Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Relies on executable code insertion and user interaction to spread






2. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






3. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






4. The Practice of sending an ACK inside another packet going to the same destination






5. Malware - insider threat - natural disaster - terrorism - pandemic






6. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






7. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






8. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






9. Going around with equipment to detect wireless networks






10. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






11. Bits of code embedded in programs to quickly gain access at a later time






12. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






13. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






14. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






15. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






16. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






17. Connects many WANs - MANs - and LANs - provided via ISP






18. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






19. Trying to ID modems in a telephone exchange that may be susceptible to compromise






20. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






21. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






22. fast - with little fidelity - examines header information and limited payload data






23. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






24. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






25. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






26. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






27. destruction of data - leaking confidential information - providing backdoor access






28. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






29. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






30. FIN 130 - ACK 131 - FIN 570 - ACK 571






31. Simple attack done by simply browsing available information that's allowed on a local network.






32. Protected at rest - protected in transit - secure the key






33. The practice of sending an ACK inside another packet going to the same destination






34. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






35. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






36. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






37. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






38. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






39. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






40. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






41. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






42. OSI






43. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






44. Network scanner.






45. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






46. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






47. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






48. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






49. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






50. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0