SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Accepting all packets
Promiscuous mode
Penetration testing
VPN (Virtual Private Network)
SSL/TLS
2. A military standard defining controls for emanation protection
TEMPEST
SSO (Single sign-on)
Code of ethics
ROT-13
3. Occupant Emergency Plan - Employees are the most important!
Job rotation
Change management
OEP
Trap Door
4. Animals with teeth. Not as discriminate as guards
Attenuation
Copyright
Keystroke logging
Dogs
5. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Teardrop
DDOS
SSL/TLS
Format 7 times
6. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fire extinguisher
Security through obscurity
Decentralized
Encryption
7. Must be in place for you to use a biometric system
Finger printing
Biometric profile
Risk Transferring
Software librarian
8. Relating to quality or kind. This assigns a level of importance to something.
ROT-13
Qualitative
Custodian
Fences
9. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Hardware
NAT
Phreaker
CIRT
10. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Data remanence
Termination procedures
DHCP
Brute Force
11. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
VLANs
Kerberos
Covert channels
12. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Smurf
CGI (The Common Gateway Interface)
Tort
Aggregation
13. The person that determines the permissions to files. The data owner.
Detective - Preventive - Corrective
CORBA
DHCP
Owner
14. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Switches / Bridges
Skipjack
OLE
Object Oriented Programming
15. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Worm
Decentralized
Block cipher
Echelon
16. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Risk Analysis
Fraud
PKI
Scanning
17. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
CORBA
Fraud
Vulnerability analysis tools
Technical - Administrative - Physical
18. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
Technical - Administrative - Physical
Routers
Finger scanning
19. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Burden of Proof
Logic bomb
Quality Assurance
CIO
20. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
MitM
Entrapment
Dumpster diving
Data Mart
21. Motive - Opportunity - and Means. These deal with crime.
MOM
OLE
Decentralized
Security Perimeter
22. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Artificial Neural Networks (ANN)
Normalization
Cold Site
Brewer-Nash model
23. Computer Incident Response Team
VLANs
Halon
CIRT
Virtual machine
24. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Well-known ports
Hacker
CORBA
Cyphertext only
25. Same as a block cipher except that it is applied to a data stream one bit at a time
Worm
Two-Factor Authentication
Stream cipher
Fraggle
26. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Diffie-Hellman
Due Care
Clipper Chip
Throughput of a Biometric System
27. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Skipjack
Script kiddies
War driving
Sabotage
28. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Audit Trail
Due Diligence
SESAME
Session Hijacking
29. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Keystroke logging
Qualitative
Granularity
Java
30. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
Digest
Joke
Multiprocessing
31. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Attenuation
IAB
Mandatory vacation
32. Personal - Network - and Application
Firewall types
War dialing
CIA
IAB
33. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Block cipher
Keystroke logging
Copyright
Covert channels
34. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
BIOS
Logic bomb
Hot Site
Authentication
35. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Cryptanalysis
DOS
Biometrics
Promiscuous mode
36. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
CGI (The Common Gateway Interface)
Expert System
Custodian
37. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
EF (Exposure Factor)
Sniffing
Content dependant
DOS
38. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Detective - Preventive - Corrective
Joke
Well-known ports
BIOS
39. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
ROT-13
War dialing
SESAME
Fraud
40. Setting up the user to access the honeypot for reasons other than the intent to harm.
Virtual Memory/Pagefile.sys
Biometric profile
Dumpster diving
Entrapment
41. A hidden communications channel on a system that allows for the bypassing of the system security policy
Covert channels
WAP (Wireless Application Protocol)
Hash
Eavesdropping
42. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
BIA
Boot-sector Virus
Scanning
Out of band
43. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Session Hijacking
Data Mart
War driving
COOP
44. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Back door/ trap door/maintenance hook
NAT
Risk Analysis
Symmetric
45. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Accreditation
UUEncode
Joke
Multipartite
46. The frequency with which a threat is expected to occur.
Debug
Base-64
Probing
ARO (Annualized Rate of Occurrence)
47. A sandbox. Emulates an operating environment.
Multiprocessing
RADIUS (Remote authentication dial-in user service)
Virtual machine
Multitasking
48. Internet Relay Chat.
Malware
Sabotage
War driving
IRC
49. Enticing people to hit your honeypot to see how they try to access your system.
DMZ
Data remanence
DHCP
Enticement
50. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Java
Firewall types
Software
CRC (Cyclic Redundancy Check)
