SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Separation of duties
Security through obscurity
Hot Site
Man trap
2. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Senior Management
Replay
Risk Transferring
Birthday attack
3. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
WTLS (Wireless Transport Layer Security)
Routers
RADIUS (Remote authentication dial-in user service)
Senior Management
4. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Quality Assurance
SSO (Single sign-on)
NAT
UUEncode
5. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
CHAP
Owner
Data Mart
ALE (Annualized Loss Expectancy)
6. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Phreaker
Accountability
DHCP
7. In the broadest sense - a fraud is a deception made for personal gain
Fraud
RAM (Random-access memory)
Toneloc
EF (Exposure Factor)
8. A site that is ready physically but has no hardware in place - all it has is HVAC
Quantitative
Guards
Wiretapping
Cold Site
9. Setting up the user to access the honeypot for reasons other than the intent to harm.
Dictionary Attack
Entrapment
Finger scanning
Script
10. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Kerberos
Guards
Twisted pair
Telnet
11. Involving the measurement of quantity or amount.
CRC (Cyclic Redundancy Check)
Software librarian
Classes of IP networks
Quantitative
12. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Hubs
Skipjack
Smurf
Cyphertext only
13. Dialing fixed sets telephone numbers looking for open modem connections to machines
Cookies
Stream cipher
Packet Sniffing
War dialing
14. Network Address Translation
NAT
Back door/ trap door/maintenance hook
Diffie-Hellman
Hearsay Evidence
15. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
DAD
DMZ
Digital certificates
Block cipher
16. A network that uses standard protocols (TCP/IP)
CIRT
Open network
Keystroke logging
Packet Sniffing
17. Continuation of Operations Plan
Fiber optic
Aggregation
COOP
Worm
18. Method of authenticating to a system. Something that you supply and something you know.
Security through obscurity
Risk Mitigation
Username/password
Twisted pair
19. Chief Information Officer
CIO
Digest
Teardrop
Multitasking
20. A site that has some equipment in place - and can be up within days
Warm Site
Trademark
Decentralized
Software librarian
21. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
OSI Model
Dictionary Attack
Virtual Memory/Pagefile.sys
Authorization
22. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Rijndael
Centralized
Digital certificates
Cyphertext only
23. Also known as a tunnel)
Echelon
Compiler
VPN (Virtual Private Network)
Entrapment
24. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Active attacks
Noise & perturbation
Masquerade
CIRT
25. Assuming someone's session who is unaware of what you are doing
/etc/passwd
Cookies
OLE
Session Hijacking
26. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
COOP
Switches / Bridges
Firewall types
Hearsay Evidence
27. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Twisted pair
Fraud
Raid 0 - 1 - 3 - 5
RADIUS (Remote authentication dial-in user service)
28. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Script kiddies
Well-known ports
TCP Wrappers
Base-64
29. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Hardware
FAR/FRR/CER
Routers
30. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Multipartite
Code of ethics
DMZ
Biometric profile
31. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
DDOS
Audit Trail
ARP (Address Resolution Protocol)
ROT-13
32. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
ARO (Annualized Rate of Occurrence)
Phreaker
Replay
Java
33. Public Key Infrastructure
Joke
CIA
Risk Analysis
PKI
34. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
MOM
Honey pot
Salami Slicing
Due Care
35. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
CIA
Smart cards
ActiveX Object Linking and Embedding
Risk Analysis
36. Software designed to infiltrate or damage a computer system - without the owner's consent.
Normalization
Biometric profile
CIO
Malware
37. The user
Stream cipher
User
Risk Management
Embezzlement
38. Network devices that operate at layer 3. This device separates broadcast domains.
Routers
ROT-13
Smurf
Hackers
39. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Smurf
Buffer overflow
Compiler
Quality Assurance
40. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Toneloc
Tailgating / Piggybacking
ISDN (Integrated Services Digital Network)
Embezzlement
41. White hat l0pht
Biometric profile
Common criteria
Bugtraq
Normalization
42. Using ICMP to diagram a network
Multithreading
Hot Site
Probing
Tort
43. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Multithreading
Owner
Echelon
44. A network entity that provides a single entrance / exit point to the Internet.
Digital signing
Stream cipher
Bastion hosts
OSI Model
45. Enticing people to hit your honeypot to see how they try to access your system.
Enticement
Hoax
MitM
AES (Advanced Encryption Standard)
46. Occupant Emergency Plan - Employees are the most important!
Brute force
Format 7 times
Diffie-Hellman
OEP
47. After implementing countermeasures - accepting risk for the amount of vulnerability left over
WTLS (Wireless Transport Layer Security)
Virtual Memory/Pagefile.sys
DDOS
Risk Acceptance
48. The intercepting of conversations by unintended recipients
Quality Assurance
Base-64
Throughput of a Biometric System
Eavesdropping
49. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Patent
Phreaker
Service packs
Virtual Memory/Pagefile.sys
50. The frequency with which a threat is expected to occur.
UUEncode
ARO (Annualized Rate of Occurrence)
Probing
Biometrics