SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When a hacker takes over a TCP session between two machines - also known as session hijacking - foiled by the use of encrypted sessions
NIPS
false negative
bastion host
tcp/ip hijacking
2. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall
0 - 1023
proxy server
null session
honeypot
3. A flaw in TCP/IP to verify that a packet really comes from the addess indicated in the IP header leads to this attack
ping flooding
IP spoofing
passive
DMZ
4. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
switch
defense in depth
IP spoofing
port
5. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive
static NAT
NIDS
knowledge based
0 - 1023
6. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities
NIPS
IP spoofing
risk mitigation
honeypot
7. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
packet filter
VLAN
proxy
multi homed
8. An attack where an attacker captures sensitive information and sends it again later in an attempt to replicate the transaction
replay
source - destination - protocol
network
session hijacking
9. A sniffer mode used to capture traffic addressed to/from another machine on the network
honeynet
subnet
promiscuous
PBX (Private Branch Exchange)
10. An application layer gateway works at this layer of the OSI model
screened subnet
risk mitigation
encrypt session key
application
11. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
website spoofing
risk mitigation
spoofing attacks
NIDS
12. Allows all traffic except traffic that is specifically denied - also known as permissive access
multi homed
allow by default
switch
network
13. Firewall with several NICs connected to different networks
ping flooding
multi homed
source - destination - protocol
encrypt session key
14. Acts as an organizations internal phone system
PBX (Private Branch Exchange)
application
man in the middle
knowledge based
15. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)
multi homed
NIPS
router
multiple interface firewall
16. Head of a packet contains...
split horizon DNS
protocol
source - destination - protocol
informed
17. IDS response method using logging and notification
cat5
network
split horizon DNS
passive
18. Examines a entire packet and determines action based on a complex set of rules
49 -152 - 65 -535
defense in depth
application gateway
website spoofing
19. Amplifies the signal of incoming packets before broadcasting them to the network
repeater
teardrop
zone transfer
honeynet
20. Cable designed for transmission at higher speeds (100Mbps - 2Gbps) and longer distances (2km) - expensive -eliminates signal tapping
fiber optic
packet filter
multi homed
tcp/ip hijacking
21. A ping message is broadcast to an entire network with a spoofed source IP addess of the victim computer - flooding the victim computer with responses during this attack
switch
smurf
bastion host
teardrop
22. Man in the middle attack where the content of an intercepted message is altered before it is sent on
deny by default
router
active
coaxial
23. A locked down/hardened host on the public side of the firewall highly exposed to attacks (i.e. web server - email server)
0 - 1023
zone transfer
subnet
bastion host
24. Network configuration that permits selected outsiders access internal information systems
application
multiple interface firewall
extranet
active
25. Forging an IP address with the address of a trusted host
multi homed
NIDS
zone transfer
IP spoofing
26. Twisted pair cable with speed capability of 10Mbps
cat3
broadcast domain
blind
multi homed
27. A packet filtering firewall works at this layer of the OSI model
hub
network
man in the middle
teardrop
28. Firewall that communicates directly with a perimeter router and the internal network - 2 NICs - screens internal traffic
twisted pair
stateful inspection
ping flooding
screened host
29. IP - email - website - DNS - and ARP
spoofing attacks
proxy server
application gateway
repeater
30. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
behavior based
ARP
SYN flood
stateful inspection
31. Promiscuous NIC to sniff passing traffic - admin NIC to send alerts to centralized management system
teardrop
dual homed
NIDS network connections
replay
32. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
passive
1024 - 49 -151
router
man in the middle and replay
33. A DoS attack that subverts the normal "three way handshake" of TCP/IP by sending SYN packets - but no corresponding ACK packets
SYN flood
blind
10Base5
spoofing
34. Variation of the SYN flood where SYN packets are spoofed to have the same source and destination IP address and port
session hijacking
passive
firewalls
land attack
35. Two authoritative sources for your domain namespace with differing contents depending on whether the query is internal or external
honeynet
split horizon DNS
repeater
PBX (Private Branch Exchange)
36. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________
network
DMZ
cat3
bastion host
37. Bbenign activity reported as malicious
false positive
behavior based
multiple interface firewall
hub
38. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication
VLAN
HIDS
knowledge based
informed
39. Known as thinnet - 10mbps - limited to 185 meters
10base2
application
DNS spoofing
dual homed
40. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client
proxy
session hijacking
NIDS
ping flooding
41. Capture and analyze network traffic - also known as packet analyzer - sniffer - network analyzer
protocol analyzer
proxy server
NIPS
IP spoofing
42. A set of rules computers use to communicate with each other across a network
subnet
screened subnet
protocol
man in the middle
43. Twisted pair cable with speed capability of 1Gbps
cat5
proxy server
tcp/ip hijacking
application
44. IPS response method - terminate process/session - block/reject and redirect network traffic
packet filter
active
ARP
VLAN
45. An attacker redirects traffic by falsifying the IP address requested by ARP request
ping flooding
application
ARP poisoning
fiber optic
46. Attack where an attacker intercepts traffic and tricks parties at either end into believing they are communicating with each other
port address translation
fiber optic
man in the middle
false negative
47. Used to pass data from one VLAN to another
router
application gateway
split horizon DNS
proxy
48. Used by ISPs - single public network IP address is shared among many hosts on a private network - also known as PAT
port address translation
port
false positive
10Base5
49. Seeks to reduce the probability and/or impact of a specific risk below an acceptable threshold
risk mitigation
dynamic NAT
router
null session
50. IDS that relies on the identification of known attack signatures
ping flooding
passive
passive
knowledge based
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests
