SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Finger scanning
OLE
Promiscuous mode
Privacy Act of 1974
2. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Repeaters
Format 7 times
Brewer-Nash model
PKI
3. These viruses usually infect both boot records and files.
Social engineering
Bastion hosts
Expert System
Multipartite
4. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
MOM
Risk Transferring
Patent
Script
5. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Polymorphism
CIO
Back door/ trap door/maintenance hook
Callback Security/Call Forwarding
6. A site that has some equipment in place - and can be up within days
Warm Site
Qualitative
DHCP
Software
7. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Telnet
Senior Management
Sniffing
Code of ethics
8. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Hackers
Brewer-Nash model
AES (Advanced Encryption Standard)
RADIUS (Remote authentication dial-in user service)
9. Relating to quality or kind. This assigns a level of importance to something.
Two-Factor Authentication
Wiretapping
CD-Rom
Qualitative
10. A RFC standard. A mechanism for performing commands on a remote system
Cryptanalysis
Expert System
Telnet
Asset Value
11. Network device that operates at layer 1. Concentrator.
VPN (Virtual Private Network)
Reciprocal agreement
Custodian
Hubs
12. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Mandatory vacation
Non-repudiation
Separation of duties
Rijndael
13. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Artificial Neural Networks (ANN)
SSO (Single sign-on)
SSH
Boot-sector Virus
14. Chief Executive Officer
ROM (Read-only memory)
CEO
Hacker
Hash
15. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Raid 0 - 1 - 3 - 5
Trademark
Worm
CIA
16. More discriminate than dogs
Service packs
Telnet
Guards
War driving
17. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Diffie-Hellman
Nonce
Polymorphism
Coax
18. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
IAB
Format 7 times
Object Oriented Programming
Incentive programs
19. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Probing
Brewer-Nash model
Coax
SQL (Structured Query Language)
20. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Promiscuous mode
Block cipher
SESAME
PKI
21. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Promiscuous mode
Mandatory vacation
Well-known ports
22. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
DNS cache poisoning
ISDN (Integrated Services Digital Network)
Software librarian
Security kernel
23. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Clipping levels
Repeaters
Callback Security/Call Forwarding
Block cipher
24. A computer program that contains some of the subject-specific knowledge of one or more human experts. The most common form of expert systems is a program (like a wizard) made up of a set of rules that analyze information (usually supplied by the user
Spoofing
Risk Transferring
Expert System
Hacker
25. In cryptography - it is a block cipher
Teardrop
Skipjack
Multithreading
Caesar Cipher
26. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Common criteria
CRC (Cyclic Redundancy Check)
Privacy Act of 1974
TACACS (Terminal access controller access control system)
27. Encompasses Risk Analysis and Risk Mitigation
Guards
Risk Management
Software
CRC (Cyclic Redundancy Check)
28. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Job rotation
ARP (Address Resolution Protocol)
Data remanence
l0pht
29. Good for distance - longer than 100M
ROM (Read-only memory)
Coax
Software development lifecycle
Risk Analysis
30. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Common criteria
Multipartite
Format 7 times
Non-repudiation
31. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
CRC (Cyclic Redundancy Check)
Java
Call tree
Non-repudiation
32. CISSPs subscribe to a code of ethics for building up the security profession
Technical - Administrative - Physical
Centralized
Code of ethics
Key Escrow
33. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
FAR/FRR/CER
DDOS
Clipping levels
Trademark
34. A network that uses standard protocols (TCP/IP)
BIOS
Open network
Fiber optic
ISDN (Integrated Services Digital Network)
35. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Active attacks
Username/password
Covert channels
Kerberos
36. Setting up the user to access the honeypot for reasons other than the intent to harm.
Key Escrow
Granularity
COM
Entrapment
37. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Fiber optic
Centralized
Well-known ports
Symmetric
38. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Qualitative
Stream cipher
Authorization creep
39. Internet Relay Chat.
Expert systems
Asset Value
IRC
Digest
40. Same as a block cipher except that it is applied to a data stream one bit at a time
DMZ
CRC (Cyclic Redundancy Check)
Stream cipher
Service packs
41. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Keystroke logging
Buffer overflow
Biometric profile
l0pht
42. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Quantitative
Inference
ISDN (Integrated Services Digital Network)
Risk Transferring
43. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Kerberos
CCTV
SYN Flood
Multitasking
44. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Script
Bugtraq
Throughput of a Biometric System
OEP
45. Dialing fixed sets telephone numbers looking for open modem connections to machines
War dialing
Out of band
Two-Factor Authentication
Worm
46. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Polymorphic
Trojan horses
Salami Slicing
VLANs
47. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
CIA
SESAME
Macro
Software librarian
48. This is an open international standard for applications that use wireless communications.
Trojan horses
WAP (Wireless Application Protocol)
Decentralized
Biometrics
49. Basic Input/Output System
Due Diligence
BIOS
Trojan horses
COOP
50. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Switches / Bridges
Carnivore
Reciprocal agreement
Artificial Neural Networks (ANN)