Test your basic knowledge |

Comptia Security +: Network Security

Subjects : certifications, comptia-security-+, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall
session hijacking
0 - 1023
man in the middle
null session

2. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address
static NAT
twisted pair
land attack
NAT

3. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
false negative
packet filter
repeater
null session

4. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination
ARP poisoning
store and forward
packet filter
defense in depth

5. Monitors network traffic to identify possible attacks
null session
proxy
NIDS
layered

6. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
10base2
ARP
man in the middle and replay
switch

7. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)
multiple interface firewall
passive
DNS spoofing
website spoofing

8. Level 2 firewall often used to filter web traffic
static NAT
split horizon DNS
proxy
passive

9. Head of a packet contains...
port address translation
source - destination - protocol
honeynet
SYN flood

10. User / registered ports
active
spoofing
1024 - 49 -151
repeater

11. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion
allow by default
website spoofing
teardrop
twisted pair

12. A sniffer mode used to capture traffic addressed to/from another machine on the network
network
website spoofing
man in the middle
promiscuous

13. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
stateful inspection
defense in depth
multiple interface firewall
IP spoofing

14. Network configuration that permits selected outsiders access internal information systems
hub
extranet
subnet
port

15. Evolved from IDS - monitors network traffic - detects and responds to attack on network
deny by default
ARP
NIPS
land attack

16. An attacker redirects traffic by falsifying the IP address requested by ARP request
PBX (Private Branch Exchange)
ARP poisoning
store and forward
promiscuous

17. Cable designed for transmission at higher speeds (100Mbps - 2Gbps) and longer distances (2km) - expensive -eliminates signal tapping
fiber optic
firewalls
protocol
honeynet

18. A ping message is broadcast to an entire network with a spoofed source IP addess of the victim computer - flooding the victim computer with responses during this attack
private
static NAT
smurf
IP spoofing

19. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication
screened host
informed
split horizon DNS
NAT

20. Twisted pair cable with speed capability of 1Gbps
cat5
port address translation
zone transfer
fiber optic

21. Known as thinnet - 10mbps - limited to 185 meters
10base2
ping of death
replay
port

22. Collection on honeypots
VLAN
honeynet
allow by default
1024 - 49 -151

23. A server that sits between an intranet and it's Internet connection - masking all IP addresses
switch
spoofing attacks
proxy server
cat3

24. Forging an IP address with the address of a trusted host
NAT
blind
IP spoofing
10base2

25. Connects two or more subnets - determines the best path to forward packets based on packet header and forwarding table information
router
bastion host
zone transfer
application gateway

26. Malicious activity not reported or detected
VLAN
layered
false negative
static NAT

27. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities
honeypot
promiscuous
10Base5
spoofing

28. Connects devices together to form a subnet - broadcasts incoming packets to all devices
false positive
hub
risk mitigation
static NAT

29. An application layer gateway works at this layer of the OSI model
proxy server
protocol
stateful inspection
application

30. Seeks to reduce the probability and/or impact of a specific risk below an acceptable threshold
ping of death
router
teardrop
risk mitigation

31. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
active
IP spoofing
blind
proxy

32. Bbenign activity reported as malicious
protocol
passive
fiber optic
false positive

33. A variation of a smurf attack using UDP
coaxial
tcp/ip hijacking
twisted pair
fraggle

34. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
behavior based
router
hub
packet filter

35. Firewall that communicates directly with a perimeter router and the internal network - 2 NICs - screens internal traffic
cat5
screened host
IP spoofing
active

36. Man in the middle attack where the content of an intercepted message is altered before it is sent on
false positive
active
zone transfer
multi homed

37. Known as thicknet - 10mbps - limited to 500 meters
10Base5
allow by default
DMZ
packet filter

38. IP - email - website - DNS - and ARP
spoofing attacks
ARP
packet filter
teardrop

39. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache
DNS spoofing
content filter
session hijacking
network

40. A packet filtering firewall works at this layer of the OSI model
null session
network
encrypt session key
ping flooding

41. Variation of the SYN flood where SYN packets are spoofed to have the same source and destination IP address and port
blind
land attack
store and forward
passive

42. A locked down/hardened host on the public side of the firewall highly exposed to attacks (i.e. web server - email server)
stateful inspection
bastion host
tcp/ip hijacking
IP spoofing

43. Promiscuous NIC to sniff passing traffic - admin NIC to send alerts to centralized management system
teardrop
website spoofing
NIDS network connections
promiscuous

44. Dynamic / private ports
ping of death
49 -152 - 65 -535
null session
PBX (Private Branch Exchange)

45. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection
twisted pair
stateful inspection
firewall architectures
deny by default

46. Firewall with several NICs connected to different networks
promiscuous
multi homed
active
content filter

47. A person or program masquerades as another by presenting false information to gain an illegitimate advantage
risk mitigation
passive
spoofing
multiple interface firewall

48. Packet filtering - proxies - stateful inspection
honeynet
firewalls
port
NIPS

49. Allows all traffic except traffic that is specifically denied - also known as permissive access
allow by default
DNS spoofing
content filter
knowledge based

50. Bastion host - dual homed firewall - multi homed firewall - screened host - screened subnet
ping flooding
dynamic NAT
firewall architectures
IP spoofing