SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Data remanence
Security Awareness Training
Expert systems
Hackers
2. Reasonable doubt
DNS cache poisoning
Brewer-Nash model
Nonce
Burden of Proof
3. Motivational tools for employee awareness to get them to report security flaws in an organization
Digest
Salami Slicing
Incentive programs
Motion detector
4. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Key Escrow
Java
CEO
Expert System
5. Dynamic Host Configuration Protocol.
Replay
DHCP
Biometrics
Stream cipher
6. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Digital signing
Joke
ARO (Annualized Rate of Occurrence)
Private Addressing
7. Trusted Computing Base. Comprised of the hardware - software - and firmware of the system.
Script
Phreaker
TCB
Throughput of a Biometric System
8. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Boot-sector Virus
Authorization creep
Raid 0 - 1 - 3 - 5
Decentralized
9. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
Object Oriented Programming
RAM (Random-access memory)
Tort
Embezzlement
10. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Tailgating / Piggybacking
Worm
Penetration testing
Risk Mitigation
11. A hidden communications channel on a system that allows for the bypassing of the system security policy
Change management
Virtual Memory/Pagefile.sys
Halon
Covert channels
12. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Polymorphism
Digital certificates
ARP (Address Resolution Protocol)
Security Perimeter
13. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Virtual Memory/Pagefile.sys
Accreditation
Symmetric
Acceptable use
14. Data storage formats and equipment that allow the stored data to be accessed in any order
Out of band
RAM (Random-access memory)
Virtual Memory/Pagefile.sys
Macro
15. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Separation of duties
Tokens
l0pht
ROM (Read-only memory)
16. Threat to physical security.
Promiscuous mode
Sabotage
Trojan horses
Detective - Preventive - Corrective
17. This deals with differences between plaintext password storage and transmission - versus encrypted password storage and transmission.
ActiveX Object Linking and Embedding
Cyphertext only
Brute Force
Smurf
18. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Non-repudiation
UUEncode
Back door/ trap door/maintenance hook
Sniffing
19. Good for distance - longer than 100M
Coax
Covert channels
Termination procedures
Joke
20. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Probing
Buffer overflow
Exit interview
Kerberos
21. When two or more processes are linked and execute multiple programs simultaneously
Software librarian
Multiprocessing
Data Mart
Packet Sniffing
22. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Security Perimeter
Closed network
Raid 0 - 1 - 3 - 5
Motion detector
23. A sandbox. Emulates an operating environment.
DAD
Virtual machine
CEO
Call tree
24. The act of identifying yourself. Providing your identity to a system
Raid 0 - 1 - 3 - 5
Echelon
Identification
Worm
25. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Embezzlement
Risk Transferring
Vulnerability analysis tools
Echelon
26. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Throughput of a Biometric System
Digital signing
Expert systems
Session Hijacking
27. A chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission.
Clipper Chip
Qualitative
Malware
Compiler
28. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Birthday attack
Authorization
FAR/FRR/CER
29. These can be used to verify that public keys belong to certain individuals.
CHAP
Digital certificates
Transposition
Due Diligence
30. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
Clipping levels
RADIUS (Remote authentication dial-in user service)
TCB
ISDN (Integrated Services Digital Network)
31. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Digest
Tokens
ARO (Annualized Rate of Occurrence)
Transposition
32. In risk assessment - the average monetary value of losses per year. SLE x ARO = ALE
ActiveX Object Linking and Embedding
ALE (Annualized Loss Expectancy)
Skipjack
Java
33. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
/etc/passwd
Keystroke logging
l0pht
Noise & perturbation
34. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
CHAP
Fences
Bastion hosts
ROT-13
35. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Biometrics
Accreditation
Cold Site
MitM
36. Be at least 8 foot tall and have three strands of barbed wire.
Fences
Hackers
Centralized
Telnet
37. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Risk Mitigation
Copyright
Due Care
38. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Out of band
ARP (Address Resolution Protocol)
Data remanence
Polymorphic
39. These cryptographic protocols provide secure communications on the Internet. SSL provides endpoint authentication and communications privacy over the Internet using cryptography. In typical use - only the server is authenticated while the client rema
CGI (The Common Gateway Interface)
Carnivore
SSL/TLS
TACACS (Terminal access controller access control system)
40. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Data remanence
Packet Sniffing
BIA
Biometric profile
41. A form of redundancy check (a very simple measure for protecting the integrity of data by detecting errors in data that is sent through space or time.
Checksum
SESAME
DAD
Polymorphism
42. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Hardware
Two-Factor Authentication
Risk Analysis
ARO (Annualized Rate of Occurrence)
43. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Malware
Accreditation
War driving
Motion detector
44. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Replay
SQL (Structured Query Language)
Hubs
Java
45. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
MOM
Username/password
Incentive programs
46. Dialing fixed sets telephone numbers looking for open modem connections to machines
SLE (Single Loss Expectancy or Exposure)
War dialing
Authentication
Termination procedures
47. A remote authentication protocol that is used to communicate with an authentication server commonly used in UNIX networks. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access
COM
TACACS (Terminal access controller access control system)
Nonce
Trademark
48. Random Number Base
Nonce
Keystroke logging
Script kiddies
Burden of Proof
49. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Birthday attack
Brute force
Private Addressing
Non-repudiation
50. Involving the measurement of quantity or amount.
TCB
Multipartite
Quantitative
Entrapment