SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Software designed to infiltrate or damage a computer system - without the owner's consent.
Embezzlement
PKI
Schema
Malware
2. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Carnivore
Content dependant
Repeaters
Security Awareness Training
3. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
MitM
Due Diligence
Multithreading
SSH
4. When security is managed at a central point in an organization
Centralized
SSL/TLS
Logic bomb
Mandatory vacation
5. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Sniffing
Motion detector
Technical - Administrative - Physical
Biometric profile
6. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Incentive programs
Two-Factor Authentication
Cookies
Degausser
7. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Teardrop
Multithreading
Smart cards
NAT
8. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Tailgating / Piggybacking
Throughput of a Biometric System
Content dependant
9. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Risk Analysis
Smart cards
Finger printing
Raid 0 - 1 - 3 - 5
10. Object Linking and Embedding. The ability of an object to be embedded into another object.
Schema
OLE
DCOM
EF (Exposure Factor)
11. Motive - Opportunity - and Means. These deal with crime.
Repeaters
Dictionary Attack
MOM
Cold Site
12. Public Key Infrastructure
Finger scanning
PKI
Sabotage
Private Addressing
13. A system designed to stop piggybacking.
Debug
Man trap
Classes of IP networks
COOP
14. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Digital signing
Substitution
Code of ethics
Salami Slicing
15. Network device that operates at layer 1. Concentrator.
UUEncode
Hubs
Crosstalk
Honey pot
16. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Twisted pair
Security Perimeter
Packet Sniffing
TACACS (Terminal access controller access control system)
17. Defines the objects and their attributes that exist in a database.
Twisted pair
Content dependant
Schema
Risk Analysis
18. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
ROT-13
Biometric profile
ISDN (Integrated Services Digital Network)
Audit Trail
19. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Brewer-Nash model
NAT
COOP
ROM (Read-only memory)
20. Internet Architecture Board. This board is responsible for protecting the Internet.
Smart cards
Dictionary Attack
IAB
Attenuation
21. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Hacker
Warm Site
Nonce
MitM
22. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Quantitative
CGI (The Common Gateway Interface)
War dialing
Worm
23. A network that mimics the brain
Artificial Neural Networks (ANN)
Closed network
Virtual machine
Script kiddies
24. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
Brute Force
Spoofing
Fraggle
25. These can be used to verify that public keys belong to certain individuals.
Digital certificates
Joke
Aggregation
Tort
26. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Back door/ trap door/maintenance hook
Toneloc
Promiscuous mode
TCSEC
27. 'If you cant see it - its secure'. Bad policy to live by.
Bastion hosts
Transposition
Security through obscurity
Schema
28. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
PAP (Password Authentication Protocol)
BIA
CORBA
Covert channels
29. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Cookies
Tokens
Hardware
Security Perimeter
30. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
DMZ
DCOM
Content dependant
Software development lifecycle
31. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
OEP
Birthday attack
Scanning
Schema
32. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Due Diligence
l0pht
Technical - Administrative - Physical
Keystroke logging
33. Internet Relay Chat.
Privacy Act of 1974
Switches / Bridges
IRC
User
34. An attempt to trick the system into believing that something false is real
Hoax
Trade Secret
CGI (The Common Gateway Interface)
User
35. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Audit Trail
DOS
Embezzlement
Sabotage
36. Dialing fixed sets telephone numbers looking for open modem connections to machines
OSI Model
War dialing
Brewer-Nash model
Finger printing
37. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
BIOS
Service packs
Encryption
War driving
38. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Tokens
Hackers
Accreditation
Trade Secret
39. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
DNS cache poisoning
Finger printing
Salami Slicing
Common criteria
40. Confidentiality - Integrity - and Availability
CHAP
CIA
Hearsay Evidence
User
41. A gas used in fire suppression. Not human safe. Chemical reaction.
Halon
Logic bomb
WTLS (Wireless Transport Layer Security)
DMZ
42. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Probing
Nonce
Closed network
Classes of IP networks
43. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DOS
CHAP
Vulnerability analysis tools
Smart cards
44. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
DMZ
Digest
Debug
Normalization
45. Also known as a tunnel)
Checksum
VPN (Virtual Private Network)
Polymorphism
DHCP
46. When two or more processes are linked and execute multiple programs simultaneously
Hardware
Multiprocessing
Fiber optic
Custodian
47. Random Number Base
Nonce
COOP
MOM
Due Care
48. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Virtual Memory/Pagefile.sys
Warm Site
SSL/TLS
Brewer-Nash model
49. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Patent
Expert systems
Fraggle
Granularity
50. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Expert System
Diffie-Hellman
Routers
Passive attacks
