SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Access control method for database based on the content of the database to provide granular access
Reciprocal agreement
Tokens
Cold Site
Content dependant
2. Being able to control access to individuals very specifically - instead of lower in the OSI model where you cant set it so specifically
ALE (Annualized Loss Expectancy)
Brute Force
Granularity
Multiprocessing
3. Disclosure - Alteration - Destruction. These things break the CIA triad
VPN (Virtual Private Network)
DAD
OEP
Back door/ trap door/maintenance hook
4. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Asymmetric
Software librarian
Hash
/etc/passwd
5. Network devices that operate at layer 3. This device separates broadcast domains.
Two-Factor Authentication
Routers
Risk Transferring
Quantitative
6. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
Incentive programs
Telnet
CIRT
Base-64
7. When a security event occurs - this is the order in which people will be contacted. This is a predefined list.
Call tree
DCOM
Audit Trail
Throughput of a Biometric System
8. Continuation of Operations Plan
Reciprocal agreement
COOP
Scanning
CCTV
9. The act of identifying yourself. Providing your identity to a system
Man trap
Schema
Identification
Birthday attack
10. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Repeaters
Rolling hot sites
Brewer-Nash model
11. Defines the objects and their attributes that exist in a database.
Joke
Biometrics
DAD
Schema
12. In cryptography - a substitution cipher is a method of encryption by which units of plaintext are substituted with ciphertext according to a regular system; the 'units' may be single letters (the most common) - pairs of letters - triplets of letters
Substitution
Quantitative
Digital certificates
NAT
13. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Checksum
Closed network
OEP
Digital signing
14. The practice of obtaining confidential information by manipulation of legitimate users.
Buffer overflow
CEO
Social engineering
Call tree
15. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Spoofing
SESAME
Twisted pair
Checksum
16. Personal - Network - and Application
Twisted pair
Firewall types
Artificial Neural Networks (ANN)
Polymorphic
17. Public Key Infrastructure
Custodian
PKI
Hot Site
CIO
18. Grabs an image of the finger which is then stored in a database and then works in a one-to-many database
Object Oriented Programming
Finger printing
Incentive programs
Halon
19. A team of individuals at the highest level of organizational management who have the day-to-day responsibilities of managing a corporation. And don't forget - they are always the ones ultimately responsible for due diligence / due care. They are also
Senior Management
Checksum
Carnivore
Rijndael
20. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Fences
Sabotage
Biometrics
Echelon
21. Making individuals accountable for their actions on a system typically through the use of auditing
SYN Flood
ARO (Annualized Rate of Occurrence)
Separation of duties
Accountability
22. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
PKI
Warm Site
Boot-sector Virus
COOP
23. Refers to the formal acceptance by organization executive management that they accept the residual risk associated with using a formally certified information system.
Back door/ trap door/maintenance hook
Hardware
Replay
Accreditation
24. Degaussing is the process of reducing or eliminating an unwanted magnetic field. The Degausser is what actually performs the degaussing.
Degausser
Senior Management
Patent
CD-Rom
25. Signal degradation as it moves farther from its source
IAB
Attenuation
CRC (Cyclic Redundancy Check)
DHCP
26. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Change management
Routers
Fiber optic
Degausser
27. A collection of updates - fixes and/or enhancements to a software program delivered in the form of a single installable package.
Reciprocal agreement
Trademark
Service packs
Software
28. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
Audit Trail
Hackers
DMZ
Expert System
29. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
Macro
Birthday attack
Sabotage
Termination procedures
30. Something used to put out a fire. Can be in Classes A - B - C - D - or H
Non-repudiation
Fire extinguisher
Replay
Closed network
31. Good for distance - longer than 100M
Coax
Incentive programs
Polymorphic
Senior Management
32. A set of exclusive rights granted by a state to a person for a fixed period of time in exchange for the regulated - public disclosure of certain details of a device - method - process or composition of matter (substance) (known as an invention) which
Biometrics
Patent
Covert channels
Schema
33. An attack that is similar to smurf but instead of using ICMP (ping) it uses UDP as its weapon of choice. It broadcasts a spoofed UDP packet to the amplifying network.
CGI (The Common Gateway Interface)
CHAP
Fraggle
Brute force
34. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
DDOS
Hash
Software librarian
WTLS (Wireless Transport Layer Security)
35. A site that is ready physically but has no hardware in place - all it has is HVAC
Security through obscurity
Brute Force
Software
Cold Site
36. When two or more processes are linked and execute multiple programs simultaneously
Virtual machine
Multiprocessing
Artificial Neural Networks (ANN)
Sniffing
37. In cryptography - it is a block cipher
Warm Site
RADIUS (Remote authentication dial-in user service)
Diffie-Hellman
Skipjack
38. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
CCTV
Active attacks
Tokens
TCP Wrappers
39. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
Noise & perturbation
Sabotage
Cold Site
Virtual Memory/Pagefile.sys
40. Data storage formats and equipment that allow the stored data to be accessed in any order
/etc/passwd
Expert systems
RAM (Random-access memory)
CIA
41. When you know something from a source - and can infer other related information based off of what you know - when you may not necessarily have access to that data normally.
Scanning
Inference
Hardware
Hot Site
42. The apparent simultaneous performance of two or more tasks by a computer's central processing unit.
Multitasking
Security kernel
Trojan horses
Switches / Bridges
43. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Twisted pair
Format 7 times
Illegal/Unethical
44. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Promiscuous mode
UUEncode
DNS cache poisoning
SLE (Single Loss Expectancy or Exposure)
45. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
Qualitative
Private Addressing
DOS
Caesar Cipher
46. Network device that operates at layer 1. Concentrator.
Risk Analysis
Hubs
Detective - Preventive - Corrective
ALE (Annualized Loss Expectancy)
47. The real cost of acquiring/maintaining/developing a system
Patent
Asset Value
Teardrop
Symmetric
48. A system designed to stop piggybacking.
CRC (Cyclic Redundancy Check)
Skipjack
Man trap
UUEncode
49. When you have a certain amount of access and you change jobs and you keep that access from the previous position. Also known as enlargement of permission and privilege escalation.
Authorization creep
Substitution
Eavesdropping
Separation of duties
50. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Wiretapping
UUEncode
Buffer overflow
PAP (Password Authentication Protocol)