SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Rolling command center with UPS - satellite - uplink - power - etc.
Firmware
Rolling hot sites
Patriot Act
DOS
2. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Asymmetric
Debug
Transposition
3. A network that uses standard protocols (TCP/IP)
Username/password
Open network
Artificial Neural Networks (ANN)
Trap Door
4. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Attenuation
Degausser
Security through obscurity
Aggregation
5. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Username/password
Worm
Granularity
Finger scanning
6. Access control method for database based on the content of the database to provide granular access
SYN Flood
Custodian
Centralized
Content dependant
7. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
TACACS (Terminal access controller access control system)
TCSEC
ISDN (Integrated Services Digital Network)
Teardrop
8. The real cost of acquiring/maintaining/developing a system
Schema
Asset Value
Well-known ports
Artificial Neural Networks (ANN)
9. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Certification
Birthday attack
Transposition
Fraggle
10. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
CIO
Passive attacks
SLE (Single Loss Expectancy or Exposure)
MOM
11. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Back door/ trap door/maintenance hook
Raid 0 - 1 - 3 - 5
Patent
Coax
12. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Birthday attack
CIRT
Virtual machine
Reciprocal agreement
13. Assuming someone's session who is unaware of what you are doing
Multiprocessing
EF (Exposure Factor)
Session Hijacking
Teardrop
14. To not be legal (as far as law is concerned) or ethical
ISDN (Integrated Services Digital Network)
ROM (Read-only memory)
Illegal/Unethical
Salami Slicing
15. Emanations from one wire coupling with another wire
Software development lifecycle
Crosstalk
Closed network
Aggregation
16. Good for distance - longer than 100M
Macro
Code of ethics
Object Oriented Programming
Coax
17. A RFC standard. A mechanism for performing commands on a remote system
Noise & perturbation
OEP
Base-64
Telnet
18. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
ARO (Annualized Rate of Occurrence)
Firewall types
AES (Advanced Encryption Standard)
Trojan horses
19. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Authentication
CIRT
Username/password
Software
20. Network device that operates at layer 1. Concentrator.
Worm
Enticement
TACACS (Terminal access controller access control system)
Hubs
21. Distributed Component Object Model. Microsoft's implementation of CORBA.
Teardrop
SLE (Single Loss Expectancy or Exposure)
DCOM
ARO (Annualized Rate of Occurrence)
22. The user
Rijndael
Social engineering
User
Active attacks
23. A site that is ready physically but has no hardware in place - all it has is HVAC
Cold Site
ARO (Annualized Rate of Occurrence)
BIOS
Fraggle
24. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
DHCP
SSO (Single sign-on)
Buffer overflow
Certification
25. Defines the objects and their attributes that exist in a database.
Switches / Bridges
Schema
Privacy Act of 1974
Trademark
26. Accepting all packets
Kerberos
Accountability
l0pht
Promiscuous mode
27. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Back door/ trap door/maintenance hook
WTLS (Wireless Transport Layer Security)
Hubs
ROT-13
28. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Classes of IP networks
SESAME
Termination procedures
Active attacks
29. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Packet Sniffing
Social engineering
Sniffing
Classes of IP networks
30. The intercepting of conversations by unintended recipients
Eavesdropping
Trade Secret
Finger scanning
Repeaters
31. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Virtual machine
Hackers
DDOS
Quantitative
32. Once authenticated - the level of access you have to a system
Authorization
CEO
Brewer-Nash model
Malware
33. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
CIO
Nonce
ISDN (Integrated Services Digital Network)
User
34. The frequency with which a threat is expected to occur.
UUEncode
ARO (Annualized Rate of Occurrence)
DDOS
Acceptable use
35. Network devices that operate at layer 3. This device separates broadcast domains.
Separation of duties
Routers
Stream cipher
Brute force
36. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Motion detector
Boot-sector Virus
Well-known ports
Digital certificates
37. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Toneloc
Smurf
Java
Qualitative
38. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Acceptable use
Trademark
Compiler
Telnet
39. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
TCSEC
PAP (Password Authentication Protocol)
Debug
40. Entails planning and system actions to ensure that a project is following good quality management practices
Illegal/Unethical
Common criteria
Covert channels
Quality Assurance
41. A system designed to stop piggybacking.
Man trap
IRC
RADIUS (Remote authentication dial-in user service)
Switches / Bridges
42. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Hackers
Block cipher
Coax
Man trap
43. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Bastion hosts
Honey pot
Multiprocessing
Quality Assurance
44. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Quantitative
Worm
ActiveX Object Linking and Embedding
DDOS
45. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
CIO
Data Mart
Software development lifecycle
Smurf
46. Jumping into dumpsters to retrieve information about someone/something/a company
DDOS
TACACS (Terminal access controller access control system)
Dumpster diving
Fraud
47. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Audit Trail
Certification
Block cipher
WTLS (Wireless Transport Layer Security)
48. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Expert System
Rolling hot sites
CORBA
Security Perimeter
49. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Security kernel
Exit interview
Inference
Classes of IP networks
50. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
WTLS (Wireless Transport Layer Security)
DMZ
SSL/TLS
Brute force