SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Asset Value
DAD
Data Mart
2. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
EF (Exposure Factor)
Fences
Java
3. Also known as a tunnel)
ROM (Read-only memory)
TCP Wrappers
VPN (Virtual Private Network)
Hot Site
4. The person that controls access to the data
PAP (Password Authentication Protocol)
Worm
Custodian
Fire extinguisher
5. Using ICMP to diagram a network
Identification
Probing
ARO (Annualized Rate of Occurrence)
Classes of IP networks
6. A hidden communications channel on a system that allows for the bypassing of the system security policy
Cryptanalysis
Termination procedures
Covert channels
Session Hijacking
7. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Certification
Debug
Due Diligence
Senior Management
8. Also civil law
TCB
Digital signing
Bastion hosts
Tort
9. Someone who hacks
Hacker
Smart cards
TCSEC
Guards
10. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Tokens
Checksum
CIA
Closed network
11. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Risk Analysis
SSL/TLS
ROM (Read-only memory)
Java
12. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Polymorphism
Eavesdropping
Data remanence
Dumpster diving
13. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
DCOM
Trademark
Qualitative
14. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
War dialing
Object Oriented Programming
Fiber optic
TCB
15. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Call tree
Salami Slicing
SESAME
COOP
16. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Buffer overflow
Dogs
Keystroke logging
Base-64
17. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Out of band
Callback Security/Call Forwarding
Switches / Bridges
Wiretapping
18. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Certification
Non-repudiation
CD-Rom
NAT
19. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
Security through obscurity
/etc/passwd
CHAP
20. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Compiler
Tailgating / Piggybacking
Quality Assurance
Brute Force
21. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
DMZ
Brute force
SSL/TLS
/etc/passwd
22. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
FAR/FRR/CER
Private Addressing
Logic bomb
Hackers
23. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Base-64
Logic bomb
ARP (Address Resolution Protocol)
Honey pot
24. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Firewall types
l0pht
Clipping levels
Malware
25. This is an open international standard for applications that use wireless communications.
WAP (Wireless Application Protocol)
CIO
Rijndael
Classes of IP networks
26. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Sniffing
Service packs
User
Salami Slicing
27. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Kerberos
SESAME
Replay
SSH
28. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Custodian
Nonce
ARP (Address Resolution Protocol)
WAP (Wireless Application Protocol)
29. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
PKI
/etc/passwd
Format 7 times
Block cipher
30. Computer Incident Response Team
CIRT
Digital certificates
Nonce
Identification
31. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
ISDN (Integrated Services Digital Network)
Authorization creep
Embezzlement
32. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Reciprocal agreement
Keystroke logging
Block cipher
Symmetric
33. Making individuals accountable for their actions on a system typically through the use of auditing
PKI
Throughput of a Biometric System
Accountability
Inference
34. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
BIA
Security Perimeter
NAT
Switches / Bridges
35. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Halon
Security through obscurity
Hot Site
Trap Door
36. Involving the measurement of quantity or amount.
Quantitative
War driving
Firewall types
VLANs
37. In the broadest sense - a fraud is a deception made for personal gain
Fraud
Nonce
RADIUS (Remote authentication dial-in user service)
Inference
38. Assuming someone's session who is unaware of what you are doing
Data remanence
DMZ
War dialing
Session Hijacking
39. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
MOM
RADIUS (Remote authentication dial-in user service)
Toneloc
Data remanence
40. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
SLE (Single Loss Expectancy or Exposure)
Software
Macro
Code of ethics
41. A network that uses standard protocols (TCP/IP)
Classes of IP networks
Risk Management
Open network
CIO
42. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
COOP
DAD
Hoax
Callback Security/Call Forwarding
43. Reasonable doubt
CCTV
Burden of Proof
Hoax
Compiler
44. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Kerberos
Java
Decentralized
Asymmetric
45. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Two-Factor Authentication
Security kernel
OEP
Object Oriented Programming
46. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Fences
Boot-sector Virus
Acceptable use
TCB
47. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Format 7 times
CHAP
ActiveX Object Linking and Embedding
Fraud
48. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Motion detector
ROT-13
Exit interview
Multipartite
49. After implementing countermeasures - accepting risk for the amount of vulnerability left over
BIA
Risk Acceptance
Granularity
Acceptable use
50. Internet Relay Chat.
Normalization
Salami Slicing
IRC
ISDN (Integrated Services Digital Network)