SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Protocol used to map an known IP address to its corresponding media access control (MAC) address
ARP
land attack
active
smurf
2. Firewall with two NICs - one internal and one external facing - NAT is often used with this firewall
twisted pair
network
website spoofing
dual homed
3. User / registered ports
allow by default
router
protocol analyzer
1024 - 49 -151
4. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities
multiple interface firewall
VLAN
firewalls
honeypot
5. A logical division of a computer network - in which all nodes can reach each other by broadcast at the data link layer - equivalent to a VLAN
protocol analyzer
knowledge based
broadcast domain
layered
6. Acts as an organizations internal phone system
application gateway
man in the middle and replay
ARP
PBX (Private Branch Exchange)
7. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection
null session
cat5
stateful inspection
ping of death
8. A flaw in TCP/IP to verify that a packet really comes from the addess indicated in the IP header leads to this attack
IP spoofing
replay
behavior based
spoofing
9. A set of rules computers use to communicate with each other across a network
ping of death
zone transfer
protocol
router
10. A variation of a smurf attack using UDP
router
fraggle
application gateway
cat5
11. Network configuration that permits selected outsiders access internal information systems
switch
extranet
DMZ
cat5
12. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
land attack
defense in depth
NIDS
content filter
13. Connects devices together to form a subnet - broadcasts incoming packets to all devices
NIPS
ping of death
hub
proxy server
14. Firewall with several NICs connected to different networks
ARP
private
multi homed
deny by default
15. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
private
behavior based
repeater
proxy
16. A logical group of computers connected via a switch/hub that share the same network prefix in their IP address
stateful inspection
static NAT
protocol analyzer
subnet
17. Head of a packet contains...
broadcast domain
promiscuous
ARP poisoning
source - destination - protocol
18. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination
honeynet
blind
store and forward
coaxial
19. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client
proxy
cat3
session hijacking
passive
20. Examines content passing through and makes a decision on the data based on a set of criteria - normal uses email filtering and web browsing
defense in depth
content filter
twisted pair
null session
21. Known as thicknet - 10mbps - limited to 500 meters
website spoofing
informed
stateful inspection
10Base5
22. IP spoofing attack where the attacker can only send packets and has to guess about replies
honeynet
protocol
blind
NIPS
23. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________
man in the middle and replay
10base2
cat3
DMZ
24. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)
twisted pair
defense in depth
IP spoofing
multiple interface firewall
25. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
broadcast domain
ARP poisoning
bastion host
man in the middle and replay
26. Known as thinnet - 10mbps - limited to 185 meters
10base2
split horizon DNS
dynamic NAT
NIDS
27. Twisted pair cable with speed capability of 1Gbps
cat5
10base2
tcp/ip hijacking
ping flooding
28. Amplifies the signal of incoming packets before broadcasting them to the network
repeater
dual homed
HIDS
IP spoofing
29. IP - email - website - DNS - and ARP
man in the middle
spoofing attacks
broadcast domain
extranet
30. A server that sits between an intranet and it's Internet connection - masking all IP addresses
subnet
firewalls
packet filter
proxy server
31. A packet filtering firewall works at this layer of the OSI model
layered
passive
firewalls
network
32. Man in the middle attack where the content of an intercepted message is altered before it is sent on
active
man in the middle and replay
split horizon DNS
hub
33. A group of hosts on logical network segment that communicate as if they were attached to the same broadcast domain - regardless of their physical location
stateful inspection
VLAN
honeypot
ping flooding
34. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address
active
application
NAT
router
35. Bbenign activity reported as malicious
man in the middle and replay
ping flooding
false positive
fiber optic
36. Level 2 firewall often used to filter web traffic
proxy
repeater
split horizon DNS
multi homed
37. Cable used most in networks - maximum speed 1Gbps - maximum length 100 meters - susceptible to tap
twisted pair
IP spoofing
extranet
replay
38. Blocks all traffic from passing through the firewall except for traffic that is explicitly allowed - also known as restrictive access - best practice
ping flooding
deny by default
NIPS
session hijacking
39. A locked down/hardened host on the public side of the firewall highly exposed to attacks (i.e. web server - email server)
port
tcp/ip hijacking
bastion host
static NAT
40. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion
10Base5
multi homed
teardrop
fraggle
41. Malicious activity not reported or detected
NIPS
PBX (Private Branch Exchange)
replay
false negative
42. Allows all traffic except traffic that is specifically denied - also known as permissive access
NIPS
SYN flood
allow by default
fiber optic
43. Man in the middle attack where the attacker captures the traffic and sends it to the original recipient without altering the intercepted data
passive
store and forward
multiple interface firewall
0 - 1023
44. One process on every system - use local system resources - detect attacks that NIDS misses - examine data after decrypted - can be OS specific - more expensive
active
10Base5
dual homed
HIDS
45. IPS response method - terminate process/session - block/reject and redirect network traffic
active
DMZ
VLAN
teardrop
46. An attack where an attacker captures sensitive information and sends it again later in an attempt to replicate the transaction
replay
knowledge based
SYN flood
null session
47. IDS that relies on the identification of known attack signatures
active
land attack
knowledge based
spoofing attacks
48. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
application
active
website spoofing
protocol analyzer
49. A person or program masquerades as another by presenting false information to gain an illegitimate advantage
ping flooding
spoofing
content filter
fraggle
50. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache
false positive
VLAN
DNS spoofing
cat3
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests