Test your basic knowledge |

Comptia Security +: Network Security

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. IP spoofing attack where the attacker can only send packets and has to guess about replies
DNS spoofing
blind
multiple interface firewall
knowledge based

2. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet
IP spoofing
layered
10Base5
land attack

3. A pool of public IP addresses is shared by a collection of private IP addresses
firewall architectures
1024 - 49 -151
dynamic NAT
blind

4. Packet filtering - proxies - stateful inspection
IP spoofing
firewalls
fiber optic
encrypt session key

5. Level 2 firewall often used to filter web traffic
ping flooding
replay
proxy
private

6. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion
stateful inspection
passive
teardrop
honeypot

7. Seeks to reduce the probability and/or impact of a specific risk below an acceptable threshold
fiber optic
risk mitigation
network
spoofing attacks

8. One private IP address is mapped to one public IP address
multiple interface firewall
static NAT
NAT
firewalls

9. A complete transfer of all DNS zone information from one server to another
port
zone transfer
static NAT
teardrop

10. IP - email - website - DNS - and ARP
PBX (Private Branch Exchange)
1024 - 49 -151
spoofing attacks
router

11. A logical connection point allowing computers and software to communicate and exchange data
man in the middle and replay
port
0 - 1023
multi homed

12. Connects two or more subnets - determines the best path to forward packets based on packet header and forwarding table information
router
ping flooding
honeynet
PBX (Private Branch Exchange)

13. A logical division of a computer network - in which all nodes can reach each other by broadcast at the data link layer - equivalent to a VLAN
twisted pair
IP spoofing
broadcast domain
49 -152 - 65 -535

14. A set of rules computers use to communicate with each other across a network
ARP poisoning
protocol
deny by default
IP spoofing

15. Cable with copper core - has no physical transmission security and is easy to tap - 10mbps - maximum length 500 meters
PBX (Private Branch Exchange)
static NAT
deny by default
coaxial

16. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system
ARP
repeater
store and forward
IP spoofing

17. A physical or logical subnetwork that houses systems accessible to a larger untrusted network - usually the Internet - also known as DMZ
proxy
screened host
application gateway
screened subnet

18. Allows all traffic except traffic that is specifically denied - also known as permissive access
IP spoofing
allow by default
49 -152 - 65 -535
cat3

19. Capture and analyze network traffic - also known as packet analyzer - sniffer - network analyzer
false positive
PBX (Private Branch Exchange)
allow by default
protocol analyzer

20. A locked down/hardened host on the public side of the firewall highly exposed to attacks (i.e. web server - email server)
dual homed
ping flooding
bastion host
encrypt session key

21. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive
NIDS
ping of death
knowledge based
proxy server

22. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache
cat5
twisted pair
DNS spoofing
10base2

23. Man in the middle attack where the attacker captures the traffic and sends it to the original recipient without altering the intercepted data
passive
VLAN
extranet
allow by default

24. A ping message is broadcast to an entire network with a spoofed source IP addess of the victim computer - flooding the victim computer with responses during this attack
encrypt session key
NIDS network connections
spoofing
smurf

25. Used to pass data from one VLAN to another
fiber optic
router
risk mitigation
session hijacking

26. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
ping flooding
behavior based
proxy
screened subnet

27. Examines a entire packet and determines action based on a complex set of rules
broadcast domain
hub
application gateway
screened host

28. A variation of a smurf attack using UDP
null session
fraggle
knowledge based
10Base5

29. A packet filtering firewall works at this layer of the OSI model
promiscuous
screened subnet
network
twisted pair

30. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection
deny by default
stateful inspection
proxy
smurf

31. Protocol used to map an known IP address to its corresponding media access control (MAC) address
ARP
null session
protocol
firewall architectures

32. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities
honeypot
firewall architectures
passive
firewalls

33. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
man in the middle and replay
stateful inspection
proxy
false negative

34. Cable used most in networks - maximum speed 1Gbps - maximum length 100 meters - susceptible to tap
tcp/ip hijacking
protocol analyzer
DNS spoofing
twisted pair

35. Ping flooding - ping of death - smurf - fraggle - SYN flood - land - teardrop - email flood
coaxial
DoS attacks
NIPS
0 - 1023

36. A level 3 firewall that remembers / tracks network connections - maintains a state table - distinguish which side of a firewall a connection was initiated - higher security
stateful inspection
application gateway
10base2
fiber optic

37. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
replay
ping of death
proxy
false negative

38. Malicious insiders - connections that bypass the firewall (i.e. IM) - encrypted traffic/tunneling - social engineering - physical access are missed by ___________
10base2
HIDS
application
firewalls

39. Network configuration that permits selected outsiders access internal information systems
extranet
man in the middle and replay
website spoofing
honeynet

40. Variation of the SYN flood where SYN packets are spoofed to have the same source and destination IP address and port
cat5
HIDS
packet filter
land attack

41. Collection on honeypots
risk mitigation
honeynet
defense in depth
honeypot

42. An attacker redirects traffic by falsifying the IP address requested by ARP request
DMZ
fraggle
honeynet
ARP poisoning

43. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
IP spoofing
tcp/ip hijacking
network
packet filter

44. Cable designed for transmission at higher speeds (100Mbps - 2Gbps) and longer distances (2km) - expensive -eliminates signal tapping
fiber optic
DoS attacks
10Base5
application

45. Bastion host - dual homed firewall - multi homed firewall - screened host - screened subnet
screened host
DMZ
firewall architectures
repeater

46. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x
false positive
IP spoofing
private
honeypot

47. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________
DoS attacks
NIDS
protocol
DMZ

48. A flaw in TCP/IP to verify that a packet really comes from the addess indicated in the IP header leads to this attack
dual homed
port
IP spoofing
session hijacking

49. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication
content filter
informed
null session
router

50. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
IP spoofing
active
allow by default
defense in depth