SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Dictionary Attack
SQL (Structured Query Language)
IAB
Java
2. When two or more processes are linked and execute multiple programs simultaneously
Cold Site
Multiprocessing
Firewall types
Clipping levels
3. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Object Oriented Programming
Script
TCB
NAT
4. The frequency with which a threat is expected to occur.
ARO (Annualized Rate of Occurrence)
Telnet
Detective - Preventive - Corrective
BIOS
5. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
ActiveX Object Linking and Embedding
Back door/ trap door/maintenance hook
Accreditation
Penetration testing
6. Occupant Emergency Plan - Employees are the most important!
Hacker
Security Perimeter
Granularity
OEP
7. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Technical - Administrative - Physical
Out of band
Risk Analysis
Authorization creep
8. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Centralized
Kerberos
TCSEC
CHAP
9. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Tort
SYN Flood
Call tree
Senior Management
10. When security is managed at a central point in an organization
WTLS (Wireless Transport Layer Security)
Software librarian
Termination procedures
Centralized
11. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Qualitative
NAT
Certification
Multitasking
12. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Repeaters
Non-repudiation
Tailgating / Piggybacking
Code of ethics
13. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Classes of IP networks
CORBA
UUEncode
Schema
14. Random Number Base
Boot-sector Virus
Eavesdropping
Nonce
Phreaker
15. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Logic bomb
Twisted pair
RAM (Random-access memory)
Senior Management
16. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Copyright
Social engineering
Username/password
17. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Mandatory vacation
Granularity
Patent
Expert systems
18. In cryptography - it is a block cipher
Skipjack
DHCP
Reciprocal agreement
CIO
19. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Risk Acceptance
Authentication
Noise & perturbation
ALE (Annualized Loss Expectancy)
20. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Patent
Noise & perturbation
Java
Trap Door
21. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Wiretapping
Well-known ports
SLE (Single Loss Expectancy or Exposure)
ARP (Address Resolution Protocol)
22. Access control method for database based on the content of the database to provide granular access
CD-Rom
Content dependant
CIA
l0pht
23. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
NAT
Bastion hosts
Multiprocessing
VLANs
24. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Non-repudiation
Session Hijacking
Smart cards
Service packs
25. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Custodian
ActiveX Object Linking and Embedding
Smart cards
Callback Security/Call Forwarding
26. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Dogs
l0pht
NAT
Aggregation
27. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Cold Site
Hash
Firmware
Security through obscurity
28. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Two-Factor Authentication
DCOM
Script
Classes of IP networks
29. 'If you cant see it - its secure'. Bad policy to live by.
TEMPEST
Non-repudiation
Security through obscurity
Security Awareness Training
30. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Malware
Honey pot
Buffer overflow
l0pht
31. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Encryption
Skipjack
War driving
/etc/passwd
32. Scanning the airwaves for radio transmissions
Scanning
Patriot Act
Cookies
CIA
33. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Logic bomb
Hacker
DMZ
Trojan horses
34. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Switches / Bridges
DOS
SESAME
Change management
35. Network Address Translation
Skipjack
NAT
Due Care
Promiscuous mode
36. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Common criteria
ROT-13
SYN Flood
Job rotation
37. These can be used to verify that public keys belong to certain individuals.
Digital certificates
BIA
Security kernel
Echelon
38. Internet Architecture Board. This board is responsible for protecting the Internet.
Asset Value
Cold Site
BIA
IAB
39. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Asymmetric
Biometric profile
Acceptable use
Digital certificates
40. Once authenticated - the level of access you have to a system
Risk Transferring
Smart cards
DOS
Authorization
41. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Hot Site
SSO (Single sign-on)
FAR/FRR/CER
TCSEC
42. In the broadest sense - a fraud is a deception made for personal gain
Incentive programs
Patent
CIRT
Fraud
43. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Key Escrow
Decentralized
EF (Exposure Factor)
Firewall types
44. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Masquerade
CHAP
Scanning
Authorization
45. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Noise & perturbation
Artificial Neural Networks (ANN)
Job rotation
Granularity
46. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Trade Secret
Macro
Firmware
Biometrics
47. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
TACACS (Terminal access controller access control system)
Spoofing
Twisted pair
Job rotation
48. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Software
Data remanence
Bastion hosts
Rijndael
49. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Probing
ISDN (Integrated Services Digital Network)
Cookies
BIA
50. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Well-known ports
Accreditation
Common criteria
VPN (Virtual Private Network)
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests