Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Relies on executable code insertion and user interaction to spread






2. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






3. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






4. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






5. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






6. Handles transmissions across the physical media like wires - fiber - etc






7. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






8. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






9. Protected at rest - protected in transit - secure the key






10. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






11. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






12. Stateful firewalls maintain state of traffic flows






13. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






14. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






15. Intrusion detection system - it reports attacks against monitored systems/networks






16. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






17. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






18. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






19. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






20. Confidentiality - symmetric encryption






21. Intellectual property - business goals - validated data - historical






22. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






23. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






24. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






25. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






26. Message in its encrypted form






27. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






28. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






29. True positive - false positive - true negative - false negative






30. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






31. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






32. Provides insight into the tactics - motives - and attacker tools






33. A cracking tool inserted into the OS that allows the attacker to do as they please.






34. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






35. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






36. Simple attack done by simply browsing available information that's allowed on a local network.






37. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






38. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






39. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






40. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






41. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






42. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






43. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority






44. Unencrypted message in its original form






45. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






46. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






47. Network scanner.






48. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






49. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






50. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:



Major Subjects



Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Most popular tests