SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Blocks all traffic from passing through the firewall except for traffic that is explicitly allowed - also known as restrictive access - best practice
dual homed
ARP
protocol
deny by default
2. Examines content passing through and makes a decision on the data based on a set of criteria - normal uses email filtering and web browsing
protocol
content filter
DoS attacks
informed
3. Dynamic / private ports
null session
behavior based
49 -152 - 65 -535
smurf
4. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
zone transfer
proxy
defense in depth
packet filter
5. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client
proxy server
session hijacking
proxy
behavior based
6. A flaw in TCP/IP to verify that a packet really comes from the addess indicated in the IP header leads to this attack
router
NIPS
knowledge based
IP spoofing
7. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities
honeypot
IP spoofing
NIDS
multi homed
8. Twisted pair cable with speed capability of 10Mbps
port address translation
behavior based
cat3
false positive
9. Firewall with two NICs - one internal and one external facing - NAT is often used with this firewall
HIDS
dual homed
stateful inspection
land attack
10. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address
NAT
informed
extranet
SYN flood
11. An attack where an attacker captures sensitive information and sends it again later in an attempt to replicate the transaction
HIDS
layered
active
replay
12. Unauthenticated connections - creating the potential for a successful connection as an anonymous user
ARP poisoning
null session
allow by default
DNS spoofing
13. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication
hub
informed
knowledge based
deny by default
14. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)
replay
switch
coaxial
multiple interface firewall
15. Seeks to reduce the probability and/or impact of a specific risk below an acceptable threshold
fiber optic
proxy
IP spoofing
risk mitigation
16. When a hacker takes over a TCP session between two machines - also known as session hijacking - foiled by the use of encrypted sessions
DoS attacks
proxy server
tcp/ip hijacking
stateful inspection
17. Packet filtering - proxies - stateful inspection
stateful inspection
firewalls
proxy
false positive
18. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system
switch
bastion host
behavior based
IP spoofing
19. Firewall with several NICs connected to different networks
multi homed
cat5
10base2
repeater
20. Level 2 firewall often used to filter web traffic
IP spoofing
proxy
session hijacking
website spoofing
21. Protocol used to map an known IP address to its corresponding media access control (MAC) address
man in the middle and replay
ARP
NIPS
10base2
22. Examines a entire packet and determines action based on a complex set of rules
application gateway
null session
VLAN
private
23. Known as thicknet - 10mbps - limited to 500 meters
land attack
10Base5
honeypot
firewall architectures
24. Collection on honeypots
honeynet
man in the middle and replay
ping flooding
router
25. Ping flooding - ping of death - smurf - fraggle - SYN flood - land - teardrop - email flood
deny by default
DoS attacks
proxy
passive
26. Man in the middle attack where the attacker captures the traffic and sends it to the original recipient without altering the intercepted data
passive
network
replay
firewalls
27. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection
broadcast domain
stateful inspection
honeypot
man in the middle
28. A logical group of computers connected via a switch/hub that share the same network prefix in their IP address
man in the middle
null session
risk mitigation
subnet
29. Connects devices together to form a subnet - broadcasts incoming packets to all devices
hub
zone transfer
allow by default
smurf
30. Malicious insiders - connections that bypass the firewall (i.e. IM) - encrypted traffic/tunneling - social engineering - physical access are missed by ___________
passive
twisted pair
firewalls
screened host
31. One private IP address is mapped to one public IP address
website spoofing
SYN flood
application gateway
static NAT
32. IP spoofing attack where the attacker can only send packets and has to guess about replies
spoofing attacks
blind
application gateway
1024 - 49 -151
33. Crashing a computer by sending oversized packets (over 64 bytes) that it doesn't know how to handle
NAT
fiber optic
stateful inspection
ping of death
34. A pool of public IP addresses is shared by a collection of private IP addresses
dynamic NAT
repeater
website spoofing
NIDS
35. A person or program masquerades as another by presenting false information to gain an illegitimate advantage
zone transfer
stateful inspection
proxy
spoofing
36. Twisted pair cable with speed capability of 1Gbps
cat5
broadcast domain
extranet
proxy
37. Known as thinnet - 10mbps - limited to 185 meters
10base2
zone transfer
packet filter
port
38. One process on every system - use local system resources - detect attacks that NIDS misses - examine data after decrypted - can be OS specific - more expensive
content filter
twisted pair
dual homed
HIDS
39. Connects devices together to form a subnet - packet forwarding is based on MAC addresses - works at the data link layer of the OSI
switch
router
false negative
active
40. A set of rules computers use to communicate with each other across a network
multiple interface firewall
store and forward
informed
protocol
41. Promiscuous NIC to sniff passing traffic - admin NIC to send alerts to centralized management system
router
NIDS network connections
proxy
null session
42. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x
blind
private
ARP
stateful inspection
43. A level 3 firewall that remembers / tracks network connections - maintains a state table - distinguish which side of a firewall a connection was initiated - higher security
twisted pair
passive
IP spoofing
stateful inspection
44. A variation of a smurf attack using UDP
fraggle
passive
PBX (Private Branch Exchange)
teardrop
45. Head of a packet contains...
protocol analyzer
source - destination - protocol
multi homed
stateful inspection
46. Monitors network traffic to identify possible attacks
encrypt session key
stateful inspection
screened host
NIDS
47. A complete transfer of all DNS zone information from one server to another
protocol
ARP
SYN flood
zone transfer
48. Attack where an attacker intercepts traffic and tricks parties at either end into believing they are communicating with each other
allow by default
extranet
man in the middle
10Base5
49. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
proxy
10base2
extranet
packet filter
50. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall
HIDS
proxy
0 - 1023
store and forward