SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor - the Data Encryption Standard (DES). AES was adopt
Qualitative
Smurf
AES (Advanced Encryption Standard)
User
2. Once authenticated - the level of access you have to a system
Authorization
Passive attacks
War driving
WTLS (Wireless Transport Layer Security)
3. Network device that operates at layer 1. Concentrator.
Cold Site
Hubs
Malware
l0pht
4. A gas used in fire suppression. Not human safe. Chemical reaction.
Quality Assurance
Halon
Skipjack
Exit interview
5. The Teardrop attack involved sending IP fragments with overlapping payloads to the target machine.
Caesar Cipher
Tokens
Teardrop
CD-Rom
6. The process of reducing your risks to an acceptable level based on your risk analysis
Risk Acceptance
Risk Mitigation
Session Hijacking
Raid 0 - 1 - 3 - 5
7. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Trademark
SQL (Structured Query Language)
CD-Rom
Script kiddies
8. Using ICMP to diagram a network
Probing
Privacy Act of 1974
Classes of IP networks
Digest
9. The person that determines the permissions to files. The data owner.
Compiler
BIA
Owner
Symmetric
10. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
Masquerade
Change management
Senior Management
Nonce
11. In cryptanalysis - this attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example - exhaustively working through all possible keys in order to decrypt a message. In most schemes - the theoretical po
Vulnerability analysis tools
IRC
Brute Force
Checksum
12. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Sabotage
Logic bomb
Teardrop
UUEncode
13. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Certification
Dictionary Attack
Expert systems
Tailgating / Piggybacking
14. Software designed to infiltrate or damage a computer system - without the owner's consent.
Malware
COM
Block cipher
Acceptable use
15. The process of certifying a system that has been built to ensure that it meets the security standards that you have said you will use.
Exit interview
Certification
TEMPEST
Data Mart
16. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Inference
Stream cipher
BIOS
Switches / Bridges
17. Object Linking and Embedding. The ability of an object to be embedded into another object.
Asymmetric
Keystroke logging
Cookies
OLE
18. The ability to have more than one thread associated with a process
Hash
Multithreading
Digital signing
Biometric profile
19. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
ROM (Read-only memory)
COM
Kerberos
Multipartite
20. The EU spec. If databases exist - users are allowed to check data into them - allowed to change them if wrong - etc.
Echelon
Privacy Act of 1974
Hoax
Artificial Neural Networks (ANN)
21. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
VLANs
Joke
Risk Analysis
Digest
22. Relating to quality or kind. This assigns a level of importance to something.
RADIUS (Remote authentication dial-in user service)
Qualitative
Attenuation
Callback Security/Call Forwarding
23. An international standard defining security assurance and functionality profiles. Replaced the TCSEC - ITSEC - etc.
Script
Common criteria
Asset Value
Script kiddies
24. Accepting all packets
CD-Rom
Promiscuous mode
Owner
Throughput of a Biometric System
25. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Polymorphic
Cookies
FAR/FRR/CER
Debug
26. Also civil law
Tort
ARP (Address Resolution Protocol)
Hot Site
COOP
27. Motive - Opportunity - and Means. These deal with crime.
Risk Management
MOM
Echelon
User
28. Component Object Model.
CD-Rom
Substitution
COM
Normalization
29. When one key of a two-key pair has more encryption pattern than the other
Asymmetric
Carnivore
IAB
Owner
30. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
WTLS (Wireless Transport Layer Security)
Burden of Proof
BIOS
Trojan horses
31. Someone whose hacking is primarily targeted at the phone systems
Privacy Act of 1974
DHCP
CEO
Phreaker
32. The art of breaking code. Testing the strength of an algorithm.
Worm
Cryptanalysis
Software librarian
Open network
33. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Two-Factor Authentication
TACACS (Terminal access controller access control system)
Key Escrow
SESAME
34. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Switches / Bridges
Patent
Active attacks
Brewer-Nash model
35. Computer Incident Response Team
Data remanence
CIRT
Out of band
Certification
36. Providing verification to a system
Hearsay Evidence
Authentication
PKI
Guards
37. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
l0pht
Teardrop
Cookies
Non-repudiation
38. A site that has some equipment in place - and can be up within days
Risk Analysis
Quality Assurance
Warm Site
Nonce
39. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Brute force
Key Escrow
TCB
Aggregation
40. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
Risk Acceptance
CEO
Cyphertext only
DHCP
41. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
Exit interview
Code of ethics
Asymmetric
SSH
42. Dialing fixed sets telephone numbers looking for open modem connections to machines
Covert channels
War dialing
COM
Crosstalk
43. Among the most common types of viruses and the least damaging - these are hidden within applications that must be executed in order to execute the virus.
Macro
Biometrics
Artificial Neural Networks (ANN)
Service packs
44. Someone who hacks using programs that they can download from the Internet. This person usually doesn't find new exploits - but simply exploits vulnerabilities that others have found.
CEO
Fraggle
War dialing
Script kiddies
45. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Block cipher
Software librarian
Senior Management
Risk Mitigation
46. To not be legal (as far as law is concerned) or ethical
Technical - Administrative - Physical
Sniffing
Virtual Memory/Pagefile.sys
Illegal/Unethical
47. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
ARP (Address Resolution Protocol)
Software development lifecycle
Termination procedures
Boot-sector Virus
48. Data storage formats and equipment that allow the stored data to be accessed in any order
Data remanence
Digital certificates
RAM (Random-access memory)
ActiveX Object Linking and Embedding
49. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Bastion hosts
DDOS
Firmware
Hardware
50. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
SESAME
DHCP
COOP
Due Care
