SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Incentive programs
Dictionary Attack
Malware
Birthday attack
2. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Crosstalk
Vulnerability analysis tools
Coax
Asset Value
3. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Debug
Hot Site
ActiveX Object Linking and Embedding
Compiler
4. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Cyphertext only
VLANs
Probing
Twisted pair
5. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Virtual Memory/Pagefile.sys
Common criteria
Degausser
Echelon
6. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Qualitative
Polymorphism
Fraggle
Detective - Preventive - Corrective
7. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
Bastion hosts
Open network
Fire extinguisher
8. Dialing fixed sets telephone numbers looking for open modem connections to machines
Smart cards
Degausser
Tokens
War dialing
9. Using ICMP to diagram a network
Transposition
Clipping levels
CORBA
Probing
10. This is an open international standard for applications that use wireless communications.
SSO (Single sign-on)
WAP (Wireless Application Protocol)
Symmetric
Kerberos
11. Continuation of Operations Plan
Symmetric
COOP
Kerberos
Hackers
12. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Replay
Granularity
ROT-13
Routers
13. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Probing
Hash
CCTV
Symmetric
14. Internet Architecture Board. This board is responsible for protecting the Internet.
Software development lifecycle
Quality Assurance
IAB
Security through obscurity
15. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Smurf
Twisted pair
SQL (Structured Query Language)
SSL/TLS
16. These can be used to verify that public keys belong to certain individuals.
Non-repudiation
Authorization
Digital certificates
Rolling hot sites
17. Making individuals accountable for their actions on a system typically through the use of auditing
Sniffing
Risk Acceptance
Accountability
Finger printing
18. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
AES (Advanced Encryption Standard)
Format 7 times
Closed network
Substitution
19. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
TACACS (Terminal access controller access control system)
CGI (The Common Gateway Interface)
Callback Security/Call Forwarding
Firewall types
20. The person that controls access to the data
Custodian
DHCP
Replay
Polymorphism
21. Component Object Model.
DCOM
COM
SLE (Single Loss Expectancy or Exposure)
Debug
22. Emanations from one wire coupling with another wire
Crosstalk
Fraggle
DDOS
DCOM
23. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
WTLS (Wireless Transport Layer Security)
Technical - Administrative - Physical
Honey pot
Eavesdropping
24. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Closed network
FAR/FRR/CER
SSH
Cookies
25. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Callback Security/Call Forwarding
Patent
Copyright
RAM (Random-access memory)
26. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Script kiddies
Promiscuous mode
Entrapment
Echelon
27. Personal - Network - and Application
Firewall types
Eavesdropping
Senior Management
Raid 0 - 1 - 3 - 5
28. The act of identifying yourself. Providing your identity to a system
Worm
CEO
Smart cards
Identification
29. Threat to physical security.
SSH
Trap Door
DOS
Sabotage
30. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
DDOS
Brewer-Nash model
SLE (Single Loss Expectancy or Exposure)
Scanning
31. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Hubs
Cryptanalysis
Decentralized
Joke
32. Object Linking and Embedding. The ability of an object to be embedded into another object.
DCOM
Rolling hot sites
OLE
OSI Model
33. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Embezzlement
Probing
PAP (Password Authentication Protocol)
Checksum
34. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
DNS cache poisoning
Due Care
Entrapment
BIA
35. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Switches / Bridges
Scanning
Due Care
36. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
DCOM
Hardware
Masquerade
Object Oriented Programming
37. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
SYN Flood
Cookies
Hubs
Centralized
38. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Illegal/Unethical
WAP (Wireless Application Protocol)
Tailgating / Piggybacking
Raid 0 - 1 - 3 - 5
39. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Trade Secret
Expert System
Risk Transferring
Centralized
40. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
NAT
Expert systems
Multithreading
Motion detector
41. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Repeaters
Wiretapping
DHCP
CD-Rom
42. Also known as a tunnel)
CGI (The Common Gateway Interface)
Toneloc
VPN (Virtual Private Network)
Granularity
43. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Sabotage
Due Diligence
Stream cipher
IRC
44. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
IAB
Cryptanalysis
Wiretapping
Security Awareness Training
45. Someone whose hacking is primarily targeted at the phone systems
Phreaker
Common criteria
Halon
Raid 0 - 1 - 3 - 5
46. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Back door/ trap door/maintenance hook
Artificial Neural Networks (ANN)
Java
ROT-13
47. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Privacy Act of 1974
Worm
Routers
TCSEC
48. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Cold Site
Compiler
Copyright
Bastion hosts
49. Dynamic Host Configuration Protocol.
Scanning
Digest
DHCP
Repeaters
50. Also civil law
Skipjack
DNS cache poisoning
Boot-sector Virus
Tort