SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
IAB
Private Addressing
Dogs
Exit interview
2. A system designed to stop piggybacking.
Format 7 times
Man trap
ROM (Read-only memory)
Security Awareness Training
3. This is an open international standard for applications that use wireless communications.
Reciprocal agreement
Multithreading
SQL (Structured Query Language)
WAP (Wireless Application Protocol)
4. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
VPN (Virtual Private Network)
DDOS
l0pht
Joke
5. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Firewall types
Aggregation
Brute force
Senior Management
6. Relating to quality or kind. This assigns a level of importance to something.
Qualitative
Tokens
Substitution
Penetration testing
7. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
AES (Advanced Encryption Standard)
RADIUS (Remote authentication dial-in user service)
Sniffing
ROM (Read-only memory)
8. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Trade Secret
Hash
Separation of duties
Switches / Bridges
9. When security is managed at many different points in an organization
Decentralized
AES (Advanced Encryption Standard)
Throughput of a Biometric System
Fire extinguisher
10. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Hackers
Accountability
Technical - Administrative - Physical
Finger scanning
11. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Clipping levels
Expert systems
Transposition
Halon
12. Setting up the user to access the honeypot for reasons other than the intent to harm.
UUEncode
Key Escrow
Entrapment
Packet Sniffing
13. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Mandatory vacation
Technical - Administrative - Physical
DHCP
Software development lifecycle
14. A site that is ready physically but has no hardware in place - all it has is HVAC
OEP
Switches / Bridges
Quality Assurance
Cold Site
15. Software designed to infiltrate or damage a computer system - without the owner's consent.
Hackers
Eavesdropping
Malware
Termination procedures
16. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
CIO
Motion detector
Aggregation
Hoax
17. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Throughput of a Biometric System
Job rotation
TACACS (Terminal access controller access control system)
Closed network
18. Continuation of Operations Plan
COOP
Asset Value
Multitasking
Reciprocal agreement
19. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Stream cipher
Due Diligence
PKI
Data remanence
20. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Kerberos
COM
Spoofing
Security through obscurity
21. Emanations from one wire coupling with another wire
Hash
CGI (The Common Gateway Interface)
Crosstalk
Brewer-Nash model
22. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Hardware
Logic bomb
Termination procedures
Block cipher
23. Defines the objects and their attributes that exist in a database.
Schema
DDOS
RAM (Random-access memory)
DCOM
24. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
Switches / Bridges
DNS cache poisoning
RADIUS (Remote authentication dial-in user service)
25. Internet Architecture Board. This board is responsible for protecting the Internet.
Masquerade
Normalization
CHAP
IAB
26. A network that uses standard protocols (TCP/IP)
l0pht
COM
Artificial Neural Networks (ANN)
Open network
27. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Inference
Masquerade
Software development lifecycle
28. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
User
Aggregation
Degausser
Owner
29. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
AES (Advanced Encryption Standard)
Finger printing
Key Escrow
30. White hat l0pht
ROM (Read-only memory)
Guards
Polymorphic
Bugtraq
31. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Risk Analysis
TCB
Hardware
Covert channels
32. Network device that operates at layer 1. Concentrator.
Hubs
Asset Value
Checksum
DAD
33. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Termination procedures
Java
Masquerade
Risk Acceptance
34. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Polymorphism
Trojan horses
Firewall types
Clipping levels
35. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Call tree
Senior Management
Raid 0 - 1 - 3 - 5
BIOS
36. Providing verification to a system
MitM
CIO
Authentication
Active attacks
37. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
DNS cache poisoning
Substitution
Risk Analysis
Service packs
38. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
DHCP
Trade Secret
Vulnerability analysis tools
Patriot Act
39. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Packet Sniffing
DNS cache poisoning
Smurf
CGI (The Common Gateway Interface)
40. The output of a hash function is a digest.
OEP
Twisted pair
Digest
Detective - Preventive - Corrective
41. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Keystroke logging
Carnivore
Authentication
Expert System
42. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Data remanence
Hot Site
DDOS
Twisted pair
43. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
MOM
Routers
Clipping levels
TCP Wrappers
44. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Warm Site
OEP
Content dependant
SESAME
45. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Common criteria
Code of ethics
Hot Site
Decentralized
46. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
TCP Wrappers
Finger scanning
Back door/ trap door/maintenance hook
47. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Hubs
Fire extinguisher
War driving
Compiler
48. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Hot Site
Caesar Cipher
Cold Site
Incentive programs
49. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Teardrop
Cryptanalysis
Scanning
Packet Sniffing
50. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
CIA
Mandatory vacation
Masquerade
UUEncode