Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. destruction of data - leaking confidential information - providing backdoor access






2. Personal area network - phone tethering - bluetooth - etc






3. Uniform protection - protected enclaves - information centric - threat vector analysis






4. OSI






5. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






6. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






7. The practice of sending an ACK inside another packet going to the same destination






8. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






9. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






10. True positive - false positive - true negative - false negative






11. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






12. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






13. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






14. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






15. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






16. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






17. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






18. Confidentiality - symmetric encryption






19. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






20. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






21. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






22. logic bomb - trojan horse - trap door






23. Bits of code embedded in programs to quickly gain access at a later time






24. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






25. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






26. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






27. Syn - Syn/Ack - Ack






28. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






29. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






30. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






31. Message in its encrypted form






32. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






33. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






34. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






35. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






36. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






37. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






38. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






39. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






40. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






41. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






42. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






43. Stateful firewalls maintain state of traffic flows






44. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






45. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






46. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






47. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






48. Trying to ID modems in a telephone exchange that may be susceptible to compromise






49. fast - with little fidelity - examines header information and limited payload data






50. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con