SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Classes of IP networks
Digest
Fraggle
Malware
2. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Reciprocal agreement
Authorization
Multipartite
3. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Sniffing
Due Care
Masquerade
SYN Flood
4. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
UUEncode
Data remanence
Kerberos
SESAME
5. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Trojan horses
SSL/TLS
Telnet
UUEncode
6. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Salami Slicing
SSH
Virtual Memory/Pagefile.sys
Tokens
7. The user
Firewall types
War dialing
User
Motion detector
8. A specialized version of a data warehouse. Like data warehouses - data marts contain a snapshot of operational data that helps business people to strategize based on analyses of past trends and experiences. The key difference is that the creation of
MOM
Replay
Data Mart
Rijndael
9. The art of breaking code. Testing the strength of an algorithm.
Out of band
Sniffing
Firewall types
Cryptanalysis
10. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Vulnerability analysis tools
Enticement
SLE (Single Loss Expectancy or Exposure)
11. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Attenuation
Audit Trail
Private Addressing
Script kiddies
12. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
NAT
Privacy Act of 1974
Motion detector
Trap Door
13. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Coax
Virtual machine
CEO
Throughput of a Biometric System
14. Network device that operates at layer 1. Concentrator.
Twisted pair
PKI
RADIUS (Remote authentication dial-in user service)
Hubs
15. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Virtual Memory/Pagefile.sys
Decentralized
Substitution
Rolling hot sites
16. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Change management
EF (Exposure Factor)
Joke
l0pht
17. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Fire extinguisher
Eavesdropping
Artificial Neural Networks (ANN)
RAM (Random-access memory)
18. The intercepting of conversations by unintended recipients
Routers
Hardware
Eavesdropping
Teardrop
19. Diffie-Hellman (D-H) key exchange is a cryptographic protocol which allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. This key can then be used to encrypt s
Penetration testing
Patent
CEO
Diffie-Hellman
20. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Private Addressing
VLANs
Replay
Incentive programs
21. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Software librarian
Honey pot
Kerberos
Clipping levels
22. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Technical - Administrative - Physical
Tokens
Vulnerability analysis tools
Software development lifecycle
23. In computing - the Challenge-Handshake Authentication Protocol authenticates a user to an Internet access provider. CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable
COM
CRC (Cyclic Redundancy Check)
CHAP
Due Diligence
24. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Clipping levels
Symmetric
Brute Force
Mandatory vacation
25. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Boot-sector Virus
Checksum
Burden of Proof
Macro
26. Providing verification to a system
AES (Advanced Encryption Standard)
Multiprocessing
Authentication
CORBA
27. An attempt to trick the system into believing that something false is real
Polymorphic
Hoax
Transposition
Caesar Cipher
28. Also known as a tunnel)
Dictionary Attack
Packet Sniffing
Code of ethics
VPN (Virtual Private Network)
29. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Multipartite
Privacy Act of 1974
Penetration testing
Out of band
30. The government required overwrite rate if you are formatting a drive in such a manner as to make it nearly impossible to retrieve data from it
Accreditation
Format 7 times
BIOS
Firewall types
31. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
ARP (Address Resolution Protocol)
MitM
FAR/FRR/CER
Risk Analysis
32. Entails planning and system actions to ensure that a project is following good quality management practices
Rolling hot sites
Well-known ports
Multithreading
Quality Assurance
33. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Risk Transferring
DDOS
Symmetric
Brute force
34. When two or more processes are linked and execute multiple programs simultaneously
Multiprocessing
Transposition
Tokens
Clipper Chip
35. Good for distance - longer than 100M
CCTV
Coax
Debug
UUEncode
36. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
Clipper Chip
DMZ
SSO (Single sign-on)
Hearsay Evidence
37. A RFC standard. A mechanism for performing commands on a remote system
Teardrop
Sniffing
Telnet
DOS
38. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Virtual machine
Salami Slicing
WTLS (Wireless Transport Layer Security)
Smurf
39. Component Object Model.
PKI
CRC (Cyclic Redundancy Check)
l0pht
COM
40. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Artificial Neural Networks (ANN)
Two-Factor Authentication
DAD
Degausser
41. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
ROM (Read-only memory)
Halon
Quality Assurance
Hash
42. 'If you cant see it - its secure'. Bad policy to live by.
Motion detector
MitM
Security through obscurity
Hardware
43. Differs from ordinary composition in that it does not imply ownership. In composition - when the owning object is destroyed - so are the contained objects. In aggregation - this is not necessarily true.
IRC
Callback Security/Call Forwarding
Phreaker
Aggregation
44. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
Toneloc
Back door/ trap door/maintenance hook
Masquerade
Quality Assurance
45. Object Linking and Embedding. The ability of an object to be embedded into another object.
Risk Transferring
VPN (Virtual Private Network)
OLE
Carnivore
46. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Kerberos
Authorization creep
Boot-sector Virus
Base-64
47. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
RADIUS (Remote authentication dial-in user service)
Malware
Entrapment
48. A network that uses proprietary protocols
ALE (Annualized Loss Expectancy)
Closed network
Username/password
VLANs
49. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
AES (Advanced Encryption Standard)
Checksum
Back door/ trap door/maintenance hook
Brewer-Nash model
50. A network that uses standard protocols (TCP/IP)
Acceptable use
Spoofing
Routers
Open network