SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
CCTV
Key Escrow
Degausser
Incentive programs
2. A site that has some equipment in place - and can be up within days
Keystroke logging
Skipjack
Acceptable use
Warm Site
3. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Patent
Non-repudiation
Compiler
Risk Acceptance
4. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Fraud
Encryption
Sabotage
CIA
5. Dynamic Host Configuration Protocol.
DHCP
Identification
CHAP
Audit Trail
6. Closed Circuit Television
Multitasking
Fraud
Kerberos
CCTV
7. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Skipjack
Degausser
SLE (Single Loss Expectancy or Exposure)
Risk Transferring
8. Rolling command center with UPS - satellite - uplink - power - etc.
COOP
Rolling hot sites
User
Cold Site
9. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Transposition
Session Hijacking
Detective - Preventive - Corrective
Script kiddies
10. Someone whose hacking is primarily targeted at the phone systems
Security Awareness Training
Identification
Phreaker
Fraud
11. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Hoax
Security Perimeter
Acceptable use
Tokens
12. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Centralized
Privacy Act of 1974
Trademark
Granularity
13. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
SQL (Structured Query Language)
Biometric profile
COOP
BIA
14. In cryptography - it is a block cipher
Encryption
Risk Acceptance
Hash
Skipjack
15. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
ARO (Annualized Rate of Occurrence)
Noise & perturbation
Separation of duties
Tailgating / Piggybacking
16. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Separation of duties
Clipping levels
Man trap
Risk Analysis
17. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Risk Acceptance
Common criteria
TCSEC
Callback Security/Call Forwarding
18. The practice of obtaining confidential information by manipulation of legitimate users.
Social engineering
Open network
DHCP
Fraggle
19. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Software development lifecycle
Trap Door
Due Diligence
Hubs
20. The user
Security through obscurity
Debug
User
Brute Force
21. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Brute Force
Back door/ trap door/maintenance hook
Java
Script kiddies
22. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Reciprocal agreement
Transposition
Inference
Multithreading
23. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Clipper Chip
Malware
Script kiddies
Rolling hot sites
24. The process of reducing your risks to an acceptable level based on your risk analysis
Vulnerability analysis tools
Risk Mitigation
Risk Transferring
Trademark
25. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Tort
Trap Door
Dogs
Termination procedures
26. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Privacy Act of 1974
CGI (The Common Gateway Interface)
Diffie-Hellman
Encryption
27. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Fraud
Echelon
Incentive programs
Patriot Act
28. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Security kernel
Java
AES (Advanced Encryption Standard)
Smurf
29. Repeats the signal. It amplifies the signal before sending it on.
Repeaters
Sniffing
Polymorphism
Degausser
30. More discriminate than dogs
Man trap
Switches / Bridges
Guards
Scanning
31. Relating to quality or kind. This assigns a level of importance to something.
RAM (Random-access memory)
CIO
Qualitative
DAD
32. An instance of a scripting language
Service packs
Echelon
Script
Risk Transferring
33. A network that mimics the brain
DHCP
Fire extinguisher
BIA
Artificial Neural Networks (ANN)
34. Disclosure - Alteration - Destruction. These things break the CIA triad
Callback Security/Call Forwarding
DAD
CIRT
ARO (Annualized Rate of Occurrence)
35. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Well-known ports
Motion detector
PAP (Password Authentication Protocol)
Diffie-Hellman
36. Internet Relay Chat.
IAB
IRC
Salami Slicing
/etc/passwd
37. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
RAM (Random-access memory)
Hackers
Finger scanning
38. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Hardware
Logic bomb
Twisted pair
Raid 0 - 1 - 3 - 5
39. Access control method for database based on the content of the database to provide granular access
TCP Wrappers
Brute force
Content dependant
Artificial Neural Networks (ANN)
40. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Senior Management
CIA
Entrapment
Biometric profile
41. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
CCTV
ROT-13
Patent
42. Defines the objects and their attributes that exist in a database.
Expert System
Trap Door
Schema
Brute Force
43. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
NAT
Dumpster diving
Callback Security/Call Forwarding
Hearsay Evidence
44. When security is managed at many different points in an organization
Change management
Decentralized
Diffie-Hellman
COM
45. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
Degausser
EF (Exposure Factor)
Covert channels
46. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Key Escrow
Sniffing
Data Mart
CCTV
47. Threat to physical security.
Fraggle
Asset Value
Sabotage
Birthday attack
48. Method of authenticating to a system. Something that you supply and something you know.
Multiprocessing
Username/password
Certification
Macro
49. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Brewer-Nash model
Smart cards
Two-Factor Authentication
50. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Teardrop
Halon
Multiprocessing
Data remanence
