SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Reasonable doubt
SSL/TLS
CORBA
Burden of Proof
Senior Management
2. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
CORBA
Detective - Preventive - Corrective
Brute Force
ROM (Read-only memory)
3. The person that controls access to the data
Custodian
IRC
Diffie-Hellman
Common criteria
4. These can be used to verify that public keys belong to certain individuals.
Digital certificates
Security Perimeter
Enticement
Privacy Act of 1974
5. Occupant Emergency Plan - Employees are the most important!
OEP
OSI Model
Exit interview
Raid 0 - 1 - 3 - 5
6. Involving the measurement of quantity or amount.
CIA
/etc/passwd
Quantitative
Social engineering
7. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Promiscuous mode
Burden of Proof
CCTV
8. A network that mimics the brain
DNS cache poisoning
Exit interview
Multipartite
Artificial Neural Networks (ANN)
9. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Scanning
Debug
Penetration testing
Cookies
10. Method of authenticating to a system. Something that you supply and something you know.
Tokens
Username/password
Caesar Cipher
Quality Assurance
11. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Mandatory vacation
Bastion hosts
Authorization creep
12. Chief Executive Officer
War dialing
BIOS
Due Care
CEO
13. Also known as a tunnel)
IAB
VPN (Virtual Private Network)
Dictionary Attack
AES (Advanced Encryption Standard)
14. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
COM
Accountability
Compiler
Base-64
15. A RFC standard. A mechanism for performing commands on a remote system
Granularity
Telnet
Noise & perturbation
Copyright
16. Someone who hacks
CEO
Passive attacks
Hacker
Hoax
17. A standard protocol for interfacing external application software with an information server - commonly a web server. This allows the server to pass requests from a client web browser to the external application. The web server can then return the ou
Security through obscurity
Hot Site
Carnivore
CGI (The Common Gateway Interface)
18. A network that uses standard protocols (TCP/IP)
Open network
Audit Trail
Owner
Substitution
19. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Fire extinguisher
WAP (Wireless Application Protocol)
Patent
Risk Mitigation
20. A system designed to stop piggybacking.
War dialing
Man trap
Biometric profile
Callback Security/Call Forwarding
21. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
Security kernel
Data Mart
Routers
Job rotation
22. The practice of obtaining confidential information by manipulation of legitimate users.
Sniffing
Social engineering
Private Addressing
Substitution
23. A network entity that provides a single entrance / exit point to the Internet.
Halon
Bastion hosts
Joke
Malware
24. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
CIRT
Dumpster diving
Keystroke logging
25. Random Number Base
Tailgating / Piggybacking
Debug
Nonce
Fiber optic
26. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
SLE (Single Loss Expectancy or Exposure)
Fiber optic
ISDN (Integrated Services Digital Network)
Two-Factor Authentication
27. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
Patriot Act
Passive attacks
VLANs
TCP Wrappers
28. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Twisted pair
Virtual Memory/Pagefile.sys
Multitasking
l0pht
29. Component Object Model.
DDOS
COM
Kerberos
Schema
30. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Spoofing
Hubs
OSI Model
Due Diligence
31. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Technical - Administrative - Physical
Data Mart
Script
Trade Secret
32. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
SLE (Single Loss Expectancy or Exposure)
Brute force
Covert channels
Noise & perturbation
33. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Smurf
Dogs
Owner
CD-Rom
34. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
Probing
OSI Model
Social engineering
Biometric profile
35. Continuation of Operations Plan
Common criteria
Twisted pair
Tailgating / Piggybacking
COOP
36. The frequency with which a threat is expected to occur.
ARO (Annualized Rate of Occurrence)
Dictionary Attack
Motion detector
Smurf
37. The person that determines the permissions to files. The data owner.
Owner
Penetration testing
Kerberos
Private Addressing
38. Transferring your risk to someone else - typically an insurance company
Degausser
Granularity
Risk Transferring
Classes of IP networks
39. A site that is ready physically but has no hardware in place - all it has is HVAC
Key Escrow
Rijndael
SESAME
Cold Site
40. A little piece of information that is put on your computer to allow communications with the server and that also allow some servers to track everything you go to on the Internet
Base-64
Tort
Security Awareness Training
Cookies
41. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
ALE (Annualized Loss Expectancy)
Firewall types
Due Diligence
42. Must be in place for you to use a biometric system
DMZ
Masquerade
Biometric profile
Scanning
43. A network that uses proprietary protocols
Trojan horses
Closed network
UUEncode
Fire extinguisher
44. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Data Mart
Digital signing
Hackers
PAP (Password Authentication Protocol)
45. Network devices that operate at layer 2. Every port on a switch is a separate collision domain
Dumpster diving
Block cipher
Fire extinguisher
Switches / Bridges
46. Personal - Network - and Application
Telnet
Toneloc
WAP (Wireless Application Protocol)
Firewall types
47. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Software librarian
Wiretapping
CCTV
Block cipher
48. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
MitM
Closed network
Crosstalk
SQL (Structured Query Language)
49. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
SSL/TLS
WAP (Wireless Application Protocol)
Echelon
Clipper Chip
50. Computer Incident Response Team
CIRT
Due Care
Java
Packet Sniffing