SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Motive - Opportunity - and Means. These deal with crime.
MOM
Expert systems
Biometric profile
Detective - Preventive - Corrective
2. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Expert System
Hardware
Digest
Phreaker
3. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Job rotation
Tort
Logic bomb
Noise & perturbation
4. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
VLANs
Trade Secret
Cyphertext only
Risk Transferring
5. Be at least 8 foot tall and have three strands of barbed wire.
Spoofing
Teardrop
Mandatory vacation
Fences
6. Object Linking and Embedding. The ability of an object to be embedded into another object.
Normalization
Spoofing
OLE
Man trap
7. When one key of a two-key pair has more encryption pattern than the other
Smurf
Asymmetric
Hash
Vulnerability analysis tools
8. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
l0pht
Keystroke logging
Debug
Probing
9. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
BIOS
Raid 0 - 1 - 3 - 5
Crosstalk
Nonce
10. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
BIOS
Polymorphic
/etc/passwd
TEMPEST
11. Computer Incident Response Team
Logic bomb
Fraud
CIRT
Stream cipher
12. Also civil law
Code of ethics
CIA
Copyright
Tort
13. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Patent
Call tree
Script kiddies
DHCP
14. Reasonable doubt
CD-Rom
MitM
Routers
Burden of Proof
15. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
Passive attacks
Clipper Chip
Carnivore
16. The real cost of acquiring/maintaining/developing a system
Private Addressing
DMZ
Asset Value
Due Care
17. Animals with teeth. Not as discriminate as guards
Dogs
Smart cards
RAM (Random-access memory)
MOM
18. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
FAR/FRR/CER
CGI (The Common Gateway Interface)
Diffie-Hellman
ALE (Annualized Loss Expectancy)
19. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Security through obscurity
Polymorphic
Biometrics
RADIUS (Remote authentication dial-in user service)
20. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Normalization
SYN Flood
Hubs
Data remanence
21. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
DOS
Senior Management
MitM
Expert System
22. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Caesar Cipher
CIA
Sabotage
DMZ
23. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Covert channels
Exit interview
Software librarian
Risk Mitigation
24. Accepting all packets
Rijndael
Format 7 times
Promiscuous mode
Risk Acceptance
25. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Kerberos
Centralized
Hacker
DMZ
26. A gas used in fire suppression. Not human safe. Chemical reaction.
SESAME
Halon
Username/password
Qualitative
27. A sandbox. Emulates an operating environment.
Virtual machine
Expert System
Debug
TCSEC
28. Transferring your risk to someone else - typically an insurance company
Hubs
EF (Exposure Factor)
PAP (Password Authentication Protocol)
Risk Transferring
29. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
COOP
CHAP
FAR/FRR/CER
Audit Trail
30. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Hubs
Patriot Act
Key Escrow
WTLS (Wireless Transport Layer Security)
31. The act of identifying yourself. Providing your identity to a system
Identification
Reciprocal agreement
Digest
Macro
32. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
ROM (Read-only memory)
FAR/FRR/CER
Illegal/Unethical
Motion detector
33. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Accreditation
Format 7 times
DNS cache poisoning
Patent
34. A technique to eliminate data redundancy.
Birthday attack
Normalization
War driving
Hot Site
35. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Script
Granularity
Base-64
Technical - Administrative - Physical
36. Confidentiality - Integrity - and Availability
Expert systems
Cold Site
Promiscuous mode
CIA
37. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
TCP Wrappers
Authorization
Patriot Act
Cyphertext only
38. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
Audit Trail
Hot Site
ROT-13
39. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
Normalization
Software development lifecycle
Spoofing
Polymorphism
40. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
TACACS (Terminal access controller access control system)
Data Mart
Active attacks
Diffie-Hellman
41. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
CCTV
TCB
Masquerade
42. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Schema
Technical - Administrative - Physical
Digital certificates
l0pht
43. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Detective - Preventive - Corrective
CEO
CIA
Identification
44. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Coax
/etc/passwd
OEP
Active attacks
45. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Fraud
Raid 0 - 1 - 3 - 5
Clipper Chip
46. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
UUEncode
Common criteria
Honey pot
Open network
47. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Halon
Hackers
Firmware
Fences
48. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Classes of IP networks
Worm
Social engineering
Motion detector
49. Signal degradation as it moves farther from its source
SESAME
Attenuation
Enticement
TCB
50. These can be used to verify that public keys belong to certain individuals.
Service packs
Authentication
Mandatory vacation
Digital certificates
