SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Relating to quality or kind. This assigns a level of importance to something.
Qualitative
Detective - Preventive - Corrective
Fraggle
Raid 0 - 1 - 3 - 5
2. An attempt to trick the system into believing that something false is real
CIA
Illegal/Unethical
Hoax
ActiveX Object Linking and Embedding
3. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Code of ethics
Trade Secret
Embezzlement
Hot Site
4. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Acceptable use
Brute force
Keystroke logging
Throughput of a Biometric System
5. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Hearsay Evidence
Asymmetric
TACACS (Terminal access controller access control system)
Social engineering
6. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Digital signing
Cryptanalysis
Multiprocessing
7. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Script
Senior Management
DDOS
OEP
8. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Back door/ trap door/maintenance hook
Polymorphism
EF (Exposure Factor)
Clipper Chip
9. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Trademark
Multipartite
Aggregation
Social engineering
10. Good for distance - longer than 100M
DHCP
Centralized
Vulnerability analysis tools
Coax
11. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
Job rotation
Sabotage
Enticement
12. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Script
Dictionary Attack
Dogs
Username/password
13. Assuming someone's session who is unaware of what you are doing
Hoax
SYN Flood
Schema
Session Hijacking
14. Someone who hacks
Cookies
Mandatory vacation
Authentication
Hacker
15. The act of identifying yourself. Providing your identity to a system
Boot-sector Virus
Private Addressing
Identification
SYN Flood
16. A technique to eliminate data redundancy.
Diffie-Hellman
Job rotation
Normalization
Fire extinguisher
17. Network Address Translation
Data remanence
Digital certificates
Identification
NAT
18. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Smart cards
Risk Mitigation
SQL (Structured Query Language)
Illegal/Unethical
19. These viruses usually infect both boot records and files.
ROM (Read-only memory)
Detective - Preventive - Corrective
Multipartite
Accountability
20. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Job rotation
Bugtraq
Digest
DOS
21. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Toneloc
DCOM
Symmetric
Compiler
22. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Security through obscurity
Firewall types
Twisted pair
23. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
SLE (Single Loss Expectancy or Exposure)
Motion detector
Firewall types
24. A network that uses standard protocols (TCP/IP)
Firewall types
Open network
Qualitative
Out of band
25. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Due Care
Trap Door
DCOM
Spoofing
26. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
SQL (Structured Query Language)
Sniffing
Sabotage
Risk Acceptance
27. Reasonable doubt
Burden of Proof
Fiber optic
Substitution
Man trap
28. Signal degradation as it moves farther from its source
Entrapment
Halon
Attenuation
Hash
29. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Qualitative
Multipartite
Polymorphic
Authorization
30. A network that uses proprietary protocols
Incentive programs
War dialing
Smart cards
Closed network
31. Threat to physical security.
Sabotage
Artificial Neural Networks (ANN)
Format 7 times
Rijndael
32. When two or more processes are linked and execute multiple programs simultaneously
Code of ethics
OEP
Patent
Multiprocessing
33. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Cryptanalysis
Polymorphic
SSO (Single sign-on)
Digest
34. Using ICMP to diagram a network
Cookies
Cold Site
Clipper Chip
Probing
35. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Salami Slicing
Covert channels
Asymmetric
CEO
36. More discriminate than dogs
CIRT
Guards
Multithreading
SLE (Single Loss Expectancy or Exposure)
37. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Joke
Decentralized
Active attacks
Finger scanning
38. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Compiler
/etc/passwd
IRC
Authorization
39. Internet Architecture Board. This board is responsible for protecting the Internet.
Logic bomb
IAB
DAD
Clipping levels
40. Transferring your risk to someone else - typically an insurance company
RAM (Random-access memory)
Masquerade
Risk Transferring
Script
41. Dynamic Host Configuration Protocol.
Code of ethics
DHCP
Digital signing
Asset Value
42. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
IAB
Authentication
Firewall types
43. Public Key Infrastructure
PKI
Two-Factor Authentication
Vulnerability analysis tools
Biometric profile
44. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Hackers
Acceptable use
WAP (Wireless Application Protocol)
Boot-sector Virus
45. When security is managed at many different points in an organization
IRC
Kerberos
Decentralized
Trade Secret
46. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Passive attacks
Inference
Macro
Content dependant
47. Software designed to infiltrate or damage a computer system - without the owner's consent.
War dialing
DDOS
Malware
Decentralized
48. Entails planning and system actions to ensure that a project is following good quality management practices
Boot-sector Virus
Software librarian
Quality Assurance
Multitasking
49. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
DDOS
Session Hijacking
Asset Value
Expert System
50. Disclosure - Alteration - Destruction. These things break the CIA triad
Keystroke logging
User
Inference
DAD