Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






2. Attaches itself to existing program files and activated when the exe is launched






3. fast - with little fidelity - examines header information and limited payload data






4. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






5. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






6. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






7. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






8. Confidentiality - integrity - availability






9. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






10. Uniform protection - protected enclaves - information centric - threat vector analysis






11. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






12. Relies on executable code insertion and user interaction to spread






13. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






14. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






15. FIN 130 - ACK 131 - FIN 570 - ACK 571






16. Stateful firewalls maintain state of traffic flows






17. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






18. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






19. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






20. Personal area network - phone tethering - bluetooth - etc






21. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






22. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






23. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






24. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






25. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






26. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






27. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






28. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






29. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






30. Connects many WANs - MANs - and LANs - provided via ISP






31. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






32. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






33. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






34. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






35. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






36. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






37. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






38. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






39. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






40. It handles the establishment and maintenance of connections between systems






41. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






42. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






43. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






44. Bits of code embedded in programs to quickly gain access at a later time






45. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






46. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






47. The practice of sending an ACK inside another packet going to the same destination






48. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






49. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






50. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.