Test your basic knowledge |

Comptia Security +: Network Security

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Bastion host - dual homed firewall - multi homed firewall - screened host - screened subnet






2. Malicious activity not reported or detected






3. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication






4. An attack where an attacker captures sensitive information and sends it again later in an attempt to replicate the transaction






5. Session hijacking countermeasure






6. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway






7. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)






8. Twisted pair cable with speed capability of 1Gbps






9. Bbenign activity reported as malicious






10. IPS response method - terminate process/session - block/reject and redirect network traffic






11. A complete transfer of all DNS zone information from one server to another






12. Two authoritative sources for your domain namespace with differing contents depending on whether the query is internal or external






13. Crashing a computer by sending oversized packets (over 64 bytes) that it doesn't know how to handle






14. Level 2 firewall often used to filter web traffic






15. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall






16. Twisted pair cable with speed capability of 10Mbps






17. Malicious insiders - connections that bypass the firewall (i.e. IM) - encrypted traffic/tunneling - social engineering - physical access are missed by ___________






18. Known as thinnet - 10mbps - limited to 185 meters






19. A physical or logical subnetwork that houses systems accessible to a larger untrusted network - usually the Internet - also known as DMZ






20. Cable with copper core - has no physical transmission security and is easy to tap - 10mbps - maximum length 500 meters






21. Known as thicknet - 10mbps - limited to 500 meters






22. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x






23. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination






24. Evolved from IDS - monitors network traffic - detects and responds to attack on network






25. Ping flooding - ping of death - smurf - fraggle - SYN flood - land - teardrop - email flood






26. An attacker redirects traffic by falsifying the IP address requested by ARP request






27. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities






28. Variation of the SYN flood where SYN packets are spoofed to have the same source and destination IP address and port






29. A pool of public IP addresses is shared by a collection of private IP addresses






30. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection






31. An application layer gateway works at this layer of the OSI model






32. IP - email - website - DNS - and ARP






33. A variation of a smurf attack using UDP






34. A ping message is broadcast to an entire network with a spoofed source IP addess of the victim computer - flooding the victim computer with responses during this attack






35. IDS response method using logging and notification






36. Unauthenticated connections - creating the potential for a successful connection as an anonymous user






37. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________






38. Unauthenticated Windows session where an attacker can gather list of users - groups - machines - shares - user and host SID






39. Used to pass data from one VLAN to another






40. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information






41. Head of a packet contains...






42. A set of rules computers use to communicate with each other across a network






43. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address






44. A logical connection point allowing computers and software to communicate and exchange data






45. A server that sits between an intranet and it's Internet connection - masking all IP addresses






46. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion






47. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet






48. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive






49. Seeks to reduce the probability and/or impact of a specific risk below an acceptable threshold






50. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache