Test your basic knowledge |

Comptia Security +: Network Security

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion






2. Packet filtering - proxies - stateful inspection






3. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive






4. A logical division of a computer network - in which all nodes can reach each other by broadcast at the data link layer - equivalent to a VLAN






5. When a hacker takes over a TCP session between two machines - also known as session hijacking - foiled by the use of encrypted sessions






6. Connects devices together to form a subnet - packet forwarding is based on MAC addresses - works at the data link layer of the OSI






7. Allows all traffic except traffic that is specifically denied - also known as permissive access






8. Firewall that communicates directly with a perimeter router and the internal network - 2 NICs - screens internal traffic






9. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms






10. A packet filtering firewall works at this layer of the OSI model






11. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks






12. Man in the middle attack where the content of an intercepted message is altered before it is sent on






13. Blocks all traffic from passing through the firewall except for traffic that is explicitly allowed - also known as restrictive access - best practice






14. An attack where an attacker captures sensitive information and sends it again later in an attempt to replicate the transaction






15. IP spoofing attack where the attacker can only send packets and has to guess about replies






16. Man in the middle attack where the attacker captures the traffic and sends it to the original recipient without altering the intercepted data






17. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________






18. Known as thicknet - 10mbps - limited to 500 meters






19. Amplifies the signal of incoming packets before broadcasting them to the network






20. A person or program masquerades as another by presenting false information to gain an illegitimate advantage






21. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway






22. One private IP address is mapped to one public IP address






23. An application layer gateway works at this layer of the OSI model






24. Attack where an attacker intercepts traffic and tricks parties at either end into believing they are communicating with each other






25. Firewall with two NICs - one internal and one external facing - NAT is often used with this firewall






26. Unauthenticated connections - creating the potential for a successful connection as an anonymous user






27. A variation of a smurf attack using UDP






28. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information






29. IP - email - website - DNS - and ARP






30. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system






31. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall






32. Cable with copper core - has no physical transmission security and is easy to tap - 10mbps - maximum length 500 meters






33. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x






34. One process on every system - use local system resources - detect attacks that NIDS misses - examine data after decrypted - can be OS specific - more expensive






35. Attempt to block service or reduce activity by overloading the victim machine with ping requests






36. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client






37. Crashing a computer by sending oversized packets (over 64 bytes) that it doesn't know how to handle






38. A sniffer mode used to capture traffic addressed to/from another machine on the network






39. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication






40. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet






41. A pool of public IP addresses is shared by a collection of private IP addresses






42. A physical or logical subnetwork that houses systems accessible to a larger untrusted network - usually the Internet - also known as DMZ






43. Known as thinnet - 10mbps - limited to 185 meters






44. Head of a packet contains...






45. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented






46. Twisted pair cable with speed capability of 10Mbps






47. A logical group of computers connected via a switch/hub that share the same network prefix in their IP address






48. A locked down/hardened host on the public side of the firewall highly exposed to attacks (i.e. web server - email server)






49. Two authoritative sources for your domain namespace with differing contents depending on whether the query is internal or external






50. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests