Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. logic bomb - trojan horse - trap door






2. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






3. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






4. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






5. Confidentiality - symmetric encryption






6. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






7. Handles transmissions across the physical media like wires - fiber - etc






8. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






9. Network scanner.






10. One is for talking - one is for implementing






11. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






12. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






13. A cracking tool inserted into the OS that allows the attacker to do as they please.






14. 53 bytes - 48 bytes for data - 5 bytes for the header






15. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






16. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






17. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






18. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






19. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


20. Simple attack done by simply browsing available information that's allowed on a local network.






21. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






22. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






23. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






24. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






25. FIN 130 - ACK 131 - FIN 570 - ACK 571






26. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






27. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






28. An attempt to gain access by bombarding it with guesses until the password is found.






29. Uniform protection - protected enclaves - information centric - threat vector analysis






30. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






31. It interacts with the application layer to determine which network services will be required






32. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






33. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






34. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






35. Bits of code embedded in programs to quickly gain access at a later time






36. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






37. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






38. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






39. Going around with equipment to detect wireless networks






40. Considered to be a perimeter device






41. Infects MBR - no network spreading potential






42. True positive - false positive - true negative - false negative






43. Intrusion detection system - it reports attacks against monitored systems/networks






44. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






45. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






46. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






47. Relies on executable code insertion and user interaction to spread






48. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






49. fast - with little fidelity - examines header information and limited payload data






50. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS