SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Promiscuous NIC to sniff passing traffic - admin NIC to send alerts to centralized management system
fraggle
tcp/ip hijacking
source - destination - protocol
NIDS network connections
2. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
behavior based
spoofing attacks
store and forward
bastion host
3. Cable used most in networks - maximum speed 1Gbps - maximum length 100 meters - susceptible to tap
honeypot
HIDS
twisted pair
active
4. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion
protocol analyzer
switch
stateful inspection
teardrop
5. Amplifies the signal of incoming packets before broadcasting them to the network
smurf
repeater
man in the middle
promiscuous
6. IP spoofing attack where the attacker can only send packets and has to guess about replies
blind
allow by default
layered
zone transfer
7. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x
stateful inspection
private
layered
risk mitigation
8. Unauthenticated Windows session where an attacker can gather list of users - groups - machines - shares - user and host SID
port
private
null session
IP spoofing
9. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
switch
packet filter
ping flooding
PBX (Private Branch Exchange)
10. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
defense in depth
ARP poisoning
promiscuous
informed
11. A level 3 firewall that remembers / tracks network connections - maintains a state table - distinguish which side of a firewall a connection was initiated - higher security
VLAN
multi homed
stateful inspection
switch
12. Blocks all traffic from passing through the firewall except for traffic that is explicitly allowed - also known as restrictive access - best practice
deny by default
router
man in the middle and replay
proxy
13. Seeks to reduce the probability and/or impact of a specific risk below an acceptable threshold
bastion host
firewall architectures
risk mitigation
spoofing attacks
14. An application layer gateway works at this layer of the OSI model
fraggle
0 - 1023
ARP
application
15. A logical connection point allowing computers and software to communicate and exchange data
VLAN
port
coaxial
port address translation
16. Malicious activity not reported or detected
false negative
switch
multiple interface firewall
application gateway
17. One private IP address is mapped to one public IP address
proxy
informed
10Base5
static NAT
18. Two authoritative sources for your domain namespace with differing contents depending on whether the query is internal or external
null session
private
split horizon DNS
screened subnet
19. A person or program masquerades as another by presenting false information to gain an illegitimate advantage
VLAN
spoofing
repeater
SYN flood
20. A logical division of a computer network - in which all nodes can reach each other by broadcast at the data link layer - equivalent to a VLAN
promiscuous
IP spoofing
session hijacking
broadcast domain
21. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall
protocol
0 - 1023
extranet
SYN flood
22. A pool of public IP addresses is shared by a collection of private IP addresses
website spoofing
proxy server
subnet
dynamic NAT
23. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection
stateful inspection
NIPS
extranet
DNS spoofing
24. Attempt to block service or reduce activity by overloading the victim machine with ping requests
allow by default
ping flooding
firewalls
coaxial
25. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
false negative
ping of death
store and forward
website spoofing
26. Twisted pair cable with speed capability of 1Gbps
cat5
static NAT
port address translation
teardrop
27. Acts as an organizations internal phone system
PBX (Private Branch Exchange)
firewalls
null session
false negative
28. When a hacker takes over a TCP session between two machines - also known as session hijacking - foiled by the use of encrypted sessions
IP spoofing
HIDS
layered
tcp/ip hijacking
29. A server that sits between an intranet and it's Internet connection - masking all IP addresses
proxy server
HIDS
router
defense in depth
30. IDS response method using logging and notification
replay
router
proxy
passive
31. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive
NIDS
firewalls
router
risk mitigation
32. A sniffer mode used to capture traffic addressed to/from another machine on the network
promiscuous
fraggle
NIPS
NIDS
33. One process on every system - use local system resources - detect attacks that NIDS misses - examine data after decrypted - can be OS specific - more expensive
HIDS
port
teardrop
land attack
34. Firewall that intercepts and inspects messages before delivering them - placed between trusted and untrusted networks - degrade network traffic - also know as application gateway
VLAN
broadcast domain
proxy
null session
35. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
man in the middle and replay
spoofing
passive
firewalls
36. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination
store and forward
stateful inspection
risk mitigation
DMZ
37. A variation of a smurf attack using UDP
hub
fraggle
stateful inspection
active
38. Session hijacking countermeasure
DoS attacks
encrypt session key
honeynet
active
39. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet
ARP poisoning
protocol
encrypt session key
layered
40. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system
dual homed
IP spoofing
informed
protocol
41. A packet filtering firewall works at this layer of the OSI model
zone transfer
port address translation
source - destination - protocol
network
42. Capture and analyze network traffic - also known as packet analyzer - sniffer - network analyzer
null session
switch
protocol analyzer
fraggle
43. A set of rules computers use to communicate with each other across a network
10base2
cat5
tcp/ip hijacking
protocol
44. User / registered ports
multi homed
1024 - 49 -151
behavior based
NIDS
45. Twisted pair cable with speed capability of 10Mbps
DNS spoofing
man in the middle and replay
cat3
router
46. A flaw in TCP/IP to verify that a packet really comes from the addess indicated in the IP header leads to this attack
switch
subnet
dual homed
IP spoofing
47. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache
NIDS
extranet
NIPS
DNS spoofing
48. Cable with copper core - has no physical transmission security and is easy to tap - 10mbps - maximum length 500 meters
bastion host
IP spoofing
coaxial
screened host
49. Crashing a computer by sending oversized packets (over 64 bytes) that it doesn't know how to handle
subnet
private
10Base5
ping of death
50. Used to pass data from one VLAN to another
deny by default
HIDS
hub
router
