Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






2. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






3. A cracking tool inserted into the OS that allows the attacker to do as they please.






4. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






5. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






6. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






7. Personal area network - phone tethering - bluetooth - etc






8. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






9. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






10. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






11. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






12. An attempt to gain access by bombarding it with guesses until the password is found.






13. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






14. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






15. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






16. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






17. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






18. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






19. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






20. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






21. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






22. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






23. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






24. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






25. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






26. Unencrypted message in its original form






27. Relies on executable code insertion and user interaction to spread






28. logic bomb - trojan horse - trap door






29. Confidentiality - integrity - availability






30. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






31. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






32. Message in its encrypted form






33. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






34. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






35. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






36. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






37. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






38. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






39. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






40. Confidentiality - symmetric encryption






41. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






42. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


43. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






44. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






45. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






46. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






47. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






48. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






50. The practice of sending an ACK inside another packet going to the same destination