
Exit interview
TEMPEST
Multipartite
17. A sandbox. Emulates an operating environment.
Senior Management
OLE
Expert System
Virtual machine
18. When one key of a two-key pair has more encryption pattern than the other
Reciprocal agreement
Guards
Vulnerability analysis tools
Asymmetric
19. Motivational tools for employee awareness to get them to report security flaws in an organization
Salami Slicing
Switches / Bridges
Incentive programs
Degausser
20. A RFC standard. A mechanism for performing commands on a remote system
Bugtraq
Due Care
Telnet
TCP Wrappers
21. A site that has some equipment in place - and can be up within days
Clipper Chip
Trade Secret
Fences
Warm Site
22. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
TACACS (Terminal access controller access control system)
Security through obscurity
Brute force
Digital signing
23. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Diffie-Hellman
VPN (Virtual Private Network)
Degausser
Fraud
24. Closed Circuit Television
Throughput of a Biometric System
CCTV
Hearsay Evidence
Transposition
25. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
PKI
CHAP
Certification
CEO
26. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Inference
TACACS (Terminal access controller access control system)
Security Perimeter
Script
27. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Fraud
Hackers
Service packs
Expert System
28. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Tokens
Fraud
Twisted pair
Masquerade
29. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
SYN Flood
DOS
Patriot Act
Patent
30. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Replay
SESAME
Change management
SLE (Single Loss Expectancy or Exposure)
31. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Replay
Back door/ trap door/maintenance hook
War driving
Attenuation
32. Using ICMP to diagram a network
Hash
Noise & perturbation
Probing
Private Addressing
33. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
PKI
Separation of duties
Twisted pair
Expert System
34. The practice of obtaining confidential information by manipulation of legitimate users.
User
Brewer-Nash model
Centralized
Social engineering
35. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Data Mart
Copyright
ARP (Address Resolution Protocol)
Patent
36. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Checksum
SESAME
Teardrop
ALE (Annualized Loss Expectancy)
37. Continuation of Operations Plan
Social engineering
COOP
Firmware
Hash
38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Raid 0 - 1 - 3 - 5
Switches / Bridges
DAD
Smurf
39. These viruses usually infect both boot records and files.
Multipartite
Open network
Masquerade
Clipper Chip
40. An instance of a scripting language
Authorization
Virtual machine
Risk Analysis
Script
41. Animals with teeth. Not as discriminate as guards
MitM
Dogs
Joke
Noise & perturbation
42. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
CIO
Vulnerability analysis tools
Granularity
Trap Door
43. Dialing fixed sets telephone numbers looking for open modem connections to machines
Biometric profile
CIA
CHAP
War dialing
44. Someone whose hacking is primarily targeted at the phone systems
Trademark
Hubs
Nonce
Phreaker
45. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Illegal/Unethical
AES (Advanced Encryption Standard)
Hoax
Honey pot
46. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Throughput of a Biometric System
Sabotage
Audit Trail
Brute force
47. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Hacker
Joke
Username/password
48. Reasonable doubt
Bastion hosts
Burden of Proof
User
CEO
49. When two or more processes are linked and execute multiple programs simultaneously
Toneloc
Twisted pair
Multiprocessing
Stream cipher
50. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
Out of band
SSH
Code of ethics
