SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The person that determines the permissions to files. The data owner.
Encryption
Owner
Software librarian
Dogs
2. Relating to quality or kind. This assigns a level of importance to something.
Qualitative
Finger printing
MitM
Custodian
3. Must be in place for you to use a biometric system
Active attacks
Trojan horses
Biometric profile
Cold Site
4. This is an open international standard for applications that use wireless communications.
Digital certificates
WAP (Wireless Application Protocol)
Termination procedures
RADIUS (Remote authentication dial-in user service)
5. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
IRC
CD-Rom
Wiretapping
Throughput of a Biometric System
6. A hidden communications channel on a system that allows for the bypassing of the system security policy
Sniffing
Telnet
Covert channels
ROT-13
7. Threat to physical security.
Sabotage
CEO
Format 7 times
Firewall types
8. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Diffie-Hellman
Format 7 times
CRC (Cyclic Redundancy Check)
BIA
9. The ability to have more than one thread associated with a process
Multithreading
Mandatory vacation
Risk Analysis
AES (Advanced Encryption Standard)
10. Using ICMP to diagram a network
Object Oriented Programming
Security kernel
Skipjack
Probing
11. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Attenuation
Asymmetric
Salami Slicing
Due Care
12. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Hardware
Polymorphic
Reciprocal agreement
Dictionary Attack
13. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
PAP (Password Authentication Protocol)
Acceptable use
Caesar Cipher
14. Emanations from one wire coupling with another wire
VPN (Virtual Private Network)
Authentication
Crosstalk
Noise & perturbation
15. The art of breaking code. Testing the strength of an algorithm.
Birthday attack
Checksum
ARO (Annualized Rate of Occurrence)
Cryptanalysis
16. A war dialing utility
Cookies
Security Awareness Training
Fiber optic
Toneloc
17. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Hardware
Job rotation
Halon
WTLS (Wireless Transport Layer Security)
18. A network that uses standard protocols (TCP/IP)
Digital signing
Code of ethics
Cyphertext only
Open network
19. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
ROT-13
SSL/TLS
Custodian
Data remanence
20. Involving the measurement of quantity or amount.
DAD
Quantitative
Burden of Proof
Security through obscurity
21. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Brute force
Carnivore
Masquerade
Illegal/Unethical
22. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Trap Door
Macro
Hubs
Encryption
23. A mechanism by which connections to TCP services on a system are allowed or disallowed
Schema
Penetration testing
Throughput of a Biometric System
TCP Wrappers
24. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Copyright
SSL/TLS
Virtual Memory/Pagefile.sys
Bugtraq
25. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Cookies
Well-known ports
Worm
Software
26. The person that controls access to the data
Patriot Act
Eavesdropping
Custodian
Inference
27. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brute Force
ARO (Annualized Rate of Occurrence)
Brewer-Nash model
Reciprocal agreement
28. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
TEMPEST
Caesar Cipher
OLE
TCB
29. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Multiprocessing
Trade Secret
Worm
Trap Door
30. A network that mimics the brain
SSO (Single sign-on)
Trojan horses
Artificial Neural Networks (ANN)
DDOS
31. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
SQL (Structured Query Language)
Call tree
Block cipher
Fiber optic
32. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Asset Value
Replay
Key Escrow
Multipartite
33. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
DMZ
Smart cards
Firmware
Vulnerability analysis tools
34. The real cost of acquiring/maintaining/developing a system
Asset Value
Caesar Cipher
Call tree
Non-repudiation
35. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Transposition
Finger scanning
Enticement
Wiretapping
36. Accepting all packets
Custodian
Eavesdropping
Promiscuous mode
Software
37. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Qualitative
Salami Slicing
Stream cipher
Security kernel
38. Closed Circuit Television
Active attacks
Granularity
TCP Wrappers
CCTV
39. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Identification
DDOS
Joke
WTLS (Wireless Transport Layer Security)
40. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Certification
Accountability
Risk Acceptance
41. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Checksum
Finger printing
Due Diligence
Copyright
42. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Hardware
Buffer overflow
Polymorphism
Rijndael
43. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Keystroke logging
Tokens
Halon
UUEncode
44. Basic Input/Output System
Crosstalk
/etc/passwd
BIOS
Sabotage
45. White hat l0pht
Illegal/Unethical
Burden of Proof
Packet Sniffing
Bugtraq
46. The output of a hash function is a digest.
Digest
VPN (Virtual Private Network)
Bastion hosts
Dumpster diving
47. Reasonable doubt
Bugtraq
Burden of Proof
Smart cards
Virtual machine
48. Component Object Model.
Cryptanalysis
Hackers
COM
Authorization
49. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
Data remanence
ROT-13
Logic bomb
50. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Security through obscurity
SYN Flood
Embezzlement
Hearsay Evidence
