SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Senior Management
Salami Slicing
SLE (Single Loss Expectancy or Exposure)
Enticement
2. An imaginary boundary between the components that make up the TCB and the components that are not covered by the TCB
Out of band
Fire extinguisher
Security Perimeter
Reciprocal agreement
3. Testing a company's network to test for vulnerabilities in their systems so that weaknesses can be fixed. This testing does not actually fix anything.
Dumpster diving
Penetration testing
Incentive programs
DNS cache poisoning
4. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
Virtual Memory/Pagefile.sys
Logic bomb
Well-known ports
Privacy Act of 1974
5. Base 64 is a positional numeral system using a base of 64. It is the largest power of two base that can be represented using only printable ASCII characters. This has led to its use as a transfer encoding for e-mail among other things.
ROM (Read-only memory)
Data Mart
Base-64
CORBA
6. Dialing fixed sets telephone numbers looking for open modem connections to machines
Man trap
Brute Force
Wiretapping
War dialing
7. Methodical process of finding and reducing the number of bugs - or defects - in a computer program or a piece of electronic hardware thus making it behave as expected
Debug
TCSEC
Entrapment
Digital certificates
8. The study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In information technology - biometric authentication refers to technologies that measure and analyze human physical and beh
Risk Management
Biometrics
Fraggle
BIA
9. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Checksum
Hackers
Sniffing
Symmetric
10. A unit that will detect motion for the purpose of setting of the alarms to alert for unauthorized access.
Sabotage
Malware
Replay
Motion detector
11. Internet Relay Chat.
IRC
Callback Security/Call Forwarding
Schema
Masquerade
12. RFC 1918 defined the following addresses as the private addressing ranges: 192.168.x.x - 10.x.x.x - 172.16.x.x - 172.31.x.x
Private Addressing
Authorization
ARO (Annualized Rate of Occurrence)
Security through obscurity
13. This factor represents a measure of the magnitude of loss or impact on the value of an asset.
EF (Exposure Factor)
Data remanence
Worm
/etc/passwd
14. A site that has some equipment in place - and can be up within days
Key Escrow
Coax
Warm Site
WAP (Wireless Application Protocol)
15. The frequency with which a threat is expected to occur.
ARO (Annualized Rate of Occurrence)
Vulnerability analysis tools
Burden of Proof
Expert System
16. Reasonable doubt
Embezzlement
Burden of Proof
Identification
DMZ
17. Demilitarized Zone. A part of the network that is neither part of the internal network nor directly part of the Internet. Basically a network sitting between two networks.
DMZ
Debug
Expert System
Carnivore
18. Disclosure - Alteration - Destruction. These things break the CIA triad
DMZ
DAD
User
Risk Analysis
19. A system designed to stop piggybacking.
WAP (Wireless Application Protocol)
Digest
Java
Man trap
20. Issued by the United States National Computer Security Center (NCSC - an arm of the NSA) as 'Trusted Computer System Evaluation Criteria' - a DOD standard 5200.23-STD in December 1985 superseding CSC-STD-001-83 - the TCSEC (frequently referred to as
Fences
CRC (Cyclic Redundancy Check)
TCSEC
Due Diligence
21. Also known as a tunnel)
Schema
VPN (Virtual Private Network)
Job rotation
Dogs
22. Determines the monetary loss (impact) for each occurrence of a threatened event. SLE = Asset Value x Exposure Factor
Brute Force
Common criteria
SLE (Single Loss Expectancy or Exposure)
Tailgating / Piggybacking
23. Good for distance - longer than 100M
Honey pot
Finger scanning
Packet Sniffing
Coax
24. Same as AES Advanced Encryption Standard (AES) - also known as Rijndael - is a block cipher adopted as an encryption standard by the US government. It is expected to be used worldwide and analyzed extensively - as was the case with its predecessor -
COOP
Clipper Chip
Worm
Rijndael
25. To not be legal (as far as law is concerned) or ethical
l0pht
Risk Management
Multithreading
Illegal/Unethical
26. After implementing countermeasures - accepting risk for the amount of vulnerability left over
CIO
Script
IAB
Risk Acceptance
27. A war dialing utility
Debug
Security kernel
Toneloc
Scanning
28. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
Spoofing
Eavesdropping
Session Hijacking
29. A specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.
SLE (Single Loss Expectancy or Exposure)
SSO (Single sign-on)
Private Addressing
Dictionary Attack
30. Continuation of Operations Plan
Separation of duties
COOP
Switches / Bridges
Session Hijacking
31. Rolling command center with UPS - satellite - uplink - power - etc.
Inference
Throughput of a Biometric System
UUEncode
Rolling hot sites
32. Once authenticated - the level of access you have to a system
CGI (The Common Gateway Interface)
NAT
Copyright
Authorization
33. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Throughput of a Biometric System
Boot-sector Virus
ISDN (Integrated Services Digital Network)
Common criteria
34. A network that uses standard protocols (TCP/IP)
Macro
Security Awareness Training
Biometrics
Open network
35. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Expert System
Telnet
Honey pot
CORBA
36. A hidden value or set of values that allows access to a program - computer system - or data. It is sometimes erroneously confused with a backdoor - which (in a computer system) is a method of bypassing normal authentication or securing remote access
Logic bomb
Trap Door
Privacy Act of 1974
Key Escrow
37. The art of breaking code. Testing the strength of an algorithm.
Decentralized
Cryptanalysis
TACACS (Terminal access controller access control system)
Patent
38. When two or more processes are linked and execute multiple programs simultaneously
Common criteria
Multiprocessing
Detective - Preventive - Corrective
Reciprocal agreement
39. Also civil law
Coax
Tort
Base-64
Multithreading
40. A form of binary to text encoding that originated as a Unix program for encoding binary data for transmission over the uucp mail system. The name 'uuencode' is derived from 'Unix-to-Unix encoding'. Since uucp converted characters between various comp
Java
Quality Assurance
UUEncode
Polymorphism
41. ('rotate by 13 places' - sometimes hyphenated ROT-13) Is a simple Caesar cipher used for obscuring text by replacing each letter with the letter thirteen places down the alphabet
Wiretapping
Compiler
Job rotation
ROT-13
42. Component Object Model.
COM
Granularity
TCB
Attenuation
43. A formula - practice - process - design - instrument - pattern - or compilation of information used by a business to obtain an advantage over competitors within the same industry or profession.
Trade Secret
TEMPEST
Code of ethics
Centralized
44. The physical part of a computer - as distinguished from the computer software that executes within the hardware.
Trademark
OLE
RADIUS (Remote authentication dial-in user service)
Hardware
45. Setting up the user to access the honeypot for reasons other than the intent to harm.
Phreaker
Entrapment
Incentive programs
Owner
46. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Virtual Memory/Pagefile.sys
Security Awareness Training
Caesar Cipher
Fiber optic
47. An audit trail is a chronological sequence of audit records - each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function. Audit records typically result from activities such as tra
Qualitative
Audit Trail
CIO
Clipper Chip
48. The practice of following someone with a security code or keycard through a security door - generally in workplaces.
Risk Management
CD-Rom
Tailgating / Piggybacking
Fraggle
49. Making individuals accountable for their actions on a system typically through the use of auditing
Accountability
Substitution
Scanning
Firewall types
50. Chief Executive Officer
Session Hijacking
Keystroke logging
ROM (Read-only memory)
CEO
