SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system
IP spoofing
0 - 1023
passive
null session
2. Variation of the SYN flood where SYN packets are spoofed to have the same source and destination IP address and port
broadcast domain
land attack
teardrop
zone transfer
3. Attempt to block service or reduce activity by overloading the victim machine with ping requests
ping flooding
VLAN
zone transfer
network
4. A level 3 firewall that remembers / tracks network connections - maintains a state table - distinguish which side of a firewall a connection was initiated - higher security
proxy
passive
man in the middle and replay
stateful inspection
5. Known as thicknet - 10mbps - limited to 500 meters
10Base5
IP spoofing
null session
IP spoofing
6. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet
layered
allow by default
stateful inspection
cat3
7. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client
session hijacking
repeater
defense in depth
multi homed
8. Amplifies the signal of incoming packets before broadcasting them to the network
website spoofing
ping of death
NIPS
repeater
9. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive
subnet
NIDS
active
honeynet
10. IP spoofing attack where the attacker can only send packets and has to guess about replies
blind
honeynet
protocol analyzer
smurf
11. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address
NAT
DoS attacks
static NAT
49 -152 - 65 -535
12. Acts as an organizations internal phone system
firewalls
twisted pair
screened host
PBX (Private Branch Exchange)
13. Dynamic / private ports
application
multi homed
49 -152 - 65 -535
DoS attacks
14. Evolved from IDS - monitors network traffic - detects and responds to attack on network
allow by default
honeynet
NIPS
HIDS
15. Twisted pair cable with speed capability of 10Mbps
ping flooding
false negative
man in the middle and replay
cat3
16. Twisted pair cable with speed capability of 1Gbps
active
allow by default
cat5
spoofing
17. Unauthenticated Windows session where an attacker can gather list of users - groups - machines - shares - user and host SID
null session
fraggle
split horizon DNS
packet filter
18. Protocol used to map an known IP address to its corresponding media access control (MAC) address
DNS spoofing
static NAT
ARP
blind
19. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination
null session
10Base5
defense in depth
store and forward
20. An application layer gateway works at this layer of the OSI model
teardrop
cat3
honeynet
application
21. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
switch
VLAN
deny by default
defense in depth
22. Man in the middle attack where the attacker captures the traffic and sends it to the original recipient without altering the intercepted data
passive
NIDS
multi homed
repeater
23. User / registered ports
IP spoofing
screened subnet
1024 - 49 -151
layered
24. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________
stateful inspection
DMZ
session hijacking
promiscuous
25. Packet filtering - proxies - stateful inspection
firewalls
49 -152 - 65 -535
fiber optic
ping flooding
26. Cable designed for transmission at higher speeds (100Mbps - 2Gbps) and longer distances (2km) - expensive -eliminates signal tapping
network
fiber optic
port
IP spoofing
27. Malicious insiders - connections that bypass the firewall (i.e. IM) - encrypted traffic/tunneling - social engineering - physical access are missed by ___________
firewalls
HIDS
subnet
IP spoofing
28. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
man in the middle
source - destination - protocol
spoofing attacks
packet filter
29. A pool of public IP addresses is shared by a collection of private IP addresses
proxy server
passive
1024 - 49 -151
dynamic NAT
30. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
promiscuous
49 -152 - 65 -535
proxy
multiple interface firewall
31. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
behavior based
spoofing attacks
fiber optic
content filter
32. Capture and analyze network traffic - also known as packet analyzer - sniffer - network analyzer
protocol analyzer
coaxial
fiber optic
49 -152 - 65 -535
33. Bastion host - dual homed firewall - multi homed firewall - screened host - screened subnet
session hijacking
firewall architectures
promiscuous
port address translation
34. A person or program masquerades as another by presenting false information to gain an illegitimate advantage
1024 - 49 -151
blind
broadcast domain
spoofing
35. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall
session hijacking
application gateway
0 - 1023
bastion host
36. A sniffer mode used to capture traffic addressed to/from another machine on the network
false positive
informed
static NAT
promiscuous
37. Connects devices together to form a subnet - packet forwarding is based on MAC addresses - works at the data link layer of the OSI
network
proxy
switch
source - destination - protocol
38. IP - email - website - DNS - and ARP
dynamic NAT
allow by default
website spoofing
spoofing attacks
39. Bbenign activity reported as malicious
source - destination - protocol
active
NIDS network connections
false positive
40. An attacker redirects traffic by falsifying the IP address requested by ARP request
private
IP spoofing
IP spoofing
ARP poisoning
41. IPS response method - terminate process/session - block/reject and redirect network traffic
active
hub
10base2
honeynet
42. IDS response method using logging and notification
passive
packet filter
firewall architectures
active
43. Examines content passing through and makes a decision on the data based on a set of criteria - normal uses email filtering and web browsing
firewalls
DMZ
content filter
blind
44. Promiscuous NIC to sniff passing traffic - admin NIC to send alerts to centralized management system
defense in depth
NIDS network connections
active
fraggle
45. A server that sits between an intranet and it's Internet connection - masking all IP addresses
10base2
ping of death
proxy server
website spoofing
46. Attack where an attacker intercepts traffic and tricks parties at either end into believing they are communicating with each other
man in the middle
subnet
hub
layered
47. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
website spoofing
passive
layered
active
48. Session hijacking countermeasure
router
IP spoofing
encrypt session key
proxy
49. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)
multiple interface firewall
NIDS
allow by default
twisted pair
50. Firewall that communicates directly with a perimeter router and the internal network - 2 NICs - screens internal traffic
screened host
multiple interface firewall
blind
IP spoofing