Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






2. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






3. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






4. Considered to be a perimeter device






5. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






6. Known - unknown - zero day






7. Personal area network - phone tethering - bluetooth - etc






8. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






9. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






10. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






11. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






12. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






13. Syn - Syn/Ack - Ack






14. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






15. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






16. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






17. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






18. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






19. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






20. 53 bytes - 48 bytes for data - 5 bytes for the header






21. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






22. It interacts with the application layer to determine which network services will be required






23. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






24. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






25. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






26. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






27. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






28. It handles the establishment and maintenance of connections between systems






29. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






30. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






31. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






32. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






33. An attempt to gain access by bombarding it with guesses until the password is found.






34. Handles transmissions across the physical media like wires - fiber - etc






35. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






36. Confidentiality - integrity - availability






37. Bits of code embedded in programs to quickly gain access at a later time






38. Message in its encrypted form






39. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






40. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






41. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






42. Stateful firewalls maintain state of traffic flows






43. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






44. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






45. FIN 130 - ACK 131 - FIN 570 - ACK 571






46. Unencrypted message in its original form






47. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






48. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






49. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






50. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP