SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Hacker
Replay
Repeaters
2. Jumping into dumpsters to retrieve information about someone/something/a company
DDOS
Dumpster diving
Termination procedures
Crosstalk
3. Chief Information Officer
Salami Slicing
Replay
CIO
Two-Factor Authentication
4. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Non-repudiation
Repeaters
Aggregation
Teardrop
5. A network that mimics the brain
ALE (Annualized Loss Expectancy)
Brute force
Artificial Neural Networks (ANN)
CCTV
6. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Software librarian
BIA
CD-Rom
Spoofing
7. Relating to quality or kind. This assigns a level of importance to something.
Software
Authentication
Qualitative
Throughput of a Biometric System
8. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Brewer-Nash model
Illegal/Unethical
Decentralized
FAR/FRR/CER
9. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Degausser
SSO (Single sign-on)
Fire extinguisher
Compiler
10. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Fraggle
Inference
DDOS
Social engineering
11. Public Key Infrastructure
Security Perimeter
DOS
PKI
SYN Flood
12. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Copyright
RAM (Random-access memory)
Crosstalk
Sabotage
13. A system designed to stop piggybacking.
Risk Management
Man trap
CORBA
Firewall types
14. Defines the objects and their attributes that exist in a database.
MOM
Routers
Schema
Aggregation
15. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Authorization creep
Hearsay Evidence
Debug
Copyright
16. The intercepting of conversations by unintended recipients
Cookies
Senior Management
Eavesdropping
Polymorphism
17. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Base-64
Buffer overflow
Packet Sniffing
Sabotage
18. Scanning the airwaves for radio transmissions
Scanning
Security kernel
Dumpster diving
RAM (Random-access memory)
19. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Job rotation
Decentralized
DHCP
BIOS
20. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Degausser
/etc/passwd
Smurf
Classes of IP networks
21. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Firewall types
Well-known ports
SESAME
Enticement
22. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Vulnerability analysis tools
Salami Slicing
Aggregation
Finger scanning
23. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Code of ethics
Burden of Proof
Masquerade
Dumpster diving
24. Confidentiality - Integrity - and Availability
CIA
Trademark
DDOS
Firewall types
25. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Software librarian
Masquerade
COM
ROT-13
26. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Sniffing
Tokens
Motion detector
Common criteria
27. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Honey pot
/etc/passwd
IAB
Due Care
28. When security is managed at many different points in an organization
Asymmetric
CRC (Cyclic Redundancy Check)
Joke
Decentralized
29. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Toneloc
TACACS (Terminal access controller access control system)
DNS cache poisoning
Raid 0 - 1 - 3 - 5
30. A mechanism by which connections to TCP services on a system are allowed or disallowed
NAT
Termination procedures
TCP Wrappers
Due Diligence
31. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Qualitative
Script kiddies
Risk Management
Expert systems
32. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Dogs
Object Oriented Programming
Asymmetric
Patent
33. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
Code of ethics
Due Care
OLE
34. Dialing fixed sets telephone numbers looking for open modem connections to machines
Substitution
Illegal/Unethical
Security kernel
War dialing
35. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SSO (Single sign-on)
Brute force
Mandatory vacation
FAR/FRR/CER
36. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
ISDN (Integrated Services Digital Network)
Biometrics
Logic bomb
Fiber optic
37. Computer Incident Response Team
CIRT
SQL (Structured Query Language)
Base-64
Content dependant
38. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
OSI Model
Aggregation
Risk Analysis
Caesar Cipher
39. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Security through obscurity
Wiretapping
Trojan horses
Termination procedures
40. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
CIRT
Dogs
Substitution
Software
41. In cryptanalysis - a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities. In most schemes - the theoretical possibility of a brute force attack is recognised - but it is set up in such a way th
Security kernel
Brute force
Schema
Due Diligence
42. Basic Input/Output System
Data Mart
Eavesdropping
BIOS
TACACS (Terminal access controller access control system)
43. A network that uses standard protocols (TCP/IP)
NAT
Open network
Decentralized
Digest
44. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Risk Transferring
Birthday attack
MOM
ALE (Annualized Loss Expectancy)
45. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Carnivore
Rolling hot sites
Penetration testing
OLE
46. Same as a block cipher except that it is applied to a data stream one bit at a time
Coax
Entrapment
Stream cipher
Man trap
47. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Brewer-Nash model
Digital signing
IRC
Quantitative
48. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Finger printing
SQL (Structured Query Language)
Inference
Hacker
49. In the broadest sense - a fraud is a deception made for personal gain
Java
Trade Secret
Fraud
Exit interview
50. Method of authenticating to a system. Something that you supply and something you know.
Promiscuous mode
User
Username/password
SESAME
