Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Known - unknown - zero day






2. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






3. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






4. It handles the establishment and maintenance of connections between systems






5. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






6. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






7. One is for talking - one is for implementing






8. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






9. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






10. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






11. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






12. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






13. True positive - false positive - true negative - false negative






14. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






15. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






16. Network scanner.






17. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






18. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






19. destruction of data - leaking confidential information - providing backdoor access






20. Unencrypted message in its original form






21. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






22. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






23. Full open - half open (stealth scan) - UDP - Ping






24. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






25. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






26. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






27. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






28. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






29. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






30. Handles transmissions across the physical media like wires - fiber - etc






31. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






32. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


33. Relies on executable code insertion and user interaction to spread






34. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






35. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






36. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






37. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






38. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






39. Attaches itself to existing program files and activated when the exe is launched






40. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






41. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






42. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






43. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






44. Simple attack done by simply browsing available information that's allowed on a local network.






45. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






46. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






47. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






48. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






49. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






50. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests