SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Transposition
Multiprocessing
Reciprocal agreement
COM
2. A network that uses proprietary protocols
Firmware
Job rotation
Honey pot
Closed network
3. Motive - Opportunity - and Means. These deal with crime.
Replay
MOM
Reciprocal agreement
Call tree
4. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Tort
Worm
Trade Secret
5. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
VPN (Virtual Private Network)
Callback Security/Call Forwarding
Trade Secret
Session Hijacking
6. In the context of computer software - a Trojan horse is a malicious program that is disguised as or embedded within legitimate software.
Fire extinguisher
Trojan horses
TEMPEST
VLANs
7. The art of breaking code. Testing the strength of an algorithm.
Enticement
Cryptanalysis
Fiber optic
Artificial Neural Networks (ANN)
8. A network that mimics the brain
Attenuation
Fraggle
Artificial Neural Networks (ANN)
Cryptanalysis
9. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Data remanence
Multitasking
Software development lifecycle
Inference
10. Assuming someone's session who is unaware of what you are doing
Session Hijacking
Coax
MitM
ARP (Address Resolution Protocol)
11. Animals with teeth. Not as discriminate as guards
Encryption
User
Clipping levels
Dogs
12. A gas used in fire suppression. Not human safe. Chemical reaction.
Logic bomb
Twisted pair
Halon
IAB
13. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
ROM (Read-only memory)
War dialing
Digest
ROT-13
14. In a separation of duties model - this is where code is checked in and out
Bugtraq
SESAME
Software librarian
Toneloc
15. A system designed to stop piggybacking.
Toneloc
Brute force
Man trap
Script
16. The attacker sends a SYN request to the victims machine and the victim machine allocates resources for that request and sends a SYN/ACK back. The attacking machine doesn't respond however - but instead sends another SYN and continues to do so until t
Firmware
Out of band
IAB
SYN Flood
17. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
Switches / Bridges
CHAP
PAP (Password Authentication Protocol)
Boot-sector Virus
18. Network Address Translation
NAT
Tailgating / Piggybacking
Telnet
Repeaters
19. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Firewall types
/etc/passwd
Artificial Neural Networks (ANN)
Echelon
20. These can be used to verify that public keys belong to certain individuals.
Raid 0 - 1 - 3 - 5
Accreditation
Digital certificates
MitM
21. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Script kiddies
Routers
COOP
Motion detector
22. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Acceptable use
DAD
ARO (Annualized Rate of Occurrence)
Accreditation
23. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Private Addressing
Service packs
Passive attacks
TEMPEST
24. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Nonce
Caesar Cipher
Coax
Non-repudiation
25. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Hash
Wiretapping
Incentive programs
Degausser
26. Encompasses Risk Analysis and Risk Mitigation
Due Care
Risk Management
Birthday attack
Fraggle
27. Enticing people to hit your honeypot to see how they try to access your system.
Worm
Out of band
Enticement
VLANs
28. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Boot-sector Virus
Tort
Format 7 times
Enticement
29. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Aggregation
l0pht
SLE (Single Loss Expectancy or Exposure)
SSO (Single sign-on)
30. Ethernet - Cat5 - Twisted to allow for longer runs.
Hot Site
Salami Slicing
Twisted pair
Security kernel
31. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Open network
Diffie-Hellman
Entrapment
DOS
32. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
CHAP
Nonce
Format 7 times
UUEncode
33. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Scanning
Teardrop
Trade Secret
RADIUS (Remote authentication dial-in user service)
34. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
TACACS (Terminal access controller access control system)
Symmetric
Trademark
Fences
35. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Checksum
COOP
Patent
Masquerade
36. An attempt to trick the system into believing that something false is real
Out of band
Hoax
Artificial Neural Networks (ANN)
Twisted pair
37. Basic Input/Output System
Caesar Cipher
BIOS
Salami Slicing
Spoofing
38. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
TCSEC
Call tree
Spoofing
Classes of IP networks
39. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Trap Door
MOM
SLE (Single Loss Expectancy or Exposure)
40. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Multiprocessing
Brewer-Nash model
CEO
Trademark
41. The practice of obtaining confidential information by manipulation of legitimate users.
Brute Force
Social engineering
Software development lifecycle
Callback Security/Call Forwarding
42. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
CD-Rom
Data remanence
DAD
TCB
43. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
DNS cache poisoning
Risk Management
Multiprocessing
Change management
44. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
Halon
/etc/passwd
Joke
Script kiddies
45. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Cyphertext only
OEP
Birthday attack
TEMPEST
46. The output of a hash function is a digest.
Digest
Exit interview
Burden of Proof
Twisted pair
47. Random Number Base
Closed network
Back door/ trap door/maintenance hook
ROM (Read-only memory)
Nonce
48. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
War driving
Tailgating / Piggybacking
Fraggle
Audit Trail
49. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
CIRT
Hot Site
Clipper Chip
Quantitative
50. Dialing fixed sets telephone numbers looking for open modem connections to machines
Digital certificates
Trade Secret
War dialing
WTLS (Wireless Transport Layer Security)