Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






2. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






3. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






4. Message in its encrypted form






5. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






6. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






7. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






8. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






9. Infects MBR - no network spreading potential






10. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






11. OSI






12. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






13. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






14. Full open - half open (stealth scan) - UDP - Ping






15. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






16. 53 bytes - 48 bytes for data - 5 bytes for the header






17. Trying to ID modems in a telephone exchange that may be susceptible to compromise






18. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






19. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






20. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






21. True positive - false positive - true negative - false negative






22. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






23. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






24. The practice of sending an ACK inside another packet going to the same destination






25. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






26. destruction of data - leaking confidential information - providing backdoor access






27. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






28. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






29. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






30. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






31. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable


32. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






33. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






34. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






35. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






36. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






37. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






38. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






39. Attaches itself to existing program files and activated when the exe is launched






40. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






41. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






42. Simple attack done by simply browsing available information that's allowed on a local network.






43. A cracking tool inserted into the OS that allows the attacker to do as they please.






44. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






45. Handles transmissions across the physical media like wires - fiber - etc






46. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






47. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






48. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






49. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






50. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0