Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. An instance of a scripting language
Data remanence
Firewall types
Script
Authentication

2. Someone whose hacking is primarily targeted at the phone systems
Phreaker
DNS cache poisoning
Cyphertext only
Rijndael

3. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Virtual Memory/Pagefile.sys
Well-known ports
Entrapment
Compiler

4. A system designed to stop piggybacking.
Teardrop
Man trap
Virtual Memory/Pagefile.sys
Job rotation

5. Common Object Request Broker Architecture.
Skipjack
Polymorphism
CORBA
Open network

6. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
War driving
Smart cards
Throughput of a Biometric System
Embezzlement

7. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Copyright
Transposition
Honey pot
Worm

8. Must be in place for you to use a biometric system
Echelon
Halon
Biometric profile
Reciprocal agreement

9. Entails planning and system actions to ensure that a project is following good quality management practices
ROM (Read-only memory)
Quality Assurance
Dumpster diving
DAD

10. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Common criteria
Routers
Virtual machine

11. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Penetration testing
Halon
Brewer-Nash model
Keystroke logging

12. The frequency with which a threat is expected to occur.
Tokens
Owner
ARO (Annualized Rate of Occurrence)
Dumpster diving

13. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
OSI Model
FAR/FRR/CER
Fences
BIOS

14. A gas used in fire suppression. Not human safe. Chemical reaction.
Cold Site
Halon
Penetration testing
Caesar Cipher

15. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
ISDN (Integrated Services Digital Network)
Software
Trade Secret
FAR/FRR/CER

16. An attempt to trick the system into believing that something false is real
Hoax
Checksum
Crosstalk
Biometrics

17. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Wiretapping
Authentication
Carnivore
TCSEC

18. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Risk Mitigation
Risk Transferring
Hoax
Data Mart

19. These viruses usually infect both boot records and files.
Accountability
Multipartite
Risk Management
NAT

20. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Senior Management
ISDN (Integrated Services Digital Network)
Buffer overflow
Sniffing

21. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Fraggle
Social engineering
Senior Management
Accountability

22. When two or more processes are linked and execute multiple programs simultaneously
AES (Advanced Encryption Standard)
Multiprocessing
Covert channels
DOS

23. Using ICMP to diagram a network
Risk Acceptance
DNS cache poisoning
Artificial Neural Networks (ANN)
Probing

24. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Acceptable use
Trademark
Username/password
Artificial Neural Networks (ANN)

25. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Software
Smurf
Brute Force
Certification

26. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Wiretapping
Risk Management
Transposition
RAM (Random-access memory)

27. A military standard defining controls for emanation protection
Quality Assurance
TEMPEST
Echelon
Bugtraq

28. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Authentication
CEO
Multitasking
Skipjack

29. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Macro
ALE (Annualized Loss Expectancy)
TCB
Classes of IP networks

30. Network device that operates at layer 1. Concentrator.
Brewer-Nash model
Hubs
Embezzlement
War driving

31. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Man trap
/etc/passwd
WTLS (Wireless Transport Layer Security)
Toneloc

32. A card that holds information that must be authenticated to before it can reveal the information that it is holding
War dialing
Fire extinguisher
Smart cards
ARO (Annualized Rate of Occurrence)

33. Same as a block cipher except that it is applied to a data stream one bit at a time
Sniffing
Stream cipher
Technical - Administrative - Physical
ActiveX Object Linking and Embedding

34. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
SSH
Digital certificates
ActiveX Object Linking and Embedding
Job rotation

35. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
CCTV
Crosstalk
Decentralized
Expert System

36. Repeats the signal. It amplifies the signal before sending it on.
Brute Force
Repeaters
RADIUS (Remote authentication dial-in user service)
Data remanence

37. Someone who hacks
Rijndael
Open network
Dumpster diving
Hacker

38. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
MitM
SLE (Single Loss Expectancy or Exposure)
PAP (Password Authentication Protocol)
IAB

39. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Warm Site
OLE
Multitasking

40. Dialing fixed sets telephone numbers looking for open modem connections to machines
War dialing
Accountability
Routers
Closed network

41. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Security through obscurity
UUEncode
Software librarian

42. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Security through obscurity
IRC
Copyright
Out of band

43. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
DDOS
Hash
Out of band
SSL/TLS

44. White hat l0pht
Bugtraq
Joke
COOP
DOS

45. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Service packs
CCTV
Fraggle
Inference

46. A technique to eliminate data redundancy.
Scanning
Session Hijacking
Normalization
Entrapment

47. Transferring your risk to someone else - typically an insurance company
Out of band
CD-Rom
Risk Transferring
DDOS

48. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
PKI
Username/password
Detective - Preventive - Corrective
Virtual Memory/Pagefile.sys

49. A network that mimics the brain
BIA
Artificial Neural Networks (ANN)
Trademark
Switches / Bridges

50. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Fraud
Reciprocal agreement
Copyright
CGI (The Common Gateway Interface)