Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Social engineering
EF (Exposure Factor)
Buffer overflow
Clipping levels

2. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Birthday attack
Trademark
War driving
FAR/FRR/CER

3. A sandbox. Emulates an operating environment.
Classes of IP networks
Virtual machine
Block cipher
ARO (Annualized Rate of Occurrence)

4. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Sniffing
VPN (Virtual Private Network)
Symmetric
AES (Advanced Encryption Standard)

5. Repeats the signal. It amplifies the signal before sending it on.
Expert systems
Asymmetric
Polymorphic
Repeaters

6. Motive - Opportunity - and Means. These deal with crime.
MOM
Probing
Base-64
Dumpster diving

7. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Trap Door
Hacker
Expert systems
Spoofing

8. Dialing fixed sets telephone numbers looking for open modem connections to machines
Script
Multithreading
Exit interview
War dialing

9. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Two-Factor Authentication
Motion detector
Centralized
Hearsay Evidence

10. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Echelon
Data remanence
Normalization
Fences

11. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
CEO
Switches / Bridges
Skipjack
Buffer overflow

12. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Data Mart
Job rotation
Logic bomb
Authentication

13. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Identification
TCP Wrappers
Tailgating / Piggybacking
Security kernel

14. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Transposition
Hot Site
Username/password
Fraggle

15. The process of reducing your risks to an acceptable level based on your risk analysis
Trap Door
Risk Mitigation
Kerberos
Digest

16. In cryptography - it is a block cipher
DOS
Authorization creep
Skipjack
Hubs

17. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
DAD
Noise & perturbation
DCOM
Separation of duties

18. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
DMZ
WAP (Wireless Application Protocol)
Mandatory vacation
SSL/TLS

19. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
CEO
Boot-sector Virus
Digital certificates
Firewall types

20. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Risk Mitigation
Risk Analysis
Spoofing
OSI Model

21. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Cookies
Phreaker
PAP (Password Authentication Protocol)
Technical - Administrative - Physical

22. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
CIRT
Expert System
Exit interview
Masquerade

23. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Covert channels
Patent
Warm Site
Dictionary Attack

24. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Classes of IP networks
Smurf
Object Oriented Programming
TCP Wrappers

25. Using ICMP to diagram a network
RAM (Random-access memory)
Probing
Checksum
Accreditation

26. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Halon
Quantitative
Passive attacks
Copyright

27. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CCTV
Repeaters
Exit interview
CD-Rom

28. These viruses usually infect both boot records and files.
Multipartite
Skipjack
BIOS
Risk Transferring

29. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Authorization
Keystroke logging
ALE (Annualized Loss Expectancy)
Security Awareness Training

30. Common Object Request Broker Architecture.
Non-repudiation
CORBA
Kerberos
DAD

31. A war dialing utility
Switches / Bridges
SQL (Structured Query Language)
Patriot Act
Toneloc

32. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
Sabotage
Finger printing
ALE (Annualized Loss Expectancy)

33. CISSPs subscribe to a code of ethics for building up the security profession
Open network
Finger scanning
Content dependant
Code of ethics

34. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Degausser
Packet Sniffing
Attenuation
Privacy Act of 1974

35. Closed Circuit Television
Risk Acceptance
CCTV
Software librarian
COOP

36. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Object Oriented Programming
CIRT
SLE (Single Loss Expectancy or Exposure)
Raid 0 - 1 - 3 - 5

37. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Buffer overflow
Transposition
UUEncode
CEO

38. Scanning the airwaves for radio transmissions
Trap Door
CIA
Scanning
Bugtraq

39. When security is managed at many different points in an organization
Keystroke logging
Risk Transferring
Decentralized
Repeaters

40. An instance of a scripting language
Script
COOP
Well-known ports
Noise & perturbation

41. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Logic bomb
Passive attacks
Wiretapping

42. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Diffie-Hellman
Active attacks
/etc/passwd
Rolling hot sites

43. A network entity that provides a single entrance / exit point to the Internet.
Keystroke logging
Bastion hosts
Fraud
Inference

44. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Dogs
Coax
Halon
EF (Exposure Factor)

45. Distributed Component Object Model. Microsoft's implementation of CORBA.
WTLS (Wireless Transport Layer Security)
Smurf
Malware
DCOM

46. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Owner
Accreditation
CRC (Cyclic Redundancy Check)
Motion detector

47. The person that controls access to the data
Enticement
Custodian
Clipping levels
Digest

48. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
SQL (Structured Query Language)
Audit Trail
CEO
MOM

49. Ethernet - Cat5 - Twisted to allow for longer runs.
Accountability
Twisted pair
Phreaker
Motion detector

50. Animals with teeth. Not as discriminate as guards
Dogs
Fiber optic
Script
Hacker