SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It can capture radio and satellite communications - telephone calls - faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts. ECHELON is estimated to intercept up to 3 billion communications
Security Perimeter
Echelon
Man trap
DDOS
2. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Covert channels
DAD
Biometric profile
Finger scanning
3. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
Patriot Act
Probing
Risk Management
Hearsay Evidence
4. Internet Architecture Board. This board is responsible for protecting the Internet.
Biometric profile
Joke
Crosstalk
IAB
5. A set of rules applied by many transit networks which restrict the ways in which the network may be used.
Acceptable use
Digital certificates
RAM (Random-access memory)
Salami Slicing
6. A system designed to stop piggybacking.
Social engineering
Hash
Man trap
Rijndael
7. White hat l0pht
Routers
WTLS (Wireless Transport Layer Security)
Bugtraq
Authorization
8. Non-repudiation is the concept of ensuring that a contract - especially one agreed to via the Internet - cannot later be denied by one of the parties involved.
Non-repudiation
Firewall types
Warm Site
Promiscuous mode
9. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Trap Door
Substitution
Teardrop
Raid 0 - 1 - 3 - 5
10. A simple authentication protocol used to authenticate a user to a remote access server or Internet service provider (ISP). Almost all NOS remote servers support PAP. PAP transmits unencrypted ASCII passwords over the network and is therefore consider
Detective - Preventive - Corrective
WTLS (Wireless Transport Layer Security)
PAP (Password Authentication Protocol)
Fraud
11. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Security Perimeter
DOS
Entrapment
UUEncode
12. A component in the Wireless Application Protocol (WAP) protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
Termination procedures
Symmetric
WTLS (Wireless Transport Layer Security)
/etc/passwd
13. The person that controls access to the data
Custodian
Hackers
Service packs
Security Perimeter
14. Provides a means to obtain passwords or encryption keys and thus bypass other security measures. This can be accomplished through hardware or software means.
Aggregation
Call tree
Smurf
Keystroke logging
15. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
/etc/passwd
Callback Security/Call Forwarding
Due Diligence
Back door/ trap door/maintenance hook
16. Using ICMP to diagram a network
Probing
ARO (Annualized Rate of Occurrence)
Hacker
User
17. False Acceptance Rate - False Rejection Rate - Crossover Error Rate
Granularity
SLE (Single Loss Expectancy or Exposure)
Covert channels
FAR/FRR/CER
18. Ethernet - Cat5 - Twisted to allow for longer runs.
Macro
Multiprocessing
Twisted pair
Masquerade
19. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
Key Escrow
Format 7 times
Risk Analysis
Covert channels
20. A site that is ready and available within minutes or hours to continue processing. This is a site that is fully configured and ready to go.
Hot Site
CIRT
TEMPEST
Out of band
21. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
l0pht
Custodian
Risk Transferring
Data remanence
22. A method of encrypting text to produce cipher text in which a cryptographic key and algorithm are applied to a block of data as a group instead of one bit at a time
Virtual Memory/Pagefile.sys
Well-known ports
Patent
Block cipher
23. A distinctive sign of some kind which is used by a business to uniquely identify itself and its products and services to consumers - and to distinguish the business and its products and / or services from those of other businesses.
Trademark
Hacker
Embezzlement
Security through obscurity
24. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
Debug
Spoofing
Promiscuous mode
Transposition
25. Network device that operates at layer 1. Concentrator.
Salami Slicing
Risk Management
Hubs
Malware
26. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Risk Mitigation
Brute force
CRC (Cyclic Redundancy Check)
Man trap
27. A number of computer software products and specifications from Sun Microsystems that together provide a system for developing and deploying cross-platform applications. Java is used in a wide variety of computing platforms spanning from embedded devi
Risk Analysis
Java
Nonce
TCB
28. A computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. Kerberos prevents eavesdropping or replay attacks - and ensures the integrity of the
FAR/FRR/CER
Virtual machine
Kerberos
Security Awareness Training
29. An instance of a scripting language
Biometrics
Script
Degausser
Hardware
30. Refers to a cryptographic signature - either on a document - or on a lower-level data structure that signs an item electronically.
Illegal/Unethical
Risk Analysis
Digital signing
Hoax
31. The art of breaking code. Testing the strength of an algorithm.
Granularity
Script
Quality Assurance
Cryptanalysis
32. They all deal with objects or identifiers that are used during authentication. They provide information that will allow the authentication to happen. There are many types.
Biometrics
CORBA
Out of band
Tokens
33. A military standard defining controls for emanation protection
Repeaters
ROT-13
TEMPEST
Well-known ports
34. Defines the objects and their attributes that exist in a database.
Schema
Hot Site
Back door/ trap door/maintenance hook
Expert systems
35. A compact disc that contains data only accessible by a computer. All modern CD-ROM drives can also read audio CDs. It is possible to produce composite CDs containing both data and audio with the latter capable of being played on a CD player - whilst
Wiretapping
OEP
ALE (Annualized Loss Expectancy)
CD-Rom
36. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Accountability
Spoofing
Classes of IP networks
Software
37. Signal degradation as it moves farther from its source
Attenuation
CRC (Cyclic Redundancy Check)
Software
Probing
38. When security is managed at many different points in an organization
Decentralized
Key Escrow
Routers
Code of ethics
39. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Motion detector
Granularity
Brute force
Packet Sniffing
40. Motive - Opportunity - and Means. These deal with crime.
Finger printing
Multipartite
Promiscuous mode
MOM
41. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
UUEncode
VPN (Virtual Private Network)
Service packs
Centralized
42. A self-replicating computer program - similar to a computer virus. A virus attaches itself to - and becomes part of - another executable program; however - a worm is self-contained and does not need to be part of another program to propagate itself.
Non-repudiation
Mandatory vacation
Worm
Multithreading
43. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
ALE (Annualized Loss Expectancy)
Kerberos
ActiveX Object Linking and Embedding
CIA
44. An AAA (Authentication - Authorization - and Accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations.
Spoofing
Expert systems
RADIUS (Remote authentication dial-in user service)
Clipping levels
45. Scanning the airwaves for radio transmissions
Biometrics
Trademark
Scanning
Detective - Preventive - Corrective
46. An agreement that you make with another company to be able to use their facilities in the event of a disaster. The least expensive - and not usually enforceable.
Echelon
Format 7 times
Noise & perturbation
Reciprocal agreement
47. In computer security and programming - it is an anomalous condition where a process attempts to store data beyond the boundaries of a buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data may include oth
Buffer overflow
Digital certificates
Reciprocal agreement
Crosstalk
48. An attacker spoofs the source IP in a packet header - to make a ping request appear to have originated from the future victim's network - then the responding network responds in full force to these requests and brings down the victim's network.
SESAME
Smurf
Transposition
Teardrop
49. Distributed Component Object Model. Microsoft's implementation of CORBA.
ROM (Read-only memory)
Audit Trail
Content dependant
DCOM
50. When a DNS server goes out to resolve a name - and gets the wrong response back - it caches the wrong address for the default DNS time period - thus poisoning the cache for that period of time
SLE (Single Loss Expectancy or Exposure)
Repeaters
DNS cache poisoning
SESAME