Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






2. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






3. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






4. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






5. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






6. OSI






7. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






8. Unified data carrying service - replacing from replay and ATM






9. Handles transmissions across the physical media like wires - fiber - etc






10. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






11. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






12. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






13. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


14. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






15. Unencrypted message in its original form






16. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






17. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






18. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






19. Intrusion detection system - it reports attacks against monitored systems/networks






20. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






21. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






22. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






23. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






24. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






25. Uniform protection - protected enclaves - information centric - threat vector analysis






26. Personal area network - phone tethering - bluetooth - etc






27. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






28. Infects MBR - no network spreading potential






29. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






30. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






31. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






32. The Practice of sending an ACK inside another packet going to the same destination






33. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






34. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






35. The practice of sending an ACK inside another packet going to the same destination






36. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






37. An attempt to gain access by bombarding it with guesses until the password is found.






38. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






39. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






40. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






41. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






42. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






43. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






44. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






45. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






46. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






47. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






48. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






49. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






50. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector