SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A network that mimics the brain
MOM
Script
TEMPEST
Artificial Neural Networks (ANN)
2. Repeats the signal. It amplifies the signal before sending it on.
Hoax
Wiretapping
Fraud
Repeaters
3. Access control method for database based on the content of the database to provide granular access
Content dependant
DDOS
Two-Factor Authentication
Username/password
4. A sandbox. Emulates an operating environment.
Virtual machine
Senior Management
Format 7 times
SSH
5. Motive - Opportunity - and Means. These deal with crime.
Termination procedures
TCB
MOM
Centralized
6. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Symmetric
Accreditation
Biometrics
Diffie-Hellman
7. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
OLE
Wiretapping
Schema
Risk Transferring
8. Closed Circuit Television
CCTV
Brute force
Software librarian
Transposition
9. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Promiscuous mode
Brute Force
Switches / Bridges
Covert channels
10. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Smart cards
Security through obscurity
Coax
11. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Polymorphic
VPN (Virtual Private Network)
Termination procedures
Call tree
12. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Due Diligence
CORBA
Debug
CCTV
13. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
ARP (Address Resolution Protocol)
PKI
Telnet
Biometrics
14. The user
Detective - Preventive - Corrective
Worm
User
Sabotage
15. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
DMZ
Buffer overflow
Brute Force
Classes of IP networks
16. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
CIO
Change management
Hardware
Smurf
17. The act of identifying yourself. Providing your identity to a system
Identification
Telnet
Firewall types
Content dependant
18. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Well-known ports
Fraggle
CCTV
Passive attacks
19. Relating to quality or kind. This assigns a level of importance to something.
Honey pot
Clipper Chip
Qualitative
Social engineering
20. Internet Relay Chat.
Smart cards
IRC
Biometrics
CIRT
21. Also civil law
Tort
Well-known ports
Brute Force
Boot-sector Virus
22. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Penetration testing
Malware
DMZ
Mandatory vacation
23. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Hardware
Transposition
Phreaker
Audit Trail
24. Object Linking and Embedding. The ability of an object to be embedded into another object.
Risk Transferring
Due Diligence
OSI Model
OLE
25. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Copyright
CHAP
BIOS
Degausser
26. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
SQL (Structured Query Language)
Macro
Phreaker
Keystroke logging
27. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Substitution
SSL/TLS
ARP (Address Resolution Protocol)
Aggregation
28. Emanations from one wire coupling with another wire
Base-64
Centralized
Carnivore
Crosstalk
29. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
SSO (Single sign-on)
User
Fraud
Out of band
30. Scanning the airwaves for radio transmissions
Sniffing
Scanning
Expert System
MOM
31. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Script kiddies
Hash
Man trap
ROM (Read-only memory)
32. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
Risk Mitigation
SSO (Single sign-on)
Rijndael
OSI Model
33. The real cost of acquiring/maintaining/developing a system
Asset Value
SSL/TLS
User
Data remanence
34. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
COOP
Firmware
UUEncode
Raid 0 - 1 - 3 - 5
35. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Kerberos
Bugtraq
Reciprocal agreement
Owner
36. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Tokens
Risk Mitigation
ARO (Annualized Rate of Occurrence)
OSI Model
37. When security is managed at many different points in an organization
Finger scanning
FAR/FRR/CER
Finger printing
Decentralized
38. A site that has some equipment in place - and can be up within days
DAD
/etc/passwd
Patriot Act
Warm Site
39. An attempt to trick the system into believing that something false is real
Clipping levels
Risk Acceptance
User
Hoax
40. Assuming someone's session who is unaware of what you are doing
SSL/TLS
Session Hijacking
Software librarian
Content dependant
41. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Caesar Cipher
Fraud
Encryption
Phreaker
42. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Coax
Motion detector
Reciprocal agreement
AES (Advanced Encryption Standard)
43. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fire extinguisher
EF (Exposure Factor)
Script kiddies
Service packs
44. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Aggregation
CGI (The Common Gateway Interface)
Schema
Due Care
45. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Java
CGI (The Common Gateway Interface)
Noise & perturbation
CIO
46. Once authenticated - the level of access you have to a system
Echelon
Authorization
Repeaters
Dictionary Attack
47. A technique to eliminate data redundancy.
Risk Transferring
Birthday attack
Normalization
Multitasking
48. A system designed to stop piggybacking.
Man trap
Clipping levels
Open network
Multiprocessing
49. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Hot Site
Authorization
SYN Flood
Smart cards
50. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
WAP (Wireless Application Protocol)
Well-known ports
/etc/passwd
Polymorphism
