SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A military standard defining controls for emanation protection
Script kiddies
ROM (Read-only memory)
TEMPEST
Inference
2. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Risk Mitigation
Hackers
User
Toneloc
3. Communications that don't take the natural course of email (when you don't want eavesdropping to happen)
Out of band
Accreditation
Salami Slicing
Sniffing
4. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Firewall types
TCSEC
User
Sniffing
5. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
Centralized
Reciprocal agreement
Fraggle
SLE (Single Loss Expectancy or Exposure)
6. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Cookies
ROM (Read-only memory)
Switches / Bridges
7. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Asymmetric
Trojan horses
Echelon
Sniffing
8. This is an attack in which an attacker is able to read - insert and modify at will - messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept message
Copyright
Illegal/Unethical
Macro
MitM
9. Personal - Network - and Application
Multiprocessing
Two-Factor Authentication
Firewall types
Fraggle
10. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Brewer-Nash model
War driving
Worm
Rijndael
11. Ethernet - Cat5 - Twisted to allow for longer runs.
ROT-13
Twisted pair
Normalization
CIA
12. These viruses usually infect both boot records and files.
Warm Site
Worm
Multipartite
Skipjack
13. Dynamic Host Configuration Protocol.
DHCP
Skipjack
SESAME
Content dependant
14. A mechanism by which connections to TCP services on a system are allowed or disallowed
TCP Wrappers
Stream cipher
Quantitative
DOS
15. Same as a block cipher except that it is applied to a data stream one bit at a time
Stream cipher
Asymmetric
SLE (Single Loss Expectancy or Exposure)
Symmetric
16. In cryptography - encryption is the process of obscuring information to make it unreadable without special knowledge.
Bugtraq
Back door/ trap door/maintenance hook
Due Care
Encryption
17. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Hackers
Masquerade
Stream cipher
18. Access control method for database based on the content of the database to provide granular access
Keystroke logging
Content dependant
TCP Wrappers
CEO
19. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
TACACS (Terminal access controller access control system)
Accreditation
Man trap
Tokens
20. Driving around enumerating wireless networks with the proper equipment (antennas and the like)
Embezzlement
War driving
Boot-sector Virus
CIRT
21. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
WAP (Wireless Application Protocol)
Accreditation
ActiveX Object Linking and Embedding
Owner
22. A site that has some equipment in place - and can be up within days
Honey pot
Warm Site
Key Escrow
Code of ethics
23. A network that uses standard protocols (TCP/IP)
Session Hijacking
Senior Management
Object Oriented Programming
Open network
24. Deals with the same things as due diligence except that they deal with accepting responsibility instead of liability.
Detective - Preventive - Corrective
Due Care
CIA
Hearsay Evidence
25. A spoofing attack - a kind of attack in data communication - in which a third party tries to mislead the communication participants using forged information.
DMZ
Masquerade
Substitution
Cold Site
26. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Finger scanning
Reciprocal agreement
Noise & perturbation
Virtual Memory/Pagefile.sys
27. Object Linking and Embedding. The ability of an object to be embedded into another object.
Centralized
PAP (Password Authentication Protocol)
Penetration testing
OLE
28. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Cold Site
Joke
Malware
Trade Secret
29. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
War driving
Centralized
EF (Exposure Factor)
Embezzlement
30. When two or more processes are linked and execute multiple programs simultaneously
Scanning
War driving
Cyphertext only
Multiprocessing
31. Emanations from one wire coupling with another wire
ALE (Annualized Loss Expectancy)
Crosstalk
CIO
ROM (Read-only memory)
32. The output of a hash function is a digest.
Java
Digest
Biometric profile
l0pht
33. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Object Oriented Programming
Smurf
Degausser
Callback Security/Call Forwarding
34. Also known as a tunnel)
Digest
Checksum
VPN (Virtual Private Network)
Rolling hot sites
35. The person that controls access to the data
Non-repudiation
ROT-13
Custodian
CGI (The Common Gateway Interface)
36. Enticing people to hit your honeypot to see how they try to access your system.
Qualitative
Fraud
Privacy Act of 1974
Enticement
37. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Compiler
Content dependant
Transposition
Detective - Preventive - Corrective
38. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Worm
CIO
Two-Factor Authentication
UUEncode
39. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
TCSEC
Authorization creep
Boot-sector Virus
Polymorphic
40. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Trap Door
Burden of Proof
Sniffing
Substitution
41. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Multiprocessing
Mandatory vacation
DOS
Inference
42. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
ROT-13
Coax
Embezzlement
Finger printing
43. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Decentralized
ROT-13
Dictionary Attack
Certification
44. Hardware - software - and firmware elements of a TCB that implement the fundamental security procedures for controlling access to system resources
CHAP
Security kernel
Motion detector
Scanning
45. A technique to eliminate data redundancy.
Finger printing
ROM (Read-only memory)
War dialing
Normalization
46. Accepting all packets
Phreaker
Separation of duties
ARO (Annualized Rate of Occurrence)
Promiscuous mode
47. Reasonable doubt
Smart cards
Rolling hot sites
Accountability
Burden of Proof
48. A RFC standard. A mechanism for performing commands on a remote system
Telnet
Hoax
Motion detector
Skipjack
49. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Data remanence
Bastion hosts
Owner
BIA
50. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Spoofing
/etc/passwd
Twisted pair
Identification
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests