Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






2. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






3. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






4. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






5. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






6. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






7. Confidentiality - symmetric encryption






8. Uniform protection - protected enclaves - information centric - threat vector analysis






9. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






10. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






11. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






12. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






13. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority






14. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






15. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






16. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






17. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






18. Intrusion detection system - it reports attacks against monitored systems/networks






19. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






20. FIN 130 - ACK 131 - FIN 570 - ACK 571






21. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






22. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


23. Confidentiality - integrity - availability






24. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






25. Personal area network - phone tethering - bluetooth - etc






26. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






27. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






28. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






29. Known - unknown - zero day






30. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






31. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






32. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






33. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






34. Connects many WANs - MANs - and LANs - provided via ISP






35. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






36. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






37. Intellectual property - business goals - validated data - historical






38. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






39. OSI






40. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






41. Relies on executable code insertion and user interaction to spread






42. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






43. Going around with equipment to detect wireless networks






44. Bits of code embedded in programs to quickly gain access at a later time






45. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






46. The Practice of sending an ACK inside another packet going to the same destination






47. True positive - false positive - true negative - false negative






48. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






49. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






50. The practice of sending an ACK inside another packet going to the same destination