Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






2. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






3. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






4. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






5. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






6. Connects many WANs - MANs - and LANs - provided via ISP






7. destruction of data - leaking confidential information - providing backdoor access






8. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






9. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






10. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






11. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






12. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






13. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






14. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






15. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






16. Known - unknown - zero day






17. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






18. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






19. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






20. Unencrypted message in its original form






21. Relies on executable code insertion and user interaction to spread






22. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






23. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






24. Message in its encrypted form






25. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






26. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






27. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






28. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






30. Handles transmissions across the physical media like wires - fiber - etc






31. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






32. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






33. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






34. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






35. Full open - half open (stealth scan) - UDP - Ping






36. The practice of sending an ACK inside another packet going to the same destination






37. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






38. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






39. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






40. An attempt to gain access by bombarding it with guesses until the password is found.






41. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






42. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






43. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






44. True positive - false positive - true negative - false negative






45. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






46. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






47. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






48. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






49. logic bomb - trojan horse - trap door






50. Unified data carrying service - replacing from replay and ATM