SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
SSL/TLS
Encryption
Finger printing
War driving
2. Confidentiality - Integrity - and Availability
Stream cipher
ARP (Address Resolution Protocol)
CIA
DAD
3. Using ICMP to diagram a network
Due Care
Probing
ALE (Annualized Loss Expectancy)
Two-Factor Authentication
4. Chief Executive Officer
CEO
Key Escrow
Telnet
OLE
5. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
DMZ
Motion detector
Decentralized
Wiretapping
6. Computer Incident Response Team
CIRT
Code of ethics
Risk Transferring
Routers
7. Enticing people to hit your honeypot to see how they try to access your system.
Enticement
CHAP
Two-Factor Authentication
Twisted pair
8. Common Object Request Broker Architecture.
Digest
CORBA
Active attacks
Well-known ports
9. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Code of ethics
Custodian
PAP (Password Authentication Protocol)
Hot Site
10. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Hubs
Worm
Transposition
Technical - Administrative - Physical
11. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Biometric profile
Polymorphism
Decentralized
12. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
OLE
Diffie-Hellman
Software development lifecycle
Firmware
13. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Job rotation
Active attacks
PAP (Password Authentication Protocol)
WTLS (Wireless Transport Layer Security)
14. The real cost of acquiring/maintaining/developing a system
Asset Value
Block cipher
Encryption
l0pht
15. When two or more processes are linked and execute multiple programs simultaneously
Multiprocessing
Reciprocal agreement
Hardware
Key Escrow
16. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
ISDN (Integrated Services Digital Network)
Centralized
Copyright
Session Hijacking
17. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Artificial Neural Networks (ANN)
Risk Analysis
MOM
Technical - Administrative - Physical
18. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Motion detector
Classes of IP networks
Private Addressing
DNS cache poisoning
19. A war dialing utility
Toneloc
WTLS (Wireless Transport Layer Security)
Content dependant
Object Oriented Programming
20. The process of reducing your risks to an acceptable level based on your risk analysis
Hacker
Security Perimeter
MOM
Risk Mitigation
21. Closed Circuit Television
Echelon
CCTV
Hubs
ARO (Annualized Rate of Occurrence)
22. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Risk Transferring
TCSEC
SLE (Single Loss Expectancy or Exposure)
War driving
23. This is an open international standard for applications that use wireless communications.
Private Addressing
Macro
Packet Sniffing
WAP (Wireless Application Protocol)
24. Internet Relay Chat.
Dictionary Attack
PAP (Password Authentication Protocol)
Eavesdropping
IRC
25. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
CIA
Cookies
Carnivore
War driving
26. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Qualitative
Normalization
SYN Flood
Audit Trail
27. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
Hoax
Termination procedures
Symmetric
SSL/TLS
28. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Classes of IP networks
Security kernel
Fraggle
Dogs
29. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Halon
Cryptanalysis
Security kernel
Security Awareness Training
30. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Audit Trail
Toneloc
Object Oriented Programming
IRC
31. Continuation of Operations Plan
Detective - Preventive - Corrective
COOP
ISDN (Integrated Services Digital Network)
SSO (Single sign-on)
32. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Aggregation
Macro
Granularity
Cold Site
33. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
DDOS
Base-64
Multitasking
Diffie-Hellman
34. Providing verification to a system
Closed network
Spoofing
Authentication
Finger printing
35. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Service packs
Open network
Hacker
Smart cards
36. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
IAB
Software librarian
SQL (Structured Query Language)
Common criteria
37. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Debug
Asymmetric
Diffie-Hellman
Accreditation
38. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
DAD
Private Addressing
Noise & perturbation
Hash
39. Must be in place for you to use a biometric system
CD-Rom
Biometric profile
Firewall types
TCP Wrappers
40. In cryptography - it is a block cipher
Skipjack
Mandatory vacation
Masquerade
Smart cards
41. Reasonable doubt
Burden of Proof
ActiveX Object Linking and Embedding
CRC (Cyclic Redundancy Check)
DCOM
42. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Tort
ROM (Read-only memory)
Brute Force
DOS
43. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Firewall types
Patent
Trap Door
l0pht
44. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Out of band
Rolling hot sites
Trademark
Cryptanalysis
45. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
ARO (Annualized Rate of Occurrence)
Certification
Separation of duties
Noise & perturbation
46. Distributed Component Object Model. Microsoft's implementation of CORBA.
DCOM
Software librarian
Quality Assurance
Stream cipher
47. White hat l0pht
Wiretapping
Bugtraq
Data remanence
Expert systems
48. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
SYN Flood
OEP
TCSEC
Hearsay Evidence
49. Network device that operates at layer 1. Concentrator.
Hubs
Digital signing
PAP (Password Authentication Protocol)
Entrapment
50. An instance of a scripting language
Script
Probing
ISDN (Integrated Services Digital Network)
Hackers