SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
SSO (Single sign-on)
DNS cache poisoning
DDOS
Repeaters
2. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Trap Door
CD-Rom
Diffie-Hellman
ROT-13
3. Signal degradation as it moves farther from its source
Attenuation
Clipping levels
Compiler
Inference
4. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Stream cipher
SSL/TLS
Copyright
Tokens
5. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
CCTV
Finger scanning
FAR/FRR/CER
Hash
6. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Stream cipher
Service packs
Degausser
Embezzlement
7. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Vulnerability analysis tools
Packet Sniffing
SSL/TLS
Senior Management
8. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
CEO
Callback Security/Call Forwarding
Out of band
User
9. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
DNS cache poisoning
Guards
Rolling hot sites
Brute Force
10. Common Object Request Broker Architecture.
Brute force
Dumpster diving
CORBA
Certification
11. Confidentiality - Integrity - and Availability
Finger printing
Mandatory vacation
CIA
ROT-13
12. A sandbox. Emulates an operating environment.
Privacy Act of 1974
COOP
Base-64
Virtual machine
13. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Object Oriented Programming
ALE (Annualized Loss Expectancy)
Expert systems
Script
14. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Patent
Degausser
Cryptanalysis
SYN Flood
15. A RFC standard. A mechanism for performing commands on a remote system
Encryption
Risk Transferring
Patent
Telnet
16. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Data Mart
TCP Wrappers
SSO (Single sign-on)
DOS
17. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
MitM
Logic bomb
Hackers
Call tree
18. Motive - Opportunity - and Means. These deal with crime.
MOM
Format 7 times
COM
Software
19. A gas used in fire suppression. Not human safe. Chemical reaction.
Penetration testing
Closed network
Halon
Vulnerability analysis tools
20. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Cyphertext only
Granularity
SSO (Single sign-on)
Quality Assurance
21. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Boot-sector Virus
NAT
Data remanence
22. A network that mimics the brain
Artificial Neural Networks (ANN)
Well-known ports
Firewall types
RADIUS (Remote authentication dial-in user service)
23. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Caesar Cipher
Custodian
SSH
Fences
24. When two or more processes are linked and execute multiple programs simultaneously
Multiprocessing
Scanning
Vulnerability analysis tools
TACACS (Terminal access controller access control system)
25. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Due Care
Cold Site
ROT-13
Hash
26. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Hash
SYN Flood
TCP Wrappers
ISDN (Integrated Services Digital Network)
27. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
SSH
Joke
TEMPEST
Aggregation
28. The person that controls access to the data
Mandatory vacation
Custodian
Inference
Incentive programs
29. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Hacker
Exit interview
Risk Acceptance
Data Mart
30. In cryptography - it is a block cipher
Base-64
Honey pot
Skipjack
Two-Factor Authentication
31. Any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication - which requires only one factor (knowledge of a password) in order to gain access to a syste
Masquerade
Authentication
Two-Factor Authentication
Trademark
32. A technique to eliminate data redundancy.
Inference
Authorization creep
Normalization
Digital signing
33. Providing verification to a system
Code of ethics
Out of band
Security through obscurity
Authentication
34. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
Attenuation
Probing
Multiprocessing
35. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Asymmetric
Centralized
MitM
ARO (Annualized Rate of Occurrence)
36. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Enticement
CD-Rom
Custodian
Multitasking
37. When security is managed at many different points in an organization
/etc/passwd
Burden of Proof
PKI
Decentralized
38. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Data remanence
SSH
Well-known ports
Out of band
39. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Cryptanalysis
Smart cards
War dialing
Echelon
40. White hat l0pht
Out of band
Bugtraq
Virtual machine
TEMPEST
41. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Biometrics
BIA
OLE
Illegal/Unethical
42. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
Security Awareness Training
Classes of IP networks
Detective - Preventive - Corrective
TCB
43. Dynamic Host Configuration Protocol.
Attenuation
Hash
DHCP
Burden of Proof
44. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Technical - Administrative - Physical
BIA
Security kernel
Illegal/Unethical
45. Closed Circuit Television
Smurf
ROM (Read-only memory)
CCTV
Separation of duties
46. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
RAM (Random-access memory)
Artificial Neural Networks (ANN)
MOM
47. Chief Information Officer
CIO
Vulnerability analysis tools
Wiretapping
Penetration testing
48. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Detective - Preventive - Corrective
Honey pot
Guards
49. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
CIO
Noise & perturbation
OSI Model
IAB
50. When security is managed at a central point in an organization
Centralized
CCTV
Finger scanning
ROM (Read-only memory)