SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Also civil law
Packet Sniffing
Tort
Raid 0 - 1 - 3 - 5
Authorization creep
2. Transferring your risk to someone else - typically an insurance company
Software
Risk Transferring
Authorization
ROM (Read-only memory)
3. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Brute Force
War driving
ARP (Address Resolution Protocol)
Java
4. The act of identifying yourself. Providing your identity to a system
Virtual Memory/Pagefile.sys
Identification
Phreaker
Senior Management
5. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Noise & perturbation
Non-repudiation
Dictionary Attack
Fraud
6. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Teardrop
Boot-sector Virus
Diffie-Hellman
Rijndael
7. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Symmetric
Qualitative
UUEncode
Bastion hosts
8. Also known as a tunnel)
ActiveX Object Linking and Embedding
Noise & perturbation
VPN (Virtual Private Network)
CEO
9. Continuation of Operations Plan
COOP
Data remanence
Crosstalk
TCP Wrappers
10. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Out of band
Trademark
Brewer-Nash model
Incentive programs
11. Involving the measurement of quantity or amount.
Raid 0 - 1 - 3 - 5
Quantitative
ActiveX Object Linking and Embedding
Guards
12. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Worm
CGI (The Common Gateway Interface)
Transposition
Firewall types
13. Accepting all packets
Noise & perturbation
Asymmetric
ROT-13
Promiscuous mode
14. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
l0pht
Raid 0 - 1 - 3 - 5
Birthday attack
Polymorphism
15. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Key Escrow
Quantitative
OSI Model
Fire extinguisher
16. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Dumpster diving
SSH
Dogs
Virtual Memory/Pagefile.sys
17. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
SYN Flood
Call tree
Digital signing
SESAME
18. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Digital signing
ARP (Address Resolution Protocol)
War driving
Call tree
19. Ethernet - Cat5 - Twisted to allow for longer runs.
Vulnerability analysis tools
Twisted pair
PAP (Password Authentication Protocol)
Privacy Act of 1974
20. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
CIA
Technical - Administrative - Physical
DDOS
Script kiddies
21. When security is managed at a central point in an organization
Centralized
Audit Trail
Bugtraq
Patent
22. Random Number Base
Caesar Cipher
Artificial Neural Networks (ANN)
Nonce
Illegal/Unethical
23. This is an open international standard for applications that use wireless communications.
Mandatory vacation
WAP (Wireless Application Protocol)
Brute force
Trojan horses
24. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
WTLS (Wireless Transport Layer Security)
DAD
Brute Force
Biometric profile
25. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Salami Slicing
CORBA
Decentralized
Multithreading
26. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Senior Management
Cryptanalysis
CHAP
Non-repudiation
27. The user
OLE
Dogs
Quality Assurance
User
28. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Hoax
Aggregation
Quality Assurance
SSO (Single sign-on)
29. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Stream cipher
Encryption
Malware
Privacy Act of 1974
30. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
ISDN (Integrated Services Digital Network)
MitM
Multipartite
Polymorphic
31. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Salami Slicing
Fraggle
Finger scanning
ALE (Annualized Loss Expectancy)
32. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Macro
/etc/passwd
Dogs
Penetration testing
33. 'If you cant see it - its secure'. Bad policy to live by.
WAP (Wireless Application Protocol)
Symmetric
Security through obscurity
Bugtraq
34. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Social engineering
Service packs
Worm
WTLS (Wireless Transport Layer Security)
35. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Rolling hot sites
Fiber optic
Patriot Act
Degausser
36. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Software
Cookies
Rijndael
Expert systems
37. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Routers
Illegal/Unethical
Biometric profile
Back door/ trap door/maintenance hook
38. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Risk Acceptance
Wiretapping
Digital signing
Crosstalk
39. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Identification
Risk Management
DNS cache poisoning
Skipjack
40. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Block cipher
Identification
Privacy Act of 1974
Service packs
41. Once authenticated - the level of access you have to a system
DOS
Cookies
Substitution
Authorization
42. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Transposition
CORBA
Diffie-Hellman
Multitasking
43. Signal degradation as it moves farther from its source
Attenuation
Biometric profile
Packet Sniffing
Tokens
44. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Cold Site
Coax
Replay
Inference
45. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Fraud
Trade Secret
Incentive programs
Authentication
46. In a separation of duties model - this is where code is checked in and out
Hacker
VPN (Virtual Private Network)
Compiler
Software librarian
47. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
EF (Exposure Factor)
Patriot Act
CD-Rom
Authorization
48. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
Passive attacks
VPN (Virtual Private Network)
DOS
49. More discriminate than dogs
Substitution
Guards
Due Diligence
Smart cards
50. A network that mimics the brain
Dogs
Artificial Neural Networks (ANN)
Skipjack
Quantitative