SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
Granularity
Base-64
Hoax
Checksum
2. A RFC standard. A mechanism for performing commands on a remote system
Cookies
User
ARP (Address Resolution Protocol)
Telnet
3. Must be in place for you to use a biometric system
Accreditation
Dogs
Biometric profile
Brewer-Nash model
4. These viruses usually infect both boot records and files.
Diffie-Hellman
Stream cipher
Keystroke logging
Multipartite
5. Class A (1-126.x.x.x) - Class B (128-191.x.x.x) - Class C (192-223.x.x.x)
SSL/TLS
Classes of IP networks
IRC
Patent
6. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Multiprocessing
Firewall types
Out of band
ROM (Read-only memory)
7. Be at least 8 foot tall and have three strands of barbed wire.
Smurf
Smart cards
Fences
DMZ
8. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Cryptanalysis
Carnivore
Open network
Checksum
9. When security is managed at a central point in an organization
Object Oriented Programming
Custodian
ALE (Annualized Loss Expectancy)
Centralized
10. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Probing
SYN Flood
CD-Rom
Base-64
11. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Nonce
Cyphertext only
Attenuation
Callback Security/Call Forwarding
12. 'If you cant see it - its secure'. Bad policy to live by.
CIO
Raid 0 - 1 - 3 - 5
Security through obscurity
COOP
13. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Warm Site
Vulnerability analysis tools
Firewall types
Dictionary Attack
14. The practice of obtaining confidential information by manipulation of legitimate users.
Social engineering
Motion detector
SLE (Single Loss Expectancy or Exposure)
Job rotation
15. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Embezzlement
Inference
Social engineering
Out of band
16. Accepting all packets
Script kiddies
Firmware
Promiscuous mode
User
17. The act of identifying yourself. Providing your identity to a system
Technical - Administrative - Physical
Illegal/Unethical
Identification
Normalization
18. Emanations from one wire coupling with another wire
Security kernel
TACACS (Terminal access controller access control system)
Digital signing
Crosstalk
19. Dynamic Host Configuration Protocol.
DHCP
Object Oriented Programming
Common criteria
CCTV
20. A system designed to stop piggybacking.
Two-Factor Authentication
Mandatory vacation
Man trap
CRC (Cyclic Redundancy Check)
21. Good for distance - longer than 100M
CCTV
IRC
Coax
Normalization
22. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Brute Force
Multipartite
ARO (Annualized Rate of Occurrence)
Compiler
23. CISSPs subscribe to a code of ethics for building up the security profession
Replay
Risk Management
Code of ethics
Active attacks
24. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Centralized
Active attacks
Object Oriented Programming
Social engineering
25. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Hardware
Key Escrow
l0pht
Privacy Act of 1974
26. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Burden of Proof
Dogs
WAP (Wireless Application Protocol)
Cookies
27. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Risk Analysis
Smart cards
Toneloc
DAD
28. Confidentiality - Integrity - and Availability
Service packs
CIA
Out of band
Privacy Act of 1974
29. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Teardrop
Dumpster diving
Risk Mitigation
Repeaters
30. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Cryptanalysis
Multithreading
Polymorphic
Separation of duties
31. When one key of a two-key pair has more encryption pattern than the other
NAT
User
TACACS (Terminal access controller access control system)
Asymmetric
32. A network that uses proprietary protocols
Inference
ROT-13
Closed network
Worm
33. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Rolling hot sites
Classes of IP networks
Security Perimeter
NAT
34. A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it - possibly as part of a masquer
Spoofing
CCTV
Replay
Stream cipher
35. Disclosure - Alteration - Destruction. These things break the CIA triad
Hearsay Evidence
DAD
Caesar Cipher
Passive attacks
36. Method of authenticating to a system. Something that you supply and something you know.
Joke
ActiveX Object Linking and Embedding
Quality Assurance
Username/password
37. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Technical - Administrative - Physical
Key Escrow
Bugtraq
Block cipher
38. An instance of a scripting language
CIA
Script
Firmware
OSI Model
39. Signal degradation as it moves farther from its source
Cryptanalysis
CGI (The Common Gateway Interface)
Buffer overflow
Attenuation
40. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Fraud
OEP
Trademark
/etc/passwd
41. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ALE (Annualized Loss Expectancy)
Fraggle
Owner
SQL (Structured Query Language)
42. Encompasses Risk Analysis and Risk Mitigation
Encryption
Artificial Neural Networks (ANN)
Risk Management
Key Escrow
43. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
Data Mart
Brute force
Burden of Proof
AES (Advanced Encryption Standard)
44. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Polymorphism
DOS
Patriot Act
Smurf
45. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
OEP
Worm
Enticement
Code of ethics
46. More discriminate than dogs
PAP (Password Authentication Protocol)
Owner
Motion detector
Guards
47. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Key Escrow
Brute force
Digital signing
Hoax
48. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Fraggle
SSO (Single sign-on)
Bastion hosts
EF (Exposure Factor)
49. Enticing people to hit your honeypot to see how they try to access your system.
DOS
Hubs
Qualitative
Enticement
50. Same as a block cipher except that it is applied to a data stream one bit at a time
Tokens
SSH
Stream cipher
Firmware
