Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






2. Malware - insider threat - natural disaster - terrorism - pandemic






3. An attempt to gain access by bombarding it with guesses until the password is found.






4. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






5. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






6. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






7. It interacts with the application layer to determine which network services will be required






8. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






9. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






10. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






11. Considered to be a perimeter device






12. destruction of data - leaking confidential information - providing backdoor access






13. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






14. Confidentiality - integrity - availability






15. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






16. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






17. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






18. Syn - Syn/Ack - Ack






19. True positive - false positive - true negative - false negative






20. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






21. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






22. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






23. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






24. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






25. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






26. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






27. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






28. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






29. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






30. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






31. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






32. A cracking tool inserted into the OS that allows the attacker to do as they please.






33. Confidentiality - symmetric encryption






34. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






35. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






36. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






37. Personal area network - phone tethering - bluetooth - etc






38. Unencrypted message in its original form






39. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






40. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






41. It handles the establishment and maintenance of connections between systems






42. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






43. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






44. logic bomb - trojan horse - trap door






45. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






46. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






47. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






48. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. Connects many WANs - MANs - and LANs - provided via ISP






50. Stateful firewalls maintain state of traffic flows