Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






2. Full open - half open (stealth scan) - UDP - Ping






3. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






4. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






5. Simple attack done by simply browsing available information that's allowed on a local network.






6. Handles transmissions across the physical media like wires - fiber - etc






7. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






8. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






9. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






10. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






11. One is for talking - one is for implementing






12. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






13. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






14. Trying to ID modems in a telephone exchange that may be susceptible to compromise






15. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






16. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






17. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






18. Confidentiality - integrity - availability






19. Attaches itself to existing program files and activated when the exe is launched






20. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






21. Personal area network - phone tethering - bluetooth - etc






22. It makes sure the data sent from one side to the other is in a format useful to the other side






23. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






24. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






25. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






26. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






27. The Practice of sending an ACK inside another packet going to the same destination






28. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






29. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






30. Malware - insider threat - natural disaster - terrorism - pandemic






31. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






32. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






33. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






34. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






35. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






36. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






37. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






38. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






39. Intrusion detection system - it reports attacks against monitored systems/networks






40. Network scanner.






41. logic bomb - trojan horse - trap door






42. Stateful firewalls maintain state of traffic flows






43. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






44. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






45. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






46. Connects many WANs - MANs - and LANs - provided via ISP






47. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






48. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






49. It handles the establishment and maintenance of connections between systems






50. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet