SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The ability to have more than one thread associated with a process
Multithreading
Quality Assurance
Job rotation
CEO
2. Someone whose hacking is primarily targeted at the phone systems
Phreaker
Clipper Chip
Hubs
PAP (Password Authentication Protocol)
3. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Warm Site
Due Diligence
Kerberos
Finger scanning
4. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Embezzlement
Toneloc
Expert systems
Checksum
5. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
User
Tailgating / Piggybacking
TCSEC
BIOS
6. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Senior Management
Format 7 times
User
Birthday attack
7. White hat l0pht
Bugtraq
Two-Factor Authentication
Macro
Skipjack
8. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Multipartite
Asset Value
Cookies
l0pht
9. Involving the measurement of quantity or amount.
Security Awareness Training
Out of band
Quantitative
Rolling hot sites
10. Internet Relay Chat.
SQL (Structured Query Language)
DCOM
IRC
Throughput of a Biometric System
11. Animals with teeth. Not as discriminate as guards
Attenuation
Dogs
Accreditation
Salami Slicing
12. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
VPN (Virtual Private Network)
Telnet
Authorization
Fraggle
13. Network devices that operate at layer 3. This device separates broadcast domains.
Security through obscurity
Hoax
Routers
Sabotage
14. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Compiler
Termination procedures
Buffer overflow
15. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Joke
MitM
Illegal/Unethical
Digital signing
16. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Hackers
Session Hijacking
Skipjack
TCB
17. Ethernet - Cat5 - Twisted to allow for longer runs.
Hearsay Evidence
Twisted pair
CGI (The Common Gateway Interface)
Brewer-Nash model
18. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Telnet
Logic bomb
Accreditation
War dialing
19. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
Masquerade
Accreditation
OLE
20. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Birthday attack
War dialing
Detective - Preventive - Corrective
Virtual Memory/Pagefile.sys
21. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Trade Secret
Birthday attack
Packet Sniffing
DNS cache poisoning
22. Using ICMP to diagram a network
Virtual Memory/Pagefile.sys
Burden of Proof
ActiveX Object Linking and Embedding
Probing
23. The intercepting of conversations by unintended recipients
Quality Assurance
CCTV
Switches / Bridges
Eavesdropping
24. Good for distance - longer than 100M
Coax
Username/password
Artificial Neural Networks (ANN)
MOM
25. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Burden of Proof
Granularity
SSO (Single sign-on)
Common criteria
26. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
CIRT
Birthday attack
Polymorphic
Security Perimeter
27. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Spoofing
Clipper Chip
Brewer-Nash model
Change management
28. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
Active attacks
Cryptanalysis
Raid 0 - 1 - 3 - 5
29. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Boot-sector Virus
War driving
CRC (Cyclic Redundancy Check)
Firmware
30. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Two-Factor Authentication
Packet Sniffing
Security kernel
Dogs
31. Object Linking and Embedding. The ability of an object to be embedded into another object.
DNS cache poisoning
Security Perimeter
OLE
Masquerade
32. When one key of a two-key pair has more encryption pattern than the other
Asymmetric
Session Hijacking
Back door/ trap door/maintenance hook
Brewer-Nash model
33. Rolling command center with UPS - satellite - uplink - power - etc.
Scanning
Qualitative
Rolling hot sites
Boot-sector Virus
34. Continuation of Operations Plan
COOP
Open network
Rolling hot sites
Multipartite
35. Chief Executive Officer
BIA
Replay
Logic bomb
CEO
36. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Format 7 times
Tokens
Qualitative
/etc/passwd
37. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
ARP (Address Resolution Protocol)
Worm
Crosstalk
Burden of Proof
38. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Artificial Neural Networks (ANN)
Separation of duties
Enticement
CORBA
39. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Virtual machine
Trade Secret
War dialing
Risk Acceptance
40. Emanations from one wire coupling with another wire
Crosstalk
Firewall types
Coax
Wiretapping
41. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
ALE (Annualized Loss Expectancy)
Risk Analysis
Digital certificates
Code of ethics
42. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Active attacks
Due Diligence
CIA
Trojan horses
43. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
ARO (Annualized Rate of Occurrence)
CHAP
Macro
Technical - Administrative - Physical
44. Computer Incident Response Team
SYN Flood
CIRT
Due Care
Separation of duties
45. Common Object Request Broker Architecture.
Quality Assurance
Cyphertext only
Termination procedures
CORBA
46. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Bugtraq
Honey pot
Burden of Proof
Key Escrow
47. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Fire extinguisher
Masquerade
Clipper Chip
Hot Site
48. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
CRC (Cyclic Redundancy Check)
Cookies
Hot Site
Custodian
49. A war dialing utility
Biometric profile
Toneloc
Nonce
Debug
50. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Bugtraq
Passive attacks
Well-known ports
PKI
