Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It interacts with the application layer to determine which network services will be required






2. Infects MBR - no network spreading potential






3. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






4. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






5. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware


6. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






7. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






8. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority






9. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






10. Simple attack done by simply browsing available information that's allowed on a local network.






11. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






12. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






13. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






14. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






15. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






16. Network scanner.






17. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable


18. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






19. A cracking tool inserted into the OS that allows the attacker to do as they please.






20. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






21. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






22. Considered to be a perimeter device






23. Unencrypted message in its original form






24. It makes sure the data sent from one side to the other is in a format useful to the other side






25. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






26. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






27. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






28. Provides insight into the tactics - motives - and attacker tools






29. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






30. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






31. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






32. Connects many WANs - MANs - and LANs - provided via ISP






33. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






34. Handles transmissions across the physical media like wires - fiber - etc






35. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






36. It handles the establishment and maintenance of connections between systems






37. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






38. The Practice of sending an ACK inside another packet going to the same destination






39. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






40. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






41. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






42. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






43. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






44. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






45. One is for talking - one is for implementing






46. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






47. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






48. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






49. Confidentiality - integrity - availability






50. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key