SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. In a separation of duties model - this is where code is checked in and out
Caesar Cipher
Clipping levels
Patent
Software librarian
2. A network that uses proprietary protocols
Trademark
RAM (Random-access memory)
Closed network
Software development lifecycle
3. Chief Information Officer
Fraggle
Brute Force
Multipartite
CIO
4. Software designed to infiltrate or damage a computer system - without the owner's consent.
Malware
Fire extinguisher
Accreditation
Phreaker
5. An attack which results in an unauthorized state change - such as the manipulation of files - or the adding of unauthorized files.
Senior Management
Probing
Active attacks
Polymorphic
6. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
RADIUS (Remote authentication dial-in user service)
Salami Slicing
Aggregation
Firewall types
7. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Firmware
Rolling hot sites
Senior Management
Private Addressing
8. A computer program (or set of programs) that translates text written in a computer language (the source language) into another computer language (the target language).
Smurf
Schema
DCOM
Compiler
9. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
Trademark
Callback Security/Call Forwarding
Crosstalk
Smurf
10. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Key Escrow
Non-repudiation
Mandatory vacation
Transposition
11. Technical are IT implemented. Administrative items are things that HR implements. Physical things are things that are tangible.
Risk Transferring
Trojan horses
Technical - Administrative - Physical
Degausser
12. Countermeasures / safeguards fall into these categories. Detective measures detect - preventive measures prevent - and corrective measures correct.
Schema
Tailgating / Piggybacking
DCOM
Detective - Preventive - Corrective
13. These viruses usually infect both boot records and files.
COM
Telnet
Artificial Neural Networks (ANN)
Multipartite
14. Data storage formats and equipment that allow the stored data to be accessed in any order
Well-known ports
Firewall types
PAP (Password Authentication Protocol)
RAM (Random-access memory)
15. Accepting all packets
Biometric profile
Toneloc
Trojan horses
Promiscuous mode
16. The person that controls access to the data
Nonce
Custodian
Exit interview
Due Diligence
17. A RFC standard. A mechanism for performing commands on a remote system
Two-Factor Authentication
Code of ethics
Vulnerability analysis tools
Telnet
18. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Guards
Closed network
ROM (Read-only memory)
Privacy Act of 1974
19. Personal - Network - and Application
Firewall types
Risk Acceptance
Job rotation
Smart cards
20. Closed Circuit Television
Eavesdropping
CCTV
CGI (The Common Gateway Interface)
Checksum
21. Confidentiality - Integrity - and Availability
SYN Flood
Tokens
CIA
TCSEC
22. A network that uses standard protocols (TCP/IP)
Open network
PKI
Fraggle
User
23. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
CIRT
Firewall types
Honey pot
Firmware
24. The output of a hash function is a digest.
Security Perimeter
ROM (Read-only memory)
Digest
Multitasking
25. In computing - Secure Shell or SSH is a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and (opti
RAM (Random-access memory)
SSH
Compiler
Motion detector
26. A type of circuit switched telephone network system - designed to allow digital transmission of voice and data over ordinary telephone copper wires - resulting in better quality and higher speeds than available with analog systems.
ISDN (Integrated Services Digital Network)
Cold Site
Object Oriented Programming
Rolling hot sites
27. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
TACACS (Terminal access controller access control system)
Callback Security/Call Forwarding
Multithreading
Dogs
28. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
PAP (Password Authentication Protocol)
Trojan horses
Bastion hosts
Risk Analysis
29. The person that determines the permissions to files. The data owner.
Owner
Trap Door
TACACS (Terminal access controller access control system)
ARO (Annualized Rate of Occurrence)
30. Be at least 8 foot tall and have three strands of barbed wire.
Multipartite
Fences
Open network
Active attacks
31. In a distributed attack - the attacking computer hosts are often zombie computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs that allow the perpetrator to remotely control the machine and
Authorization
Bastion hosts
PKI
DDOS
32. Good for distance - longer than 100M
COOP
Security Perimeter
Coax
AES (Advanced Encryption Standard)
33. The real cost of acquiring/maintaining/developing a system
Compiler
Digital signing
Asset Value
MOM
34. In cryptography - it is one of the simplest and most widely-known encryption techniques. It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions further down the alphabet.
Caesar Cipher
RADIUS (Remote authentication dial-in user service)
TEMPEST
Rijndael
35. The art of breaking code. Testing the strength of an algorithm.
Fences
Cryptanalysis
SLE (Single Loss Expectancy or Exposure)
Buffer overflow
36. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Smart cards
War dialing
IAB
Brewer-Nash model
37. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Security Awareness Training
VLANs
Hackers
ARO (Annualized Rate of Occurrence)
38. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Expert systems
Sabotage
Audit Trail
Replay
39. Business Impact Analysis. A BIA is a functional analysis in which a team collects data through interviews and documentary sources. It documents business functions - activities - and transactions.
Change management
BIA
DDOS
Patent
40. Someone whose hacking is primarily targeted at the phone systems
Phreaker
Separation of duties
Data Mart
Compiler
41. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Incentive programs
Bastion hosts
Digital signing
IRC
42. Setting up the user to access the honeypot for reasons other than the intent to harm.
Brute force
Phreaker
Back door/ trap door/maintenance hook
Entrapment
43. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Risk Mitigation
Hot Site
Multipartite
Privacy Act of 1974
44. 0 = striping without parity 1 = mirroring 3 = striping with parity (parity on single drive) 5 = striping with parity (parity striped across all drives)
Passive attacks
Raid 0 - 1 - 3 - 5
CHAP
Granularity
45. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Firewall types
UUEncode
Artificial Neural Networks (ANN)
Virtual Memory/Pagefile.sys
46. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Worm
Skipjack
Base-64
ARO (Annualized Rate of Occurrence)
47. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
War driving
Honey pot
Object Oriented Programming
Vulnerability analysis tools
48. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
VPN (Virtual Private Network)
Degausser
Tailgating / Piggybacking
DMZ
49. The key that is used to encrypt a file or message is the same key that is used to decrypt the file or message
Symmetric
Qualitative
Throughput of a Biometric System
Audit Trail
50. Network Address Translation
Fences
NAT
OEP
Honey pot