SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Brute Force
Trojan horses
Reciprocal agreement
Firewall types
2. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Smart cards
Teardrop
Worm
Hash
3. This is an open international standard for applications that use wireless communications.
Worm
Hacker
WAP (Wireless Application Protocol)
CORBA
4. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Change management
ROT-13
Format 7 times
Wiretapping
5. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Hearsay Evidence
Guards
Patriot Act
Buffer overflow
6. White hat l0pht
War dialing
Spoofing
Well-known ports
Bugtraq
7. When one key of a two-key pair has more encryption pattern than the other
Asymmetric
Motion detector
DHCP
Script
8. When security is managed at a central point in an organization
ROM (Read-only memory)
Non-repudiation
BIA
Centralized
9. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Carnivore
Stream cipher
Degausser
Eavesdropping
10. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Coax
Brute Force
SSO (Single sign-on)
11. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Security through obscurity
Software development lifecycle
Digest
Exit interview
12. These can be used to verify that public keys belong to certain individuals.
Digital certificates
Hubs
Entrapment
Fraggle
13. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Dogs
Boot-sector Virus
Cookies
ROM (Read-only memory)
14. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Encryption
Well-known ports
Cyphertext only
Hash
15. Network devices that operate at layer 3. This device separates broadcast domains.
DOS
Routers
Software librarian
Incentive programs
16. Rolling command center with UPS - satellite - uplink - power - etc.
Crosstalk
Rolling hot sites
Tokens
Classes of IP networks
17. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
DOS
Hardware
RAM (Random-access memory)
Security Awareness Training
18. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
DOS
Encryption
DNS cache poisoning
ALE (Annualized Loss Expectancy)
19. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
CCTV
Penetration testing
Artificial Neural Networks (ANN)
CGI (The Common Gateway Interface)
20. Continuation of Operations Plan
Fraggle
Hoax
Rijndael
COOP
21. Computer Incident Response Team
Covert channels
CIRT
Debug
Security Perimeter
22. Repeats the signal. It amplifies the signal before sending it on.
UUEncode
BIA
Repeaters
Patent
23. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Content dependant
Man trap
Trademark
Fiber optic
24. In cryptography - it is a block cipher
Qualitative
Degausser
Asset Value
Skipjack
25. A network that mimics the brain
ROM (Read-only memory)
Artificial Neural Networks (ANN)
Covert channels
Birthday attack
26. Be at least 8 foot tall and have three strands of barbed wire.
SSH
Attenuation
Enticement
Fences
27. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Mandatory vacation
Quantitative
Privacy Act of 1974
Object Oriented Programming
28. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
Stream cipher
Exit interview
Patriot Act
29. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Software
BIA
Brute Force
ROM (Read-only memory)
30. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Replay
AES (Advanced Encryption Standard)
Covert channels
Raid 0 - 1 - 3 - 5
31. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Man trap
Acceptable use
Artificial Neural Networks (ANN)
Masquerade
32. The person that determines the permissions to files. The data owner.
Phreaker
Owner
RADIUS (Remote authentication dial-in user service)
Multithreading
33. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Cold Site
Risk Analysis
Block cipher
Attenuation
34. A hidden communications channel on a system that allows for the bypassing of the system security policy
Trojan horses
Covert channels
Owner
Digest
35. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
Noise & perturbation
Debug
SYN Flood
36. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Caesar Cipher
Software development lifecycle
Kerberos
Technical - Administrative - Physical
37. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Kerberos
Embezzlement
Accreditation
Patriot Act
38. Also civil law
Tort
DNS cache poisoning
Common criteria
Checksum
39. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
SLE (Single Loss Expectancy or Exposure)
Diffie-Hellman
NAT
Tailgating / Piggybacking
40. A network that uses proprietary protocols
Technical - Administrative - Physical
/etc/passwd
Closed network
AES (Advanced Encryption Standard)
41. Must be in place for you to use a biometric system
Cookies
Wiretapping
Biometric profile
Finger scanning
42. After implementing countermeasures - accepting risk for the amount of vulnerability left over
BIA
Risk Acceptance
Debug
Boot-sector Virus
43. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Active attacks
Change management
Symmetric
Penetration testing
44. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Transposition
Noise & perturbation
Block cipher
Exit interview
45. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Teardrop
Hearsay Evidence
BIA
Raid 0 - 1 - 3 - 5
46. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Tailgating / Piggybacking
NAT
BIOS
Wiretapping
47. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Data Mart
Echelon
Hoax
Active attacks
48. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Object Oriented Programming
Digital certificates
SQL (Structured Query Language)
Substitution
49. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Multipartite
Authentication
Repeaters
MitM
50. Component Object Model.
COM
Man trap
Authorization creep
Bugtraq
