Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






2. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






3. Considered to be a perimeter device






4. An attempt to gain access by bombarding it with guesses until the password is found.






5. Handles transmissions across the physical media like wires - fiber - etc






6. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






7. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






8. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






9. 53 bytes - 48 bytes for data - 5 bytes for the header






10. The practice of sending an ACK inside another packet going to the same destination






11. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






12. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






13. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






14. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






15. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






16. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






17. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






18. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






19. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






20. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






21. destruction of data - leaking confidential information - providing backdoor access






22. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






23. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






24. Infects MBR - no network spreading potential






25. logic bomb - trojan horse - trap door






26. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






27. Syn - Syn/Ack - Ack






28. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






29. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






30. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






31. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






32. Connects many WANs - MANs - and LANs - provided via ISP






33. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






34. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






35. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






36. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






37. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






38. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






39. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






40. Full open - half open (stealth scan) - UDP - Ping






41. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






42. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






43. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






44. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






45. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






46. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






47. Intrusion detection system - it reports attacks against monitored systems/networks






48. Malware - insider threat - natural disaster - terrorism - pandemic






49. Unencrypted message in its original form






50. Worms and Wireless - modems - tunnel anything through HTTP - social engineering