SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Animals with teeth. Not as discriminate as guards
Brute Force
DOS
Dogs
Hubs
2. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
DCOM
Hackers
Active attacks
3. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Out of band
Back door/ trap door/maintenance hook
User
Finger printing
4. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
PKI
NAT
ARP (Address Resolution Protocol)
5. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Smart cards
Burden of Proof
SQL (Structured Query Language)
CEO
6. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
WTLS (Wireless Transport Layer Security)
Quality Assurance
DOS
UUEncode
7. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
SSO (Single sign-on)
Digest
Software
DOS
8. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Audit Trail
Script kiddies
Decentralized
Stream cipher
9. These can be used to verify that public keys belong to certain individuals.
Security through obscurity
Common criteria
Passive attacks
Digital certificates
10. Chief Information Officer
CIO
Dogs
Enticement
COM
11. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Detective - Preventive - Corrective
Rijndael
OSI Model
SLE (Single Loss Expectancy or Exposure)
12. To not be legal (as far as law is concerned) or ethical
Virtual machine
Asymmetric
CGI (The Common Gateway Interface)
Illegal/Unethical
13. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
SSL/TLS
CRC (Cyclic Redundancy Check)
Reciprocal agreement
Classes of IP networks
14. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Quantitative
Teardrop
ALE (Annualized Loss Expectancy)
15. Closed Circuit Television
Firewall types
Warm Site
User
CCTV
16. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
Debug
War driving
Quantitative
17. White hat l0pht
Session Hijacking
Bugtraq
Java
Noise & perturbation
18. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Script kiddies
Senior Management
OEP
Kerberos
19. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Bastion hosts
Degausser
Hardware
Clipper Chip
20. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
MOM
OEP
VPN (Virtual Private Network)
Copyright
21. Internet Architecture Board. This board is responsible for protecting the Internet.
Script kiddies
Cyphertext only
TACACS (Terminal access controller access control system)
IAB
22. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Granularity
Incentive programs
Promiscuous mode
Vulnerability analysis tools
23. The user
Accountability
Logic bomb
Passive attacks
User
24. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Compiler
Switches / Bridges
Eavesdropping
Biometrics
25. Network Address Translation
Two-Factor Authentication
Multithreading
Key Escrow
NAT
26. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
ROT-13
Aggregation
SSO (Single sign-on)
Biometrics
27. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Script kiddies
Call tree
BIOS
Keystroke logging
28. Involving the measurement of quantity or amount.
Key Escrow
Brewer-Nash model
Quantitative
DOS
29. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Dumpster diving
Hoax
Aggregation
Change management
30. The output of a hash function is a digest.
Echelon
Digest
DHCP
SSL/TLS
31. When security is managed at many different points in an organization
VLANs
ARO (Annualized Rate of Occurrence)
Twisted pair
Decentralized
32. The art of breaking code. Testing the strength of an algorithm.
Security Awareness Training
Cryptanalysis
Phreaker
TEMPEST
33. Chief Executive Officer
War driving
CEO
Script kiddies
Covert channels
34. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Open network
BIOS
Non-repudiation
Symmetric
35. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Substitution
Masquerade
Throughput of a Biometric System
CRC (Cyclic Redundancy Check)
36. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Twisted pair
Digital signing
Spoofing
CHAP
37. A system designed to stop piggybacking.
Due Care
CIA
NAT
Man trap
38. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
Mandatory vacation
MOM
Authorization creep
39. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
CHAP
Trademark
War dialing
Fiber optic
40. When security is managed at a central point in an organization
Packet Sniffing
Well-known ports
Centralized
Boot-sector Virus
41. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Security Perimeter
SSO (Single sign-on)
Illegal/Unethical
Multipartite
42. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Degausser
Motion detector
Brute force
Social engineering
43. A hidden communications channel on a system that allows for the bypassing of the system security policy
/etc/passwd
Raid 0 - 1 - 3 - 5
Covert channels
Hacker
44. Distributed Component Object Model. Microsoft's implementation of CORBA.
Scanning
Multitasking
DCOM
Nonce
45. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Cryptanalysis
CEO
Encryption
CD-Rom
46. The person that determines the permissions to files. The data owner.
Reciprocal agreement
Owner
Software
CCTV
47. Also civil law
Finger printing
Tort
Logic bomb
Software development lifecycle
48. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
NAT
Rijndael
Acceptable use
Expert System
49. A site that is ready physically but has no hardware in place - all it has is HVAC
Polymorphic
Substitution
Termination procedures
Cold Site
50. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
CRC (Cyclic Redundancy Check)
BIA
Smart cards
Salami Slicing
