SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Vocab
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A sandbox. Emulates an operating environment.
Spoofing
CIO
Virtual machine
Macro
2. A technique to eliminate data redundancy.
CD-Rom
Normalization
BIA
Man trap
3. A RFC standard. A mechanism for performing commands on a remote system
Hackers
Passive attacks
Telnet
Rolling hot sites
4. A meme and a joke are the same thing. e.g. When someone says to delete a file that is really just fine and they call it a virus
CORBA
Joke
Active attacks
Stream cipher
5. A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox - making use of a space-time tradeoff.
Birthday attack
Active attacks
ISDN (Integrated Services Digital Network)
Username/password
6. Network device that operates at layer 1. Concentrator.
Guards
Hubs
Twisted pair
Trade Secret
7. 'If you cant see it - its secure'. Bad policy to live by.
Security through obscurity
Copyright
Key Escrow
Nonce
8. The process of developing a planned approach to change in an organization. Typically the objective is to maximize the collective benefits for all people involved in the change and minimize the risk of failure of implementing the change.
Virtual Memory/Pagefile.sys
Change management
EF (Exposure Factor)
Detective - Preventive - Corrective
9. A class of storage media used in computers and other electronic devices. Because it cannot (easily) be written to - its main uses lie in the distribution of firmware.
Firewall types
Authentication
ROM (Read-only memory)
Passive attacks
10. A legal term used to describe an out-of-court statement offered to establish the truth of the facts asserted in that statement. Hearsay is generally not admissible in common law courts because it is of dubious value - but there are many exceptions to
CHAP
Hearsay Evidence
Warm Site
Polymorphism
11. A hash function (or hash algorithm) is a way of creating a small digital 'fingerprint' from any kind of data. The function chops and mixes the data to create the fingerprint - often called a hash value. The hash value is commonly represented as a sho
Certification
Security kernel
Hash
Polymorphic
12. Virtual LANs. Separating broadcast domains on a single network. A way of partitioning communications channels.
Routers
Multitasking
Cyphertext only
VLANs
13. Enticing people to hit your honeypot to see how they try to access your system.
Multitasking
Enticement
Audit Trail
PAP (Password Authentication Protocol)
14. Basic Input/Output System
BIOS
Routers
NAT
Fraggle
15. A set of exclusive rights granted by governments to regulate the use of a particular expression of an idea or information. Artists ability to control their work
Copyright
Asset Value
BIOS
Cyphertext only
16. When security is managed at many different points in an organization
CHAP
Decentralized
Enticement
Active attacks
17. In a computer system (or cryptosystem or algorithm) these are methods of bypassing normal authentication or securing remote access to a computer - while attempting to remain hidden from casual inspection.
RAM (Random-access memory)
Virtual Memory/Pagefile.sys
Back door/ trap door/maintenance hook
FAR/FRR/CER
18. Someone who hacks
Hacker
Patent
Polymorphic
Raid 0 - 1 - 3 - 5
19. In computing - it is software that is embedded in a hardware device. It is often provided on flash ROMs or as a binary image file that can be uploaded onto existing hardware by a user.
Coax
Firmware
Audit Trail
Kerberos
20. Confidentiality - Integrity - and Availability
CIA
UUEncode
Trap Door
Fraud
21. If an employee is suspected of wrongdoing - sending them away from work for a while so that their actions can be audited.
Dogs
Expert System
Halon
Mandatory vacation
22. The real cost of acquiring/maintaining/developing a system
Asset Value
Copyright
Quality Assurance
Birthday attack
23. An organization that got their fame from telling the Senate Judiciary Committee that they could bring down the Internet in 30 minutes. Black hat....
Cold Site
Transposition
l0pht
Hubs
24. A type of virus that changes its telltale code segments so that it ' looks' different from one infected file to another - thus making detection more difficult.
Polymorphic
Teardrop
Open network
Penetration testing
25. A denial-of-service attack is an attack on a computer system or network that causes a loss of service to users - typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational
VPN (Virtual Private Network)
Vulnerability analysis tools
Centralized
DOS
26. a.k.a. The Chinese wall. Nash Bridges - Bridge wall - Chinese wall. Dynamically changes access control to prevent unauthorized access.
Brewer-Nash model
Sniffing
Qualitative
NAT
27. Data storage formats and equipment that allow the stored data to be accessed in any order
Halon
RAM (Random-access memory)
CORBA
Hearsay Evidence
28. Internet Relay Chat.
IRC
Finger printing
Expert systems
Salami Slicing
29. CISSPs subscribe to a code of ethics for building up the security profession
Artificial Neural Networks (ANN)
Code of ethics
Patent
OLE
30. In computer terminology - a honeypot is a trap set to detect - deflect or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer - data or a network site that appears to be part of a network
Honey pot
Carnivore
Multitasking
Finger printing
31. The process of training end users / employees in the ways and processes of security. This helps to mitigate risk to the company (if the employees know what to do) and also helps the employees to know what is expected of them security-wise - so that t
Classes of IP networks
Security Awareness Training
Fraggle
Decentralized
32. In a separation of duties model - this is where code is checked in and out
Senior Management
Block cipher
Software librarian
Firewall types
33. Personal - Network - and Application
Cookies
Diffie-Hellman
Firewall types
Risk Analysis
34. Emanations from one wire coupling with another wire
/etc/passwd
Out of band
Crosstalk
COM
35. Procedures for when an employee is terminated to ensure that they are aware of their responsibilities and turn in all company property.
RAM (Random-access memory)
Tailgating / Piggybacking
Risk Mitigation
Termination procedures
36. In computer security - this type of attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage.
Spoofing
DHCP
Risk Acceptance
Key Escrow
37. The output of a hash function is a digest.
Digest
Bugtraq
Copyright
Schema
38. The most popular computer language used to create - modify - retrieve and manipulate data from relational database management systems. The language has evolved beyond its original purpose to support object-relational database management systems. It i
Qualitative
Polymorphic
Asymmetric
SQL (Structured Query Language)
39. Disclosure - Alteration - Destruction. These things break the CIA triad
Covert channels
Crosstalk
Due Care
DAD
40. Jumping into dumpsters to retrieve information about someone/something/a company
Dumpster diving
Dogs
Checksum
ROT-13
41. An automated tool with a database of known vulnerabilities that check systems for those vulnerabilities
Vulnerability analysis tools
Separation of duties
Twisted pair
Well-known ports
42. Component Object Model.
Session Hijacking
Entrapment
COM
Embezzlement
43. In telecommunications - a callback occurs when the originator of a call is immediately called back in a second call as a response. This helps to make sure that only authorized people are calling in as the number dialing in has to be in the list. Howe
Callback Security/Call Forwarding
Penetration testing
Job rotation
Hubs
44. More discriminate than dogs
Guards
Attenuation
Due Diligence
Covert channels
45. A person able to exploit a system or gain unauthorized access through skill and tactics. This usually refers to a black hat hacker. There are also white hats (ethical hackers) - and grey hats.
Hackers
Entrapment
Eavesdropping
Malware
46. Packet sniffers (also known as network or protocol analyzers or Ethernet sniffers) are computer software (usually) or computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams travel bac
Security Perimeter
Sniffing
Due Care
Packet Sniffing
47. Telephone tapping (or wire tapping/wiretapping in the US) is the monitoring of telephone and Internet conversations by a third party - often by covert means. The telephone tap or wire tap received its name because historically - the monitoring connec
Wiretapping
Entrapment
Normalization
Accreditation
48. The idea is that a computer program may be seen as comprising a collection of individual units - or objects - that act on each other - as opposed to a traditional view in which a program may be seen as a collection of functions - or simply as a list
UUEncode
Object Oriented Programming
Risk Management
Hardware
49. Packet sniffers (also known as Network Analyzers or Ethernet Sniffers) are software programs that can see the traffic passing over a network or part of a network. As data streams travel back and forth over the network - the program captures each pack
FAR/FRR/CER
DAD
Sniffing
Biometric profile
50. Continuation of Operations Plan
Promiscuous mode
COOP
Well-known ports
Risk Acceptance
