Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






2. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


3. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






4. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






5. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






6. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






7. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






8. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






9. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






10. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






11. Intellectual property - business goals - validated data - historical






12. An attempt to gain access by bombarding it with guesses until the password is found.






13. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






14. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






15. Protected at rest - protected in transit - secure the key






16. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






17. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






18. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






19. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






20. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






21. Handles transmissions across the physical media like wires - fiber - etc






22. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






23. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






24. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






25. destruction of data - leaking confidential information - providing backdoor access






26. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






27. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






28. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






29. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






30. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






31. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






32. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






33. Malware - insider threat - natural disaster - terrorism - pandemic






34. Provides insight into the tactics - motives - and attacker tools






35. Known - unknown - zero day






36. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






37. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






38. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






39. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






40. FIN 130 - ACK 131 - FIN 570 - ACK 571






41. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






42. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






43. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






44. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






45. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






46. Unencrypted message in its original form






47. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






48. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






49. One is for talking - one is for implementing






50. fast - with little fidelity - examines header information and limited payload data