SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A hidden communications channel on a system that allows for the bypassing of the system security policy
Data Mart
Format 7 times
Covert channels
RADIUS (Remote authentication dial-in user service)
2. In computer science - it means allowing a single definition to be used with different types of data (specifically - different classes of objects). For instance - a polymorphic function definition can replace several type-specific ones - and a single
CIA
War driving
Polymorphism
Noise & perturbation
3. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Mitigation
Tokens
CRC (Cyclic Redundancy Check)
Digest
4. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
UUEncode
Virtual Memory/Pagefile.sys
BIA
Certification
5. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
SSL/TLS
Centralized
Cyphertext only
War driving
6. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Compiler
War driving
DNS cache poisoning
Decentralized
7. A mechanism by which connections to TCP services on a system are allowed or disallowed
TCP Wrappers
CD-Rom
Honey pot
Block cipher
8. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
FAR/FRR/CER
MOM
Content dependant
9. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Tailgating / Piggybacking
Username/password
Patriot Act
Service packs
10. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Polymorphic
Reciprocal agreement
Passive attacks
Hot Site
11. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Common criteria
Embezzlement
Block cipher
Smurf
12. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Trojan horses
Motion detector
Object Oriented Programming
Quantitative
13. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
SSH
Dogs
l0pht
Enticement
14. The act of identifying yourself. Providing your identity to a system
Tokens
Identification
Rolling hot sites
CD-Rom
15. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Separation of duties
Java
Trap Door
MitM
16. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Polymorphism
VPN (Virtual Private Network)
Birthday attack
Hash
17. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Incentive programs
Patriot Act
Reciprocal agreement
Back door/ trap door/maintenance hook
18. The person that controls access to the data
ISDN (Integrated Services Digital Network)
Script kiddies
Artificial Neural Networks (ANN)
Custodian
19. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
CRC (Cyclic Redundancy Check)
Asset Value
Rolling hot sites
Smurf
20. To not be legal (as far as law is concerned) or ethical
Vulnerability analysis tools
Risk Transferring
Active attacks
Illegal/Unethical
21. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Audit Trail
Kerberos
Nonce
Custodian
22. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Salami Slicing
Clipper Chip
Spoofing
Digital signing
23. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Common criteria
DOS
PKI
Termination procedures
24. The intercepting of conversations by unintended recipients
Eavesdropping
Senior Management
Fraud
Due Care
25. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Tokens
Switches / Bridges
Accreditation
Noise & perturbation
26. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
FAR/FRR/CER
UUEncode
EF (Exposure Factor)
Hot Site
27. Internet Relay Chat.
Centralized
Exit interview
IRC
FAR/FRR/CER
28. Emanations from one wire coupling with another wire
Software
Crosstalk
ActiveX Object Linking and Embedding
PKI
29. A network that mimics the brain
Hash
Risk Transferring
Artificial Neural Networks (ANN)
Macro
30. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Noise & perturbation
Biometrics
Exit interview
Non-repudiation
31. Personal - Network - and Application
CIRT
Salami Slicing
Firewall types
Buffer overflow
32. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Firewall types
Copyright
Granularity
DOS
33. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Active attacks
Reciprocal agreement
Logic bomb
UUEncode
34. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Cryptanalysis
SYN Flood
UUEncode
Joke
35. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
RAM (Random-access memory)
Expert System
Wiretapping
Guards
36. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Asymmetric
Non-repudiation
Expert System
Stream cipher
37. A network that uses standard protocols (TCP/IP)
ARO (Annualized Rate of Occurrence)
Open network
Session Hijacking
Call tree
38. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Well-known ports
CIRT
CEO
Cold Site
39. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Mandatory vacation
Job rotation
Sniffing
ARO (Annualized Rate of Occurrence)
40. When security is managed at a central point in an organization
Security kernel
Fire extinguisher
Inference
Centralized
41. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
AES (Advanced Encryption Standard)
Repeaters
TACACS (Terminal access controller access control system)
Software librarian
42. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Object Oriented Programming
SSL/TLS
Throughput of a Biometric System
PKI
43. Dialing fixed sets telephone numbers looking for open modem connections to machines
IAB
Expert System
Trademark
War dialing
44. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
PKI
Identification
Social engineering
Termination procedures
45. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Tailgating / Piggybacking
Caesar Cipher
Detective - Preventive - Corrective
Trojan horses
46. A network that uses proprietary protocols
Identification
Active attacks
Closed network
Cookies
47. Assuming someone's session who is unaware of what you are doing
ROM (Read-only memory)
Digital certificates
Session Hijacking
Classes of IP networks
48. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
Warm Site
DHCP
Firewall types
49. A network entity that provides a single entrance / exit point to the Internet.
Throughput of a Biometric System
Bastion hosts
Fiber optic
Quality Assurance
50. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Smart cards
Two-Factor Authentication
BIA
Service packs
