Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






2. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






3. Considered to be a perimeter device






4. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






5. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






6. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






7. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






8. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






9. OSI






10. Network scanner.






11. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






12. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






13. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






14. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






15. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






16. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






17. Full open - half open (stealth scan) - UDP - Ping






18. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






19. Unencrypted message in its original form






20. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






21. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






22. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






23. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






24. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






25. Syn - Syn/Ack - Ack






26. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






27. Trying to ID modems in a telephone exchange that may be susceptible to compromise






28. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






29. Bits of code embedded in programs to quickly gain access at a later time






30. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






31. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






32. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






33. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






34. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






35. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






36. FIN 130 - ACK 131 - FIN 570 - ACK 571






37. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






38. Relies on executable code insertion and user interaction to spread






39. Unified data carrying service - replacing from replay and ATM






40. It interacts with the application layer to determine which network services will be required






41. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


42. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






43. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






44. fast - with little fidelity - examines header information and limited payload data






45. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






46. 53 bytes - 48 bytes for data - 5 bytes for the header






47. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






48. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






49. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






50. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum