Test your basic knowledge |

Comptia Security +: Vocab

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Hearsay Evidence
Echelon
Service packs
Mandatory vacation

2. Signal degradation as it moves farther from its source
Attenuation
Substitution
Brute force
Cyphertext only

3. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Inference
Trademark
Aggregation
AES (Advanced Encryption Standard)

4. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
Risk Acceptance
Rolling hot sites
Granularity

5. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
Separation of duties
Skipjack
Multipartite
Active attacks

6. Chief Executive Officer
Clipper Chip
CEO
Firewall types
Penetration testing

7. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
Privacy Act of 1974
Data remanence
Schema
Social engineering

8. Using ICMP to diagram a network
ARO (Annualized Rate of Occurrence)
Dumpster diving
Clipping levels
Probing

9. Access control method for database based on the content of the database to provide granular access
DOS
OLE
Content dependant
Joke

10. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Throughput of a Biometric System
Telnet
Change management
Private Addressing

11. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Accreditation
Asymmetric
ISDN (Integrated Services Digital Network)
FAR/FRR/CER

12. Defines the objects and their attributes that exist in a database.
Schema
Debug
Termination procedures
Privacy Act of 1974

13. CISSPs subscribe to a code of ethics for building up the security profession
Reciprocal agreement
CIRT
Cookies
Code of ethics

14. White hat l0pht
CD-Rom
Bugtraq
Trojan horses
Brewer-Nash model

15. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Macro
Eavesdropping
Senior Management
Certification

16. In cryptography - it is a block cipher
Skipjack
Private Addressing
IRC
AES (Advanced Encryption Standard)

17. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
AES (Advanced Encryption Standard)
Cold Site
War dialing
Mandatory vacation

18. The intercepting of conversations by unintended recipients
Eavesdropping
Switches / Bridges
SESAME
SSH

19. Attack which does not result in an unauthorized state change - such as an attack that only monitors and/or records data.
DHCP
Smart cards
Passive attacks
SQL (Structured Query Language)

20. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
OSI Model
Logic bomb
Security kernel
Switches / Bridges

21. Public Key Infrastructure
PKI
Separation of duties
CRC (Cyclic Redundancy Check)
Script kiddies

22. Internet Relay Chat.
Security Awareness Training
Scanning
Two-Factor Authentication
IRC

23. The ability to have more than one thread associated with a process
RAM (Random-access memory)
SLE (Single Loss Expectancy or Exposure)
Spoofing
Multithreading

24. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
Raid 0 - 1 - 3 - 5
Mandatory vacation
Brute force
Joke

25. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Attenuation
Script kiddies
Kerberos
Clipping levels

26. A RFC standard. A mechanism for performing commands on a remote system
Salami Slicing
Multitasking
Multipartite
Telnet

27. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Firewall types
Senior Management
Brute Force
Substitution

28. Project initiation - functional design analysis and planning - system design specifications - software development - installation/implementation - operational/maintenance - disposal
Malware
Clipper Chip
Software development lifecycle
Open network

29. Common Object Request Broker Architecture.
Penetration testing
Hacker
CORBA
BIOS

30. Federal law with many aspects designed to curb terrorist activities; impacts real estate transactions because of disclosure requirements imposed on escrow agents regarding transfer of title and deposits of cash; imposes new disclosure and signature r
Warm Site
Noise & perturbation
Patriot Act
Buffer overflow

31. When security is managed at many different points in an organization
Decentralized
Masquerade
Tokens
Schema

32. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Birthday attack
Senior Management
Polymorphism
CD-Rom

33. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
DCOM
Hacker
ISDN (Integrated Services Digital Network)
Asset Value

34. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
TACACS (Terminal access controller access control system)
Mandatory vacation
Tailgating / Piggybacking
Stream cipher

35. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
SSO (Single sign-on)
Data Mart
Authentication
Embezzlement

36. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
Smart cards
Clipper Chip
Sabotage
TACACS (Terminal access controller access control system)

37. Entails planning and system actions to ensure that a project is following good quality management practices
Quality Assurance
Closed network
Repeaters
COOP

38. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Username/password
Spoofing
Encryption
Checksum

39. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Masquerade
Content dependant
CD-Rom
Due Care

40. Making individuals accountable for their actions on a system typically through the use of auditing
Toneloc
ARP (Address Resolution Protocol)
Security Perimeter
Accountability

41. In computer networking - this is the method for finding a host's hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and ethernet - ARP is primarily used to translate ethernet MAC addresses from IP addresses
Callback Security/Call Forwarding
Format 7 times
Penetration testing
ARP (Address Resolution Protocol)

42. Providing verification to a system
Routers
Authentication
Cyphertext only
Guards

43. The real cost of acquiring/maintaining/developing a system
Asset Value
ALE (Annualized Loss Expectancy)
Enticement
Patent

44. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Fiber optic
Inference
Social engineering
SYN Flood

45. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Brute force
Masquerade
Software
Fiber optic

46. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Closed network
Quality Assurance
Out of band
Cold Site

47. A hidden communications channel on a system that allows for the bypassing of the system security policy
Termination procedures
Smart cards
Covert channels
Hot Site

48. The person that determines the permissions to files. The data owner.
Owner
Twisted pair
Trojan horses
Motion detector

49. In the broadest sense - a fraud is a deception made for personal gain
Fraud
Data Mart
Virtual Memory/Pagefile.sys
Cookies

50. Also civil law
Finger printing
Tort
CGI (The Common Gateway Interface)
Bastion hosts