SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Owner
NAT
Audit Trail
SESAME
2. The ability to have more than one thread associated with a process
Risk Management
Multithreading
Rolling hot sites
Security through obscurity
3. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Risk Analysis
DOS
Throughput of a Biometric System
DAD
4. Scanning the airwaves for radio transmissions
Two-Factor Authentication
Scanning
Embezzlement
Session Hijacking
5. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Common criteria
Biometrics
Cookies
War dialing
6. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Patriot Act
CHAP
Risk Acceptance
Probing
7. A military standard defining controls for emanation protection
Accountability
SSH
TEMPEST
Halon
8. A war dialing utility
Identification
RADIUS (Remote authentication dial-in user service)
Toneloc
Firewall types
9. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Smurf
Wiretapping
Authentication
Content dependant
10. A network that uses proprietary protocols
OLE
COOP
Checksum
Closed network
11. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Risk Analysis
Throughput of a Biometric System
War dialing
Two-Factor Authentication
12. Dialing fixed sets telephone numbers looking for open modem connections to machines
War dialing
Bugtraq
SESAME
UUEncode
13. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Due Care
DCOM
Key Escrow
Joke
14. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Reciprocal agreement
Common criteria
Diffie-Hellman
Call tree
15. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Polymorphic
Symmetric
MOM
16. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
ARP (Address Resolution Protocol)
Hacker
l0pht
Transposition
17. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
NAT
DCOM
War driving
TCP Wrappers
18. An attempt to trick the system into believing that something false is real
Hoax
Twisted pair
Illegal/Unethical
Out of band
19. Disclosure - Alteration - Destruction. These things break the CIA triad
Artificial Neural Networks (ANN)
War dialing
DAD
Authorization creep
20. Distributed Component Object Model. Microsoft's implementation of CORBA.
MitM
Job rotation
DCOM
Technical - Administrative - Physical
21. Basic Input/Output System
Skipjack
Tort
Data Mart
BIOS
22. When security is managed at many different points in an organization
Multithreading
DAD
Decentralized
Caesar Cipher
23. Someone who hacks
Encryption
Hash
Hacker
Kerberos
24. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Rijndael
Degausser
Termination procedures
CRC (Cyclic Redundancy Check)
25. A hidden communications channel on a system that allows for the bypassing of the system security policy
Hash
Covert channels
ARP (Address Resolution Protocol)
Dumpster diving
26. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Caesar Cipher
CGI (The Common Gateway Interface)
CORBA
Degausser
27. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Job rotation
TCP Wrappers
Accreditation
Echelon
28. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Warm Site
SQL (Structured Query Language)
Service packs
Honey pot
29. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Worm
Normalization
CHAP
Brewer-Nash model
30. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Stream cipher
Open network
Firmware
Raid 0 - 1 - 3 - 5
31. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Audit Trail
Non-repudiation
Noise & perturbation
Spoofing
32. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
CD-Rom
Acceptable use
Joke
Session Hijacking
33. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
SSO (Single sign-on)
VPN (Virtual Private Network)
Due Care
ARP (Address Resolution Protocol)
34. Continuation of Operations Plan
Transposition
Echelon
TCB
COOP
35. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Eavesdropping
TACACS (Terminal access controller access control system)
CEO
SLE (Single Loss Expectancy or Exposure)
36. The intercepting of conversations by unintended recipients
Private Addressing
Promiscuous mode
BIA
Eavesdropping
37. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Active attacks
DHCP
Macro
Base-64
38. Personal - Network - and Application
Firewall types
Biometric profile
Asymmetric
Rolling hot sites
39. Involving the measurement of quantity or amount.
Quantitative
IAB
Session Hijacking
Firmware
40. The process of reducing your risks to an acceptable level based on your risk analysis
Back door/ trap door/maintenance hook
Caesar Cipher
Hoax
Risk Mitigation
41. Signal degradation as it moves farther from its source
Data remanence
Username/password
Attenuation
War driving
42. This is an open international standard for applications that use wireless communications.
WAP (Wireless Application Protocol)
AES (Advanced Encryption Standard)
Biometrics
CGI (The Common Gateway Interface)
43. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Multitasking
TCB
Out of band
FAR/FRR/CER
44. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Bugtraq
Sabotage
Back door/ trap door/maintenance hook
Decentralized
45. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DOS
AES (Advanced Encryption Standard)
Compiler
Out of band
46. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
ActiveX Object Linking and Embedding
Username/password
TCB
Macro
47. Animals with teeth. Not as discriminate as guards
Dogs
Open network
Content dependant
Privacy Act of 1974
48. Emanations from one wire coupling with another wire
Crosstalk
Asymmetric
ROT-13
TACACS (Terminal access controller access control system)
49. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fire extinguisher
DDOS
Repeaters
PAP (Password Authentication Protocol)
50. Internet Architecture Board. This board is responsible for protecting the Internet.
Risk Mitigation
Dumpster diving
Encryption
IAB
