SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. White hat l0pht
Bugtraq
Attenuation
Reciprocal agreement
Fraud
2. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
RADIUS (Remote authentication dial-in user service)
CRC (Cyclic Redundancy Check)
Software librarian
3. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
IRC
Trap Door
Repeaters
Teardrop
4. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Rijndael
SYN Flood
Polymorphic
SQL (Structured Query Language)
5. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Motion detector
Digest
CGI (The Common Gateway Interface)
Owner
6. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Covert channels
Checksum
Logic bomb
DNS cache poisoning
7. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Risk Management
COM
Private Addressing
8. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Worm
DDOS
Well-known ports
Noise & perturbation
9. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
CCTV
Security Awareness Training
Termination procedures
Audit Trail
10. In a separation of duties model - this is where code is checked in and out
SQL (Structured Query Language)
Certification
Data remanence
Software librarian
11. Network Address Translation
Classes of IP networks
NAT
Object Oriented Programming
Key Escrow
12. Making individuals accountable for their actions on a system typically through the use of auditing
Active attacks
Accountability
TEMPEST
Format 7 times
13. Disclosure - Alteration - Destruction. These things break the CIA triad
DAD
Two-Factor Authentication
Burden of Proof
Authorization creep
14. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
SSO (Single sign-on)
Privacy Act of 1974
ActiveX Object Linking and Embedding
15. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Smart cards
Multipartite
Twisted pair
Hackers
16. Closed Circuit Television
Script
CCTV
Digital certificates
Security Awareness Training
17. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Honey pot
TACACS (Terminal access controller access control system)
Patent
Quantitative
18. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
OLE
Patriot Act
IRC
Schema
19. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
ARO (Annualized Rate of Occurrence)
Identification
Clipper Chip
Non-repudiation
20. Once authenticated - the level of access you have to a system
Tokens
Authorization
Termination procedures
FAR/FRR/CER
21. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
ROT-13
BIOS
Asset Value
Social engineering
22. When two or more processes are linked and execute multiple programs simultaneously
War dialing
Rolling hot sites
Multiprocessing
Birthday attack
23. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Cold Site
Custodian
CEO
SSH
24. Someone whose hacking is primarily targeted at the phone systems
Phreaker
COOP
CIA
ALE (Annualized Loss Expectancy)
25. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
VLANs
Firewall types
Schema
CD-Rom
26. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
/etc/passwd
Private Addressing
Risk Analysis
Replay
27. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Salami Slicing
Finger printing
SLE (Single Loss Expectancy or Exposure)
Trademark
28. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
SSH
Virtual Memory/Pagefile.sys
Compiler
War dialing
29. Internet Architecture Board. This board is responsible for protecting the Internet.
IAB
Illegal/Unethical
Sabotage
Hardware
30. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Degausser
CHAP
Key Escrow
Centralized
31. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
CIO
Security Awareness Training
DHCP
Virtual Memory/Pagefile.sys
32. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Logic bomb
Common criteria
CRC (Cyclic Redundancy Check)
Twisted pair
33. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
PAP (Password Authentication Protocol)
Multithreading
Hacker
UUEncode
34. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Coax
ARP (Address Resolution Protocol)
Callback Security/Call Forwarding
Sniffing
35. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Private Addressing
Normalization
TCB
Tailgating / Piggybacking
36. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
SYN Flood
Accountability
Skipjack
Cold Site
37. To not be legal (as far as law is concerned) or ethical
UUEncode
PKI
Illegal/Unethical
Java
38. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Dogs
Encryption
WTLS (Wireless Transport Layer Security)
Honey pot
39. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
CGI (The Common Gateway Interface)
Caesar Cipher
Fiber optic
Copyright
40. A network that mimics the brain
Open network
Artificial Neural Networks (ANN)
Patriot Act
SESAME
41. Occupant Emergency Plan - Employees are the most important!
OEP
SQL (Structured Query Language)
TEMPEST
Block cipher
42. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Service packs
TCSEC
Due Diligence
Cryptanalysis
43. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Username/password
Logic bomb
Scanning
Multiprocessing
44. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
DMZ
Routers
Classes of IP networks
Polymorphism
45. The person that determines the permissions to files. The data owner.
Risk Analysis
Sniffing
War dialing
Owner
46. In cryptography - it is a block cipher
Skipjack
Certification
DDOS
Cookies
47. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Software librarian
Tokens
Security Perimeter
Routers
48. Someone who hacks
Burden of Proof
Embezzlement
Hacker
SLE (Single Loss Expectancy or Exposure)
49. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Termination procedures
ROT-13
Object Oriented Programming
Symmetric
50. Encompasses Risk Analysis and Risk Mitigation
Dogs
Toneloc
Software
Risk Management