SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Sniffing
Brewer-Nash model
Keystroke logging
CIA
2. A system designed to stop piggybacking.
Warm Site
Man trap
Brute Force
Fiber optic
3. Rolling command center with UPS - satellite - uplink - power - etc.
Rolling hot sites
Raid 0 - 1 - 3 - 5
Certification
Hash
4. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
ARO (Annualized Rate of Occurrence)
Copyright
Hardware
Risk Transferring
5. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
MOM
Authorization
Motion detector
Tort
6. The threshold is a baseline for violation activities that may be normal for a user to commit before alarms are raised.
Finger scanning
Clipping levels
CIRT
Brewer-Nash model
7. The frequency with which a threat is expected to occur.
Content dependant
Technical - Administrative - Physical
ARO (Annualized Rate of Occurrence)
OLE
8. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
DCOM
Security Perimeter
Hot Site
Man trap
9. Computer Incident Response Team
Penetration testing
Joke
DNS cache poisoning
CIRT
10. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
Skipjack
FAR/FRR/CER
DNS cache poisoning
Penetration testing
11. Separation of duties (SoD) is the concept of having more than one person required to complete a task.
PKI
Man trap
Separation of duties
Firewall types
12. When security is managed at many different points in an organization
Decentralized
Java
Expert systems
Sabotage
13. A war dialing utility
Incentive programs
Biometric profile
Reciprocal agreement
Toneloc
14. Also civil law
ROT-13
VLANs
Tort
DOS
15. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
Patriot Act
/etc/passwd
Finger scanning
Hacker
16. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Out of band
Teardrop
War driving
Fraggle
17. Involving the measurement of quantity or amount.
IRC
Quantitative
Asymmetric
User
18. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Brute force
Fire extinguisher
Risk Mitigation
EF (Exposure Factor)
19. To not be legal (as far as law is concerned) or ethical
Illegal/Unethical
Fiber optic
Degausser
Dogs
20. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Reciprocal agreement
Encryption
Brute force
PKI
21. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
Raid 0 - 1 - 3 - 5
MOM
Authorization
22. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
Probing
CIRT
Hearsay Evidence
23. Accepting all packets
Closed network
VPN (Virtual Private Network)
Promiscuous mode
CCTV
24. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Debug
ROT-13
Risk Analysis
Virtual Memory/Pagefile.sys
25. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
Eavesdropping
Due Diligence
RADIUS (Remote authentication dial-in user service)
Kerberos
26. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
SLE (Single Loss Expectancy or Exposure)
Asset Value
ActiveX Object Linking and Embedding
SESAME
27. Using ICMP to diagram a network
Digest
Probing
Data remanence
Toneloc
28. The 7 layer model defined by the ISO. Memorized by 'All People Seem To Need Data Processing' and 'Please Do Not Throw Sausage Pizza Away'. Actually - the layers are Application - Presentation - Session - Transport - Network - Data Link - Physical
OSI Model
SQL (Structured Query Language)
Passive attacks
Schema
29. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Clipper Chip
Tort
Honey pot
Hearsay Evidence
30. Entails planning and system actions to ensure that a project is following good quality management practices
Biometric profile
Quality Assurance
Owner
Halon
31. Scanning the airwaves for radio transmissions
Scanning
Closed network
Tokens
Routers
32. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Audit Trail
Transposition
Brewer-Nash model
Username/password
33. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Authentication
Trojan horses
Callback Security/Call Forwarding
Spoofing
34. A military standard defining controls for emanation protection
Trojan horses
TEMPEST
Separation of duties
Phreaker
35. Basic Input/Output System
BIOS
Replay
Trap Door
Tokens
36. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Finger scanning
Accountability
User
Hackers
37. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Patent
Fences
TACACS (Terminal access controller access control system)
Change management
38. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
Tailgating / Piggybacking
RADIUS (Remote authentication dial-in user service)
EF (Exposure Factor)
Acceptable use
39. Once authenticated - the level of access you have to a system
Risk Management
Two-Factor Authentication
Authorization
Eavesdropping
40. A name given to a system implemented by the FBI that is analogous to wiretapping except in this case - e-mail and other communications are being tapped instead of telephone conversations. Carnivore was essentially a customizable packet sniffer that c
Carnivore
Expert System
Brewer-Nash model
Repeaters
41. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
ALE (Annualized Loss Expectancy)
VLANs
Brute Force
Repeaters
42. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
ROM (Read-only memory)
ARP (Address Resolution Protocol)
/etc/passwd
Sabotage
43. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Granularity
SSH
Inference
Throughput of a Biometric System
44. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
FAR/FRR/CER
Fiber optic
Fraggle
COM
45. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Fraud
Privacy Act of 1974
MitM
Technical - Administrative - Physical
46. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Security through obscurity
Embezzlement
Scanning
Base-64
47. These viruses usually infect both boot records and files.
l0pht
Multipartite
Data remanence
Social engineering
48. Public Key Infrastructure
MOM
PKI
Raid 0 - 1 - 3 - 5
RAM (Random-access memory)
49. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Illegal/Unethical
Dumpster diving
CRC (Cyclic Redundancy Check)
Termination procedures
50. A network that mimics the brain
Artificial Neural Networks (ANN)
Asset Value
Tort
Repeaters
