Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






2. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






3. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






4. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






5. Network scanner.






6. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






7. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






8. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






9. Considered to be a perimeter device






10. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






11. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






12. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






13. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






14. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






15. Personal area network - phone tethering - bluetooth - etc






16. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






17. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






18. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






19. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






20. The Practice of sending an ACK inside another packet going to the same destination






21. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






22. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






23. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






24. Simple attack done by simply browsing available information that's allowed on a local network.






25. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






26. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






27. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






28. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






29. OSI






30. Stateful firewalls maintain state of traffic flows






31. Uniform protection - protected enclaves - information centric - threat vector analysis






32. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






33. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






34. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






35. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






36. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






37. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






38. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






39. Attaches itself to existing program files and activated when the exe is launched






40. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






41. Bits of code embedded in programs to quickly gain access at a later time






42. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






43. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






44. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






45. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






46. An attempt to gain access by bombarding it with guesses until the password is found.






47. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






48. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






49. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


50. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p