SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
BIA
Risk Analysis
Virtual machine
Bugtraq
2. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Bastion hosts
ISDN (Integrated Services Digital Network)
Twisted pair
3. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Spoofing
Inference
Accreditation
4. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
CIA
Code of ethics
CHAP
Detective - Preventive - Corrective
5. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
TACACS (Terminal access controller access control system)
Repeaters
Security kernel
Content dependant
6. The frequency with which a threat is expected to occur.
Honey pot
Callback Security/Call Forwarding
Multitasking
ARO (Annualized Rate of Occurrence)
7. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Security through obscurity
Kerberos
Replay
User
8. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
IAB
Senior Management
Trojan horses
Raid 0 - 1 - 3 - 5
9. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Fraggle
War dialing
ROT-13
TEMPEST
10. Emanations from one wire coupling with another wire
Asset Value
Vulnerability analysis tools
Crosstalk
Hardware
11. In a separation of duties model - this is where code is checked in and out
Spoofing
Software librarian
Checksum
Audit Trail
12. This is an open international standard for applications that use wireless communications.
WAP (Wireless Application Protocol)
NAT
Debug
Toneloc
13. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Honey pot
OLE
Vulnerability analysis tools
IRC
14. Network device that operates at layer 1. Concentrator.
Buffer overflow
Hubs
DOS
WTLS (Wireless Transport Layer Security)
15. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Technical - Administrative - Physical
Certification
CIO
Honey pot
16. Transferring your risk to someone else - typically an insurance company
Asset Value
Smurf
Risk Transferring
Debug
17. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Accountability
Cryptanalysis
Biometrics
Object Oriented Programming
18. These can be used to verify that public keys belong to certain individuals.
PKI
Switches / Bridges
Digital certificates
Call tree
19. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Username/password
Hackers
Format 7 times
TEMPEST
20. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Session Hijacking
Brute Force
ROM (Read-only memory)
Clipping levels
21. The art of breaking code. Testing the strength of an algorithm.
Cryptanalysis
Multitasking
Trademark
Throughput of a Biometric System
22. Occupant Emergency Plan - Employees are the most important!
Joke
Burden of Proof
OEP
Privacy Act of 1974
23. Animals with teeth. Not as discriminate as guards
Dogs
CD-Rom
Sniffing
Bugtraq
24. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Key Escrow
Logic bomb
Username/password
Trojan horses
25. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
UUEncode
DCOM
Security Perimeter
Senior Management
26. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Malware
TCSEC
Cookies
Job rotation
27. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
ARP (Address Resolution Protocol)
Polymorphism
Script kiddies
Nonce
28. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Asymmetric
Bugtraq
Risk Management
Tokens
29. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Twisted pair
DCOM
EF (Exposure Factor)
Caesar Cipher
30. These viruses usually infect both boot records and files.
Multipartite
Copyright
Content dependant
SSH
31. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Virtual machine
Switches / Bridges
Symmetric
OSI Model
32. Assuming someone's session who is unaware of what you are doing
Copyright
ROM (Read-only memory)
Session Hijacking
Dumpster diving
33. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Switches / Bridges
Normalization
ROM (Read-only memory)
Risk Management
34. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Firmware
Malware
Boot-sector Virus
Asset Value
35. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Warm Site
CHAP
Substitution
Finger printing
36. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Privacy Act of 1974
Replay
Hearsay Evidence
SQL (Structured Query Language)
37. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
CEO
Tokens
DDOS
ActiveX Object Linking and Embedding
38. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Smurf
Nonce
BIA
CD-Rom
39. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Clipping levels
Well-known ports
Tokens
Callback Security/Call Forwarding
40. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Wiretapping
Expert systems
CORBA
Private Addressing
41. The practice of obtaining confidential information by manipulation of legitimate users.
Trade Secret
Senior Management
CIO
Social engineering
42. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Private Addressing
Encryption
TACACS (Terminal access controller access control system)
BIOS
43. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
FAR/FRR/CER
Exit interview
Call tree
Polymorphic
44. Refers to any of the various programs by which a computer controls aspects of its operations - such as those for translating data from one form to another - as contrasted with hardware - which is the physical equipment comprising the installation.
CRC (Cyclic Redundancy Check)
DMZ
Vulnerability analysis tools
Software
45. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Compiler
TACACS (Terminal access controller access control system)
Change management
Nonce
46. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Birthday attack
Custodian
Security Awareness Training
ISDN (Integrated Services Digital Network)
47. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
COOP
Eavesdropping
Polymorphism
48. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Warm Site
Inference
Dumpster diving
Risk Management
49. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Man trap
Transposition
Data remanence
Exit interview
50. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Packet Sniffing
Incentive programs
TCB
Normalization