SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Entails planning and system actions to ensure that a project is following good quality management practices
DNS cache poisoning
Wiretapping
Java
Quality Assurance
2. Software designed to infiltrate or damage a computer system - without the owner's consent.
Halon
IRC
l0pht
Malware
3. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Fraggle
Tort
TCP Wrappers
Accreditation
4. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Warm Site
Entrapment
CRC (Cyclic Redundancy Check)
Digital signing
5. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Authorization creep
RAM (Random-access memory)
Key Escrow
Authorization
6. A sandbox. Emulates an operating environment.
Expert systems
Packet Sniffing
Virtual machine
Owner
7. The real cost of acquiring/maintaining/developing a system
RAM (Random-access memory)
Centralized
FAR/FRR/CER
Asset Value
8. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
Back door/ trap door/maintenance hook
NAT
Granularity
9. Enticing people to hit your honeypot to see how they try to access your system.
VLANs
Trojan horses
Enticement
Digital certificates
10. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
DDOS
Salami Slicing
Acceptable use
Polymorphism
11. Be at least 8 foot tall and have three strands of barbed wire.
Closed network
Fences
Phreaker
Normalization
12. Closed Circuit Television
Separation of duties
Salami Slicing
CRC (Cyclic Redundancy Check)
CCTV
13. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Multithreading
Rijndael
DNS cache poisoning
Finger printing
14. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Motion detector
Software librarian
Attenuation
PKI
15. Motive - Opportunity - and Means. These deal with crime.
Hubs
Tailgating / Piggybacking
Script kiddies
MOM
16. To not be legal (as far as law is concerned) or ethical
OEP
Diffie-Hellman
Illegal/Unethical
DMZ
17. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
ROM (Read-only memory)
Service packs
ARP (Address Resolution Protocol)
Fire extinguisher
18. Random Number Base
Nonce
Script
l0pht
DDOS
19. In a separation of duties model - this is where code is checked in and out
PKI
MOM
Cold Site
Software librarian
20. Making individuals accountable for their actions on a system typically through the use of auditing
Object Oriented Programming
Risk Analysis
Change management
Accountability
21. The process of reducing your risks to an acceptable level based on your risk analysis
Reciprocal agreement
Risk Mitigation
Trojan horses
Back door/ trap door/maintenance hook
22. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
War driving
Man trap
Inference
Script kiddies
23. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Out of band
Bugtraq
Certification
SSO (Single sign-on)
24. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Salami Slicing
SYN Flood
Packet Sniffing
Degausser
25. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Cyphertext only
Diffie-Hellman
Inference
Toneloc
26. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Expert System
Security kernel
Skipjack
Illegal/Unethical
27. The act of identifying yourself. Providing your identity to a system
CHAP
Identification
PKI
Fire extinguisher
28. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Logic bomb
Centralized
SSL/TLS
Hot Site
29. Accepting all packets
Centralized
Fiber optic
Promiscuous mode
Firewall types
30. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Hoax
Scanning
AES (Advanced Encryption Standard)
31. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Normalization
Accountability
Penetration testing
Format 7 times
32. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
Service packs
Logic bomb
SSH
33. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Asymmetric
MitM
Aggregation
Hubs
34. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
WAP (Wireless Application Protocol)
Nonce
Copyright
Degausser
35. CISSPs subscribe to a code of ethics for building up the security profession
Honey pot
Caesar Cipher
Software development lifecycle
Code of ethics
36. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
DNS cache poisoning
MitM
Change management
Java
37. Public Key Infrastructure
TACACS (Terminal access controller access control system)
Incentive programs
Dumpster diving
PKI
38. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Brute Force
Dumpster diving
Social engineering
Virtual Memory/Pagefile.sys
39. A network that mimics the brain
l0pht
Sabotage
Artificial Neural Networks (ANN)
Enticement
40. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Two-Factor Authentication
NAT
Common criteria
Decentralized
41. Relating to quality or kind. This assigns a level of importance to something.
Burden of Proof
Enticement
NAT
Qualitative
42. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Trap Door
MOM
Risk Analysis
Data Mart
43. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
OLE
Call tree
Noise & perturbation
Well-known ports
44. A military standard defining controls for emanation protection
Hacker
Due Care
Multitasking
TEMPEST
45. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Schema
Back door/ trap door/maintenance hook
Debug
RADIUS (Remote authentication dial-in user service)
46. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Guards
Closed network
Sniffing
Switches / Bridges
47. Providing verification to a system
Toneloc
Custodian
Authentication
Sabotage
48. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
SSL/TLS
CIA
Cyphertext only
Multitasking
49. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
l0pht
Hubs
Telnet
Block cipher
50. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Object Oriented Programming
Hackers
Joke
Hacker
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests