SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A gas used in fire suppression. Not human safe. Chemical reaction.
Halon
PAP (Password Authentication Protocol)
Fraggle
Polymorphic
2. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Checksum
Artificial Neural Networks (ANN)
Change management
3. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Multipartite
Trade Secret
SSH
Fraggle
4. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Due Diligence
Birthday attack
Smart cards
SYN Flood
5. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Smart cards
Audit Trail
Macro
Code of ethics
6. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Service packs
Finger printing
Tokens
FAR/FRR/CER
7. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Certification
NAT
ActiveX Object Linking and Embedding
ROT-13
8. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Decentralized
Wiretapping
Expert systems
9. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Encryption
Honey pot
Data remanence
Packet Sniffing
10. Transferring your risk to someone else - typically an insurance company
Multipartite
Fire extinguisher
OLE
Risk Transferring
11. The person that controls access to the data
Digital certificates
Back door/ trap door/maintenance hook
Inference
Custodian
12. Motivational tools for employee awareness to get them to report security flaws in an organization
Encryption
Well-known ports
CGI (The Common Gateway Interface)
Incentive programs
13. More discriminate than dogs
Switches / Bridges
Debug
Coax
Guards
14. The practice of obtaining confidential information by manipulation of legitimate users.
Social engineering
Incentive programs
ARO (Annualized Rate of Occurrence)
IRC
15. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Classes of IP networks
Trade Secret
DMZ
16. Disclosure - Alteration - Destruction. These things break the CIA triad
Acceptable use
IRC
RADIUS (Remote authentication dial-in user service)
DAD
17. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Birthday attack
Illegal/Unethical
Exit interview
CIA
18. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
CRC (Cyclic Redundancy Check)
Software development lifecycle
Replay
Mandatory vacation
19. Enticing people to hit your honeypot to see how they try to access your system.
Warm Site
CIA
Clipping levels
Enticement
20. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
CHAP
Biometric profile
Boot-sector Virus
SSL/TLS
21. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Reciprocal agreement
Tort
Multiprocessing
Data remanence
22. A site that has some equipment in place - and can be up within days
Multitasking
Custodian
Multiprocessing
Warm Site
23. The user
Two-Factor Authentication
User
Private Addressing
CEO
24. This is an open international standard for applications that use wireless communications.
VPN (Virtual Private Network)
Due Diligence
Trade Secret
WAP (Wireless Application Protocol)
25. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
MitM
Content dependant
Twisted pair
TEMPEST
26. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
l0pht
ALE (Annualized Loss Expectancy)
Acceptable use
Format 7 times
27. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
BIA
WAP (Wireless Application Protocol)
Content dependant
Job rotation
28. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Termination procedures
DOS
Risk Management
Fire extinguisher
29. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Script kiddies
Tort
Authorization creep
Schema
30. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Session Hijacking
Cookies
Polymorphic
War dialing
31. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Enticement
Block cipher
Termination procedures
Key Escrow
32. Motive - Opportunity - and Means. These deal with crime.
Non-repudiation
MOM
Nonce
Exit interview
33. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Expert System
SSO (Single sign-on)
Dogs
Eavesdropping
34. Using ICMP to diagram a network
UUEncode
Senior Management
Tailgating / Piggybacking
Probing
35. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Tort
CEO
Packet Sniffing
TCB
36. Someone who hacks
Logic bomb
Hacker
Object Oriented Programming
Worm
37. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Well-known ports
Brute Force
ARP (Address Resolution Protocol)
SLE (Single Loss Expectancy or Exposure)
38. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Quality Assurance
MitM
Granularity
OSI Model
39. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Hubs
Degausser
Tort
Caesar Cipher
40. Be at least 8 foot tall and have three strands of barbed wire.
AES (Advanced Encryption Standard)
Fences
CEO
Stream cipher
41. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Certification
Separation of duties
Sabotage
War driving
42. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Covert channels
Private Addressing
Debug
Software development lifecycle
43. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Software development lifecycle
Artificial Neural Networks (ANN)
Caesar Cipher
Halon
44. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Logic bomb
Smurf
IRC
45. A hidden communications channel on a system that allows for the bypassing of the system security policy
Out of band
DNS cache poisoning
EF (Exposure Factor)
Covert channels
46. A military standard defining controls for emanation protection
TEMPEST
Trojan horses
Tokens
Script
47. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Inference
Noise & perturbation
RADIUS (Remote authentication dial-in user service)
Buffer overflow
48. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
Probing
Change management
Vulnerability analysis tools
Software
49. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Mandatory vacation
Two-Factor Authentication
Security Perimeter
Detective - Preventive - Corrective
50. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Detective - Preventive - Corrective
Copyright
Cyphertext only
Due Care
