Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Finger scanning
DHCP
Quantitative
Carnivore

2. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Callback Security/Call Forwarding
Finger printing
ActiveX Object Linking and Embedding
Clipping levels

3. Chief Information Officer
CIO
DCOM
Scanning
l0pht

4. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Echelon
Penetration testing
Cryptanalysis
Risk Management

5. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Biometrics
Raid 0 - 1 - 3 - 5
Detective - Preventive - Corrective
Risk Transferring

6. A network that uses proprietary protocols
Cookies
DHCP
Phreaker
Closed network

7. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Finger scanning
ROM (Read-only memory)
Carnivore
Substitution

8. Dialing fixed sets telephone numbers looking for open modem connections to machines
Certification
War dialing
Multitasking
Hearsay Evidence

9. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Twisted pair
Joke
Rijndael
Hot Site

10. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Two-Factor Authentication
Multithreading
ActiveX Object Linking and Embedding
SYN Flood

11. An instance of a scripting language
ARP (Address Resolution Protocol)
Security Awareness Training
Script
CIA

12. Access control method for database based on the content of the database to provide granular access
Content dependant
Reciprocal agreement
Noise & perturbation
Privacy Act of 1974

13. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
Carnivore
Macro
Identification

14. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Attenuation
/etc/passwd
Fraud
Rolling hot sites

15. The output of a hash function is a digest.
Digest
Software librarian
Aggregation
Security Perimeter

16. When two or more processes are linked and execute multiple programs simultaneously
Data remanence
Multiprocessing
Firewall types
ARO (Annualized Rate of Occurrence)

17. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Finger scanning
Hash
Diffie-Hellman
Change management

18. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Two-Factor Authentication
Clipper Chip
WTLS (Wireless Transport Layer Security)
CIA

19. The practice of obtaining confidential information by manipulation of legitimate users.
Social engineering
Custodian
Rijndael
SSH

20. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Biometric profile
Buffer overflow
Hearsay Evidence
Centralized

21. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
UUEncode
Virtual Memory/Pagefile.sys
Polymorphism
Kerberos

22. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Block cipher
Honey pot
Fire extinguisher
Patriot Act

23. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
DNS cache poisoning
CIO
Biometric profile
Fraggle

24. Good for distance - longer than 100M
Due Diligence
Brute force
Coax
COOP

25. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Digital signing
Risk Mitigation
Schema
Cold Site

26. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
EF (Exposure Factor)
Software librarian
Kerberos
Callback Security/Call Forwarding

27. Network devices that operate at layer 3. This device separates broadcast domains.
Centralized
Hardware
War dialing
Routers

28. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Risk Mitigation
Job rotation
PKI

29. The art of breaking code. Testing the strength of an algorithm.
Hubs
Cryptanalysis
Guards
Joke

30. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Due Diligence
Non-repudiation
Exit interview
Two-Factor Authentication

31. Defines the objects and their attributes that exist in a database.
Closed network
Schema
Debug
Buffer overflow

32. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
SYN Flood
Risk Analysis
Entrapment
Encryption

33. Encompasses Risk Analysis and Risk Mitigation
VPN (Virtual Private Network)
Risk Management
Rolling hot sites
Certification

34. A network that uses standard protocols (TCP/IP)
Hackers
Open network
Hearsay Evidence
Logic bomb

35. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Macro
OEP
Kerberos
SQL (Structured Query Language)

36. A network entity that provides a single entrance / exit point to the Internet.
Bastion hosts
ROT-13
Security Awareness Training
CCTV

37. Public Key Infrastructure
PKI
SYN Flood
Keystroke logging
WAP (Wireless Application Protocol)

38. Relating to quality or kind. This assigns a level of importance to something.
Qualitative
Biometric profile
CEO
RADIUS (Remote authentication dial-in user service)

39. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Biometrics
Smurf
Accreditation
CRC (Cyclic Redundancy Check)

40. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
Active attacks
Trademark
Degausser

41. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
RADIUS (Remote authentication dial-in user service)
Rijndael
TACACS (Terminal access controller access control system)
Sabotage

42. Chief Executive Officer
Noise & perturbation
Exit interview
CEO
Mandatory vacation

43. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
Quality Assurance
Finger printing
Salami Slicing

44. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
AES (Advanced Encryption Standard)
Security Awareness Training
Hot Site
Session Hijacking

45. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Raid 0 - 1 - 3 - 5
Smurf
ISDN (Integrated Services Digital Network)
Call tree

46. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Trademark
User
Birthday attack
Technical - Administrative - Physical

47. Closed Circuit Television
ALE (Annualized Loss Expectancy)
CCTV
Artificial Neural Networks (ANN)
Rijndael

48. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Motion detector
Phreaker
Certification
SSH

49. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Callback Security/Call Forwarding
BIA
CEO
Cold Site

50. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Degausser
Multitasking
Owner
COM