Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






2. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






3. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






4. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






5. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






6. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






7. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






8. The practice of sending an ACK inside another packet going to the same destination






9. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






10. Handles transmissions across the physical media like wires - fiber - etc






11. logic bomb - trojan horse - trap door






12. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






13. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






14. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






15. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






16. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






17. destruction of data - leaking confidential information - providing backdoor access






18. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






19. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






20. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






21. Intellectual property - business goals - validated data - historical






22. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






23. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






24. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






25. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






26. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






27. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






28. Provides insight into the tactics - motives - and attacker tools






29. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






30. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






31. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






32. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






33. Connects many WANs - MANs - and LANs - provided via ISP






34. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






35. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






36. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






37. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






38. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






39. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






40. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






41. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






42. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






43. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


44. fast - with little fidelity - examines header information and limited payload data






45. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






46. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






47. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






48. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






49. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






50. FIN 130 - ACK 131 - FIN 570 - ACK 571