Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Intellectual property - business goals - validated data - historical






2. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






3. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






4. Connects many WANs - MANs - and LANs - provided via ISP






5. Trying to ID modems in a telephone exchange that may be susceptible to compromise






6. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






7. It makes sure the data sent from one side to the other is in a format useful to the other side






8. Malware - insider threat - natural disaster - terrorism - pandemic






9. True positive - false positive - true negative - false negative






10. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






11. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






12. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






13. Going around with equipment to detect wireless networks






14. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






15. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


16. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






17. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






18. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






19. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






20. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






21. Relies on executable code insertion and user interaction to spread






22. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






23. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






24. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






25. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






26. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






27. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






28. FIN 130 - ACK 131 - FIN 570 - ACK 571






29. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






30. It interacts with the application layer to determine which network services will be required






31. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






32. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






33. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






34. An attempt to gain access by bombarding it with guesses until the password is found.






35. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






36. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






37. Known - unknown - zero day






38. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






39. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






40. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






41. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






42. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






43. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






44. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






45. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






46. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






47. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






48. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






49. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






50. Provides insight into the tactics - motives - and attacker tools