SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Closed Circuit Television
Digest
IRC
CCTV
Schema
2. Not a picture - but rather vectors of your finger geometry with an acceptable variance built in to provide for slight changes.
Finger scanning
Quantitative
Stream cipher
Accreditation
3. Reasonable doubt
Burden of Proof
Callback Security/Call Forwarding
Raid 0 - 1 - 3 - 5
Trademark
4. Affects the section of a floppy or hard disk that contains operating system and file information. Each time you start your PC with an infected floppy in the drive - the virus can spread.
Boot-sector Virus
Script kiddies
Trojan horses
Hoax
5. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Audit Trail
Substitution
Packet Sniffing
Sniffing
6. Rotating employee's job duties so that things can be checked that they are doing to make sure nothing fraudulent is occurring.
Brute force
Degausser
Job rotation
Centralized
7. Chief Information Officer
CRC (Cyclic Redundancy Check)
CIO
Skipjack
Boot-sector Virus
8. A card that holds information that must be authenticated to before it can reveal the information that it is holding
Script kiddies
Virtual Memory/Pagefile.sys
Replay
Smart cards
9. The amount of users that the system can process in a given amount of time. A typical acceptable amount is 10/minute
Software development lifecycle
DOS
Digest
Throughput of a Biometric System
10. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Mandatory vacation
Decentralized
Security kernel
Copyright
11. Be at least 8 foot tall and have three strands of barbed wire.
Degausser
SSL/TLS
Fences
SLE (Single Loss Expectancy or Exposure)
12. Identifying risks and assessing the possible damage that can be caused in order to justify security safeguards
ROT-13
BIOS
Software librarian
Risk Analysis
13. The act of identifying yourself. Providing your identity to a system
Identification
Object Oriented Programming
IRC
Toneloc
14. A technique to eliminate data redundancy.
Object Oriented Programming
Script kiddies
Key Escrow
Normalization
15. An arrangement in which the keys needed to decrypt encrypted data are held in escrow by a third party - so that someone else (typically government agencies) can obtain them to decrypt messages which they suspect to be relevant to national security.
Malware
Enticement
Biometric profile
Key Escrow
16. Countermeasure to put fake stuff into a database so if someone is reading it they will get the wrong info.
Noise & perturbation
Virtual machine
Throughput of a Biometric System
Finger printing
17. Random Number Base
Separation of duties
Nonce
Penetration testing
Multipartite
18. A system designed to stop piggybacking.
Well-known ports
Man trap
Sabotage
CD-Rom
19. Provides for less data leakage. Longer distance. Uses light instead of electrical impulse.
Trap Door
Fiber optic
Authorization creep
DAD
20. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
WAP (Wireless Application Protocol)
Scanning
l0pht
Expert System
21. A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.
DAD
Debug
Logic bomb
Certification
22. Systems that use a knowledge base - an inference engine - and general methods for searching problem solutions.
Script kiddies
Expert systems
Termination procedures
Brute force
23. Virtual memory is an area of 'memory' that is not in physical memory (RAM) but on the disk system to allow for extra 'memory' processing area above what is available through RAM. This is the pagefile.sys file on a Windows system. Many Windows OSs req
PAP (Password Authentication Protocol)
Wiretapping
Virtual Memory/Pagefile.sys
Hearsay Evidence
24. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Halon
WAP (Wireless Application Protocol)
AES (Advanced Encryption Standard)
Change management
25. This is the file on a UNIX system where usernames to password MD5 hash outputs are stored. The system uses this file to determine if the password entered for a given username is correct.
/etc/passwd
Echelon
Enticement
Burden of Proof
26. Access control method for database based on the content of the database to provide granular access
Hot Site
Risk Mitigation
Content dependant
Virtual machine
27. (OLE) is a distributed object system and protocol developed by Microsoft. OLE allows an editor to 'farm out' part of a document to another editor and then reimport it. Its primary use is for managing compound documents - but it is also used for trans
Granularity
ActiveX Object Linking and Embedding
Asset Value
Polymorphic
28. Network Address Translation
AES (Advanced Encryption Standard)
NAT
DCOM
Scanning
29. Software designed to infiltrate or damage a computer system - without the owner's consent.
Security kernel
Symmetric
Malware
Covert channels
30. Data storage formats and equipment that allow the stored data to be accessed in any order
SQL (Structured Query Language)
DCOM
Bugtraq
RAM (Random-access memory)
31. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
ROM (Read-only memory)
Smurf
CGI (The Common Gateway Interface)
Out of band
32. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Firmware
WAP (Wireless Application Protocol)
Rolling hot sites
Quantitative
33. The output of a hash function is a digest.
DMZ
Carnivore
Attenuation
Digest
34. After implementing countermeasures - accepting risk for the amount of vulnerability left over
Risk Acceptance
Boot-sector Virus
Tort
Call tree
35. In classical cryptography - a transposition cipher changes one character from the plaintext to another (to decrypt the reverse is done). That is - the order of the characters is changed. Mathematically a bijective function is used on the characters'
NAT
Transposition
Acceptable use
Honey pot
36. Distributed Component Object Model. Microsoft's implementation of CORBA.
Bastion hosts
Acceptable use
Username/password
DCOM
37. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Warm Site
Multithreading
Polymorphic
Buffer overflow
38. The real cost of acquiring/maintaining/developing a system
Symmetric
Well-known ports
RADIUS (Remote authentication dial-in user service)
Asset Value
39. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
DDOS
MitM
DOS
Trademark
40. Relating to quality or kind. This assigns a level of importance to something.
CIO
Cryptanalysis
Nonce
Qualitative
41. The illegal practice of stealing money repeatedly in extremely small quantities - usually by taking advantage of rounding to the nearest cent (or other monetary unit) in financial transactions. Salami slicing is most often performed by employees of t
Salami Slicing
DNS cache poisoning
Covert channels
Out of band
42. Must be in place for you to use a biometric system
Clipper Chip
Biometric profile
Fire extinguisher
Acceptable use
43. A SSO technology that extends Kerberos functionality and improve upon its weaknesses.
Brute force
SESAME
Probing
CIA
44. Residual physical representation of data that has been in some way erased. After storage media is erased there may be some physical characteristics that allow data to be reconstructed.
EF (Exposure Factor)
TCB
CORBA
Data remanence
45. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
Sniffing
UUEncode
Centralized
Rolling hot sites
46. The fraudulent appropriation by a person to his own use of property or money entrusted to that person's care but owned by someone else.
Two-Factor Authentication
Toneloc
CGI (The Common Gateway Interface)
Embezzlement
47. Enticing people to hit your honeypot to see how they try to access your system.
Birthday attack
Firmware
Enticement
MitM
48. When an employee leaves the company - you want to make them aware of non-disclosures and non compete clauses - etc.
Exit interview
Illegal/Unethical
Probing
EF (Exposure Factor)
49. The effort made by an ordinarily prudent or reasonable party to avoid harm to another party or himself. Deals with liability.
Promiscuous mode
Due Diligence
Out of band
Fiber optic
50. A type of hash function used to produce a checksum - which is a small - fixed number of bits - against a block of data. This is used to detect errors after transmission or storage.
Virtual Memory/Pagefile.sys
Identification
Spoofing
CRC (Cyclic Redundancy Check)