Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






2. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






3. destruction of data - leaking confidential information - providing backdoor access






4. Unified data carrying service - replacing from replay and ATM






5. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






6. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






7. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






8. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






9. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






10. Malware - insider threat - natural disaster - terrorism - pandemic






11. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






12. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






13. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






14. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






15. Full open - half open (stealth scan) - UDP - Ping






16. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






17. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






18. Syn - Syn/Ack - Ack






19. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






20. Attaches itself to existing program files and activated when the exe is launched






21. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






22. Bits of code embedded in programs to quickly gain access at a later time






23. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






24. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






25. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






26. Infects MBR - no network spreading potential






27. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






28. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






29. The practice of sending an ACK inside another packet going to the same destination






30. FIN 130 - ACK 131 - FIN 570 - ACK 571






31. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






32. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






33. Known - unknown - zero day






34. Network scanner.






35. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






36. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






37. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






38. Handles transmissions across the physical media like wires - fiber - etc






39. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






40. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






41. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






42. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






43. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






44. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






45. Relies on executable code insertion and user interaction to spread






46. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






47. It handles the establishment and maintenance of connections between systems






48. Confidentiality - integrity - availability






49. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






50. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum