Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Network scanner.






2. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


3. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






4. A cracking tool inserted into the OS that allows the attacker to do as they please.






5. FIN 130 - ACK 131 - FIN 570 - ACK 571






6. 53 bytes - 48 bytes for data - 5 bytes for the header






7. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






8. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






9. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






10. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






11. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






12. It interacts with the application layer to determine which network services will be required






13. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






14. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






15. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






16. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






17. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






18. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






19. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






20. Bits of code embedded in programs to quickly gain access at a later time






21. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






22. Confidentiality - integrity - availability






23. destruction of data - leaking confidential information - providing backdoor access






24. Personal area network - phone tethering - bluetooth - etc






25. It makes sure the data sent from one side to the other is in a format useful to the other side






26. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






27. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






28. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






29. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






30. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






31. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






32. Malware - insider threat - natural disaster - terrorism - pandemic






33. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






34. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






35. One is for talking - one is for implementing






36. Attaches itself to existing program files and activated when the exe is launched






37. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






38. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






39. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






40. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






41. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






42. Unencrypted message in its original form






43. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






44. Message in its encrypted form






45. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






46. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






47. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






48. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






49. Unified data carrying service - replacing from replay and ATM






50. Uniform protection - protected enclaves - information centric - threat vector analysis