SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Telnet
Base-64
DAD
Acceptable use
2. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Asymmetric
Motion detector
Passive attacks
DOS
3. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
ARP (Address Resolution Protocol)
COOP
ALE (Annualized Loss Expectancy)
Callback Security/Call Forwarding
4. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Kerberos
Covert channels
SQL (Structured Query Language)
Cookies
5. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Block cipher
Penetration testing
Reciprocal agreement
Hot Site
6. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Compiler
Tailgating / Piggybacking
Data remanence
CORBA
7. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
Social engineering
TCB
Change management
8. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
EF (Exposure Factor)
Quality Assurance
Callback Security/Call Forwarding
Patent
9. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
User
Digital certificates
Expert System
Hardware
10. Also civil law
Fire extinguisher
Tort
EF (Exposure Factor)
Scanning
11. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Hackers
FAR/FRR/CER
Man trap
Accreditation
12. Encompasses Risk Analysis and Risk Mitigation
Dictionary Attack
Custodian
Eavesdropping
Risk Management
13. Someone whose hacking is primarily targeted at the phone systems
Expert System
Scanning
Rolling hot sites
Phreaker
14. Basic Input/Output System
Rolling hot sites
Boot-sector Virus
Firewall types
BIOS
15. Making individuals accountable for their actions on a system typically through the use of auditing
Patent
Illegal/Unethical
Switches / Bridges
Accountability
16. The output of a hash function is a digest.
Risk Mitigation
Skipjack
Rolling hot sites
Digest
17. A sandbox. Emulates an operating environment.
Boot-sector Virus
SQL (Structured Query Language)
Hearsay Evidence
Virtual machine
18. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Cryptanalysis
Joke
Software
Cyphertext only
19. The user
User
Common criteria
Masquerade
Security Awareness Training
20. Confidentiality - Integrity - and Availability
Fraggle
CIA
BIA
Packet Sniffing
21. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Clipping levels
Keystroke logging
Hot Site
Worm
22. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
Base-64
Symmetric
Wiretapping
23. Someone who hacks
Hacker
Telnet
CGI (The Common Gateway Interface)
Classes of IP networks
24. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Cookies
Diffie-Hellman
Brewer-Nash model
25. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Job rotation
MOM
Digital certificates
Granularity
26. These viruses usually infect both boot records and files.
TCP Wrappers
Cookies
Script kiddies
Multipartite
27. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Java
Salami Slicing
TCP Wrappers
Quantitative
28. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Firmware
Inference
Identification
Hearsay Evidence
29. Common Object Request Broker Architecture.
Two-Factor Authentication
Nonce
Due Diligence
CORBA
30. Personal - Network - and Application
CEO
Acceptable use
Firewall types
Due Diligence
31. Access control method for database based on the content of the database to provide granular access
Attenuation
Sniffing
Content dependant
/etc/passwd
32. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
OLE
Certification
WAP (Wireless Application Protocol)
Raid 0 - 1 - 3 - 5
33. A military standard defining controls for emanation protection
Data remanence
Raid 0 - 1 - 3 - 5
Halon
TEMPEST
34. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Digest
Smurf
CIO
Eavesdropping
35. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
Raid 0 - 1 - 3 - 5
CORBA
Birthday attack
36. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Granularity
Data Mart
l0pht
Due Diligence
37. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Security Awareness Training
Risk Analysis
Expert systems
Entrapment
38. The person that determines the permissions to files. The data owner.
Service packs
ROM (Read-only memory)
Owner
BIOS
39. A mechanism by which connections to TCP services on a system are allowed or disallowed
TCP Wrappers
Patent
OSI Model
Enticement
40. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Scanning
DMZ
TACACS (Terminal access controller access control system)
Tort
41. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
VLANs
MitM
Inference
Rijndael
42. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
CGI (The Common Gateway Interface)
CHAP
Mandatory vacation
Multithreading
43. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Motion detector
SSH
Normalization
Nonce
44. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Toneloc
Caesar Cipher
VLANs
CD-Rom
45. Distributed Component Object Model. Microsoft's implementation of CORBA.
Macro
DCOM
l0pht
Entrapment
46. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Security kernel
Mandatory vacation
Honey pot
COOP
47. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Checksum
WTLS (Wireless Transport Layer Security)
CRC (Cyclic Redundancy Check)
CHAP
48. Defines the objects and their attributes that exist in a database.
DAD
Schema
ROM (Read-only memory)
Dogs
49. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Reciprocal agreement
Social engineering
Normalization
Common criteria
50. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Key Escrow
Skipjack
Logic bomb
Biometrics