SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A military standard defining controls for emanation protection
FAR/FRR/CER
Security Awareness Training
TEMPEST
Hash
2. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Cookies
Risk Analysis
Object Oriented Programming
CIO
3. A network that uses standard protocols (TCP/IP)
War driving
Open network
Digest
CORBA
4. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Inference
Open network
MOM
Packet Sniffing
5. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Attenuation
BIA
l0pht
Nonce
6. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Multipartite
UUEncode
Diffie-Hellman
Brute Force
7. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Exit interview
Tort
Authentication
ALE (Annualized Loss Expectancy)
8. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Promiscuous mode
Hackers
UUEncode
ARO (Annualized Rate of Occurrence)
9. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
Aggregation
CIA
Polymorphism
Authorization
10. Transferring your risk to someone else - typically an insurance company
Switches / Bridges
Clipping levels
/etc/passwd
Risk Transferring
11. A sandbox. Emulates an operating environment.
Virtual machine
SESAME
Exit interview
Noise & perturbation
12. This is an open international standard for applications that use wireless communications.
Certification
IRC
Polymorphic
WAP (Wireless Application Protocol)
13. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Expert System
Detective - Preventive - Corrective
Penetration testing
Private Addressing
14. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brewer-Nash model
Warm Site
Centralized
Data Mart
15. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Burden of Proof
Exit interview
SESAME
Job rotation
16. Same as a block cipher except that it is applied to a data stream one bit at a time
Stream cipher
Patriot Act
Brewer-Nash model
Toneloc
17. An instance of a scripting language
CEO
Spoofing
Script
Compiler
18. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
TCP Wrappers
Trade Secret
BIOS
FAR/FRR/CER
19. Animals with teeth. Not as discriminate as guards
Dogs
Owner
Honey pot
MOM
20. Reasonable doubt
Risk Acceptance
CEO
CIRT
Burden of Proof
21. The art of breaking code. Testing the strength of an algorithm.
Audit Trail
Attenuation
Private Addressing
Cryptanalysis
22. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
Format 7 times
Eavesdropping
CIA
23. Entails planning and system actions to ensure that a project is following good quality management practices
Quality Assurance
Due Diligence
Attenuation
WAP (Wireless Application Protocol)
24. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Due Care
DNS cache poisoning
Expert System
Callback Security/Call Forwarding
25. Network Address Translation
NAT
Risk Acceptance
Patriot Act
CGI (The Common Gateway Interface)
26. Continuation of Operations Plan
FAR/FRR/CER
COOP
SQL (Structured Query Language)
Packet Sniffing
27. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Key Escrow
Digital certificates
Copyright
Birthday attack
28. Random Number Base
TEMPEST
ROM (Read-only memory)
Nonce
Copyright
29. A site that is ready physically but has no hardware in place - all it has is HVAC
Patriot Act
OEP
Cold Site
Brute Force
30. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Firmware
Man trap
ARP (Address Resolution Protocol)
TCB
31. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Username/password
IAB
Logic bomb
SESAME
32. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Finger printing
NAT
Granularity
EF (Exposure Factor)
33. 1 - 1024 are the ports registered to Internet applications. Ones on the test include: 20 - ftp 21 - ftp 22 - ssh 23 - telnet 25 - smtp 53 - dns 69 - tftp 80 - http 161 - snmp 443 - ssl
Well-known ports
Attenuation
Trojan horses
Risk Mitigation
34. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Hacker
SSO (Single sign-on)
Checksum
Termination procedures
35. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
TCSEC
Throughput of a Biometric System
Asset Value
Identification
36. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Open network
Dumpster diving
Stream cipher
Virtual Memory/Pagefile.sys
37. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Joke
Expert systems
Hardware
Boot-sector Virus
38. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Fences
Accreditation
Cookies
SLE (Single Loss Expectancy or Exposure)
39. Dialing fixed sets telephone numbers looking for open modem connections to machines
Active attacks
Decentralized
l0pht
War dialing
40. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Noise & perturbation
RAM (Random-access memory)
Raid 0 - 1 - 3 - 5
Sniffing
41. Component Object Model.
COM
Encryption
Session Hijacking
Replay
42. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Due Care
Block cipher
Twisted pair
Mandatory vacation
43. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
PAP (Password Authentication Protocol)
PKI
Closed network
Privacy Act of 1974
44. Ethernet - Cat5 - Twisted to allow for longer runs.
Wiretapping
Hardware
Dictionary Attack
Twisted pair
45. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Trap Door
Non-repudiation
Attenuation
Echelon
46. A network entity that provides a single entrance / exit point to the Internet.
Termination procedures
Session Hijacking
Bastion hosts
Quantitative
47. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Service packs
Caesar Cipher
MitM
Dumpster diving
48. Occupant Emergency Plan - Employees are the most important!
OEP
Fire extinguisher
Mandatory vacation
Throughput of a Biometric System
49. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Script
Cold Site
Echelon
Key Escrow
50. An attempt to trick the system into believing that something false is real
Kerberos
Multiprocessing
Hoax
BIOS
