SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The art of breaking code. Testing the strength of an algorithm.
Fences
Software
Hearsay Evidence
Cryptanalysis
2. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Honey pot
Diffie-Hellman
Caesar Cipher
Buffer overflow
3. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Enticement
CIO
Coax
SYN Flood
4. Data storage formats and equipment that allow the stored data to be accessed in any order
RAM (Random-access memory)
Trap Door
Dictionary Attack
Key Escrow
5. Internet Relay Chat.
EF (Exposure Factor)
COM
IRC
DMZ
6. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
TEMPEST
EF (Exposure Factor)
Session Hijacking
Teardrop
7. A RFC standard. A mechanism for performing commands on a remote system
Software
Block cipher
Telnet
Digital signing
8. Random Number Base
Nonce
DNS cache poisoning
Bastion hosts
Hearsay Evidence
9. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
TEMPEST
Owner
Data Mart
Incentive programs
10. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Artificial Neural Networks (ANN)
WTLS (Wireless Transport Layer Security)
Tailgating / Piggybacking
11. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
Data remanence
Vulnerability analysis tools
Risk Transferring
ALE (Annualized Loss Expectancy)
12. Must be in place for you to use a biometric system
EF (Exposure Factor)
Fiber optic
Centralized
Biometric profile
13. A hidden communications channel on a system that allows for the bypassing of the system security policy
Sniffing
Covert channels
Digital signing
Switches / Bridges
14. Be at least 8 foot tall and have three strands of barbed wire.
Patriot Act
CRC (Cyclic Redundancy Check)
Telnet
Fences
15. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
ROM (Read-only memory)
Senior Management
Acceptable use
Malware
16. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Noise & perturbation
Multipartite
Callback Security/Call Forwarding
Clipper Chip
17. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Cyphertext only
Kerberos
Routers
Switches / Bridges
18. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Qualitative
Macro
Patriot Act
Degausser
19. Using ICMP to diagram a network
Crosstalk
Owner
Probing
WAP (Wireless Application Protocol)
20. Animals with teeth. Not as discriminate as guards
Dogs
Firewall types
Degausser
Security through obscurity
21. Also civil law
Eavesdropping
Phreaker
Tort
Noise & perturbation
22. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Exit interview
Switches / Bridges
Accreditation
SYN Flood
23. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
Embezzlement
WAP (Wireless Application Protocol)
TCB
24. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Hearsay Evidence
Format 7 times
FAR/FRR/CER
Joke
25. Disclosure - Alteration - Destruction. These things break the CIA triad
Digital certificates
DAD
Out of band
Firewall types
26. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Trojan horses
Private Addressing
CEO
Authorization creep
27. Defines the objects and their attributes that exist in a database.
Schema
Trademark
Rolling hot sites
Throughput of a Biometric System
28. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Job rotation
Hash
Due Care
Reciprocal agreement
29. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Call tree
CGI (The Common Gateway Interface)
Technical - Administrative - Physical
CIRT
30. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Well-known ports
DNS cache poisoning
Promiscuous mode
Attenuation
31. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Raid 0 - 1 - 3 - 5
Mandatory vacation
EF (Exposure Factor)
Privacy Act of 1974
32. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Incentive programs
Keystroke logging
Digital signing
Eavesdropping
33. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Software librarian
Symmetric
Two-Factor Authentication
TCSEC
34. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
EF (Exposure Factor)
Biometric profile
Fraggle
Due Care
35. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Logic bomb
Incentive programs
MitM
Job rotation
36. A network entity that provides a single entrance / exit point to the Internet.
Bastion hosts
Echelon
Trademark
Expert System
37. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Keystroke logging
BIA
Callback Security/Call Forwarding
Smart cards
38. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
CIA
DOS
Qualitative
WAP (Wireless Application Protocol)
39. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Caesar Cipher
Code of ethics
Encryption
Security kernel
40. Someone whose hacking is primarily targeted at the phone systems
Phreaker
Trap Door
Classes of IP networks
TEMPEST
41. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Diffie-Hellman
Finger scanning
Illegal/Unethical
Kerberos
42. White hat l0pht
ARO (Annualized Rate of Occurrence)
Buffer overflow
Fiber optic
Bugtraq
43. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
Biometrics
Packet Sniffing
SLE (Single Loss Expectancy or Exposure)
44. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Aggregation
Hearsay Evidence
Hardware
COM
45. Dialing fixed sets telephone numbers looking for open modem connections to machines
Script
War dialing
Trade Secret
Finger scanning
46. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
Authorization creep
Halon
Spoofing
Dumpster diving
47. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Dogs
Social engineering
Service packs
Username/password
48. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Biometric profile
Keystroke logging
Clipping levels
Private Addressing
49. In cryptanalysis and computer security - this attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching a large number of possibilities. In contrast with a brute forc
Dictionary Attack
Dumpster diving
Asset Value
Trademark
50. These viruses usually infect both boot records and files.
Common criteria
ROT-13
AES (Advanced Encryption Standard)
Multipartite