Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






2. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






3. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






4. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






5. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


6. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






7. One is for talking - one is for implementing






8. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






9. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






10. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






11. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






12. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






13. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






14. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






15. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






16. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






17. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






18. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






19. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






20. Uniform protection - protected enclaves - information centric - threat vector analysis






21. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






22. Trying to ID modems in a telephone exchange that may be susceptible to compromise






23. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






24. Intrusion detection system - it reports attacks against monitored systems/networks






25. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






26. Protected at rest - protected in transit - secure the key






27. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






28. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






29. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






30. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






31. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






32. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






33. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






34. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






35. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






36. Personal area network - phone tethering - bluetooth - etc






37. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






38. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






39. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






40. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






41. Intellectual property - business goals - validated data - historical






42. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






43. Full open - half open (stealth scan) - UDP - Ping






44. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






45. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






46. 53 bytes - 48 bytes for data - 5 bytes for the header






47. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






48. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






49. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






50. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired