SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
DCOM
WTLS (Wireless Transport Layer Security)
Scanning
Spoofing
2. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Skipjack
CIA
Spoofing
Script kiddies
3. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
Technical - Administrative - Physical
Incentive programs
PKI
4. Also civil law
Tort
CORBA
CHAP
Motion detector
5. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Illegal/Unethical
Service packs
Quality Assurance
6. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
SSL/TLS
Block cipher
Nonce
COOP
7. Basic Input/Output System
Rijndael
BIOS
Acceptable use
CEO
8. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Checksum
Phreaker
ROT-13
Risk Management
9. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Cryptanalysis
Fraggle
Asset Value
Worm
10. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Illegal/Unethical
Data remanence
Joke
Bastion hosts
11. Be at least 8 foot tall and have three strands of barbed wire.
Multipartite
Fences
Job rotation
Telnet
12. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Closed network
Expert System
Enticement
Script
13. Chief Information Officer
Malware
Dumpster diving
Format 7 times
CIO
14. Software designed to infiltrate or damage a computer system - without the owner's consent.
War driving
Risk Acceptance
Malware
TCP Wrappers
15. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
ROT-13
Boot-sector Virus
Cookies
Crosstalk
16. Method of authenticating to a system. Something that you supply and something you know.
Username/password
Sniffing
Senior Management
Virtual machine
17. Data storage formats and equipment that allow the stored data to be accessed in any order
Kerberos
RAM (Random-access memory)
CIRT
Probing
18. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
TCB
Hubs
Cookies
Hardware
19. When security is managed at a central point in an organization
Malware
Crosstalk
Probing
Centralized
20. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Diffie-Hellman
Fiber optic
DNS cache poisoning
Hubs
21. Defines the objects and their attributes that exist in a database.
l0pht
Polymorphism
Cryptanalysis
Schema
22. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Certification
Motion detector
TCP Wrappers
CRC (Cyclic Redundancy Check)
23. Threat to physical security.
CIRT
Sabotage
Phreaker
Throughput of a Biometric System
24. The art of breaking code. Testing the strength of an algorithm.
MOM
Diffie-Hellman
Cryptanalysis
Noise & perturbation
25. A hidden communications channel on a system that allows for the bypassing of the system security policy
Covert channels
Expert systems
Senior Management
Coax
26. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Acceptable use
Accreditation
Masquerade
Risk Analysis
27. When security is managed at many different points in an organization
Smurf
Decentralized
Joke
TACACS (Terminal access controller access control system)
28. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
DHCP
DMZ
Tailgating / Piggybacking
Hot Site
29. Same as a block cipher except that it is applied to a data stream one bit at a time
Private Addressing
Stream cipher
Hash
ALE (Annualized Loss Expectancy)
30. Component Object Model.
Job rotation
Dogs
COM
Man trap
31. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Spoofing
Embezzlement
Patriot Act
Accreditation
32. Accepting all packets
Trademark
Qualitative
Firewall types
Promiscuous mode
33. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Software librarian
Degausser
Authorization
Rolling hot sites
34. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
ISDN (Integrated Services Digital Network)
SSO (Single sign-on)
Security Perimeter
CIRT
35. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Vulnerability analysis tools
EF (Exposure Factor)
RADIUS (Remote authentication dial-in user service)
36. To not be legal (as far as law is concerned) or ethical
OSI Model
Macro
TCP Wrappers
Illegal/Unethical
37. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Salami Slicing
Non-repudiation
Aggregation
Centralized
38. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Routers
Echelon
Termination procedures
Salami Slicing
39. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Authorization
Kerberos
Data Mart
Passive attacks
40. A network that mimics the brain
Sabotage
Joke
Artificial Neural Networks (ANN)
Cyphertext only
41. These viruses usually infect both boot records and files.
DDOS
Script
Fraggle
Multipartite
42. Using ICMP to diagram a network
Probing
Transposition
ROM (Read-only memory)
Replay
43. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Caesar Cipher
DNS cache poisoning
Granularity
Accreditation
44. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Burden of Proof
CD-Rom
Biometrics
Privacy Act of 1974
45. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Penetration testing
Degausser
Qualitative
Routers
46. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Incentive programs
Finger scanning
Software
DDOS
47. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
NAT
TEMPEST
SSL/TLS
Software development lifecycle
48. Dynamic Host Configuration Protocol.
Hearsay Evidence
Expert systems
DHCP
Entrapment
49. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
Burden of Proof
Brewer-Nash model
OLE
50. Once authenticated - the level of access you have to a system
Vulnerability analysis tools
Boot-sector Virus
Authorization
Format 7 times
