SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
replay
honeynet
protocol
defense in depth
2. A locked down/hardened host on the public side of the firewall highly exposed to attacks (i.e. web server - email server)
proxy
bastion host
null session
49 -152 - 65 -535
3. Connects devices together to form a subnet - broadcasts incoming packets to all devices
split horizon DNS
IP spoofing
hub
spoofing attacks
4. Capture and analyze network traffic - also known as packet analyzer - sniffer - network analyzer
HIDS
application gateway
protocol analyzer
proxy server
5. IPS response method - terminate process/session - block/reject and redirect network traffic
coaxial
NIDS
cat3
active
6. Most common DMZ implementation using three firewall interfaces (internet - intranet - DMZ)
application gateway
honeynet
application
multiple interface firewall
7. User / registered ports
session hijacking
1024 - 49 -151
switch
teardrop
8. IP spoofing attack where the attacker can only send packets and has to guess about replies
spoofing attacks
1024 - 49 -151
blind
risk mitigation
9. Acts as an organizations internal phone system
PBX (Private Branch Exchange)
NIDS
IP spoofing
firewall architectures
10. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x
promiscuous
49 -152 - 65 -535
HIDS
private
11. Collection on honeypots
DMZ
firewalls
49 -152 - 65 -535
honeynet
12. Man in the middle attack where the content of an intercepted message is altered before it is sent on
hub
blind
active
DoS attacks
13. Ping flooding - ping of death - smurf - fraggle - SYN flood - land - teardrop - email flood
blind
DoS attacks
encrypt session key
49 -152 - 65 -535
14. Man in the middle attack where the attacker captures the traffic and sends it to the original recipient without altering the intercepted data
IP spoofing
smurf
passive
allow by default
15. Known as thinnet - 10mbps - limited to 185 meters
passive
10base2
0 - 1023
layered
16. A sniffer mode used to capture traffic addressed to/from another machine on the network
source - destination - protocol
bastion host
promiscuous
active
17. When a hacker takes over a TCP session between two machines - also known as session hijacking - foiled by the use of encrypted sessions
DNS spoofing
tcp/ip hijacking
NIDS network connections
replay
18. A variation of a smurf attack using UDP
passive
hub
man in the middle and replay
fraggle
19. A pool of public IP addresses is shared by a collection of private IP addresses
website spoofing
dynamic NAT
port
ARP
20. Attack where an attacker intercepts traffic and tricks parties at either end into believing they are communicating with each other
man in the middle
website spoofing
IP spoofing
blind
21. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
passive
man in the middle and replay
dynamic NAT
stateful inspection
22. Level 2 firewall often used to filter web traffic
bastion host
session hijacking
zone transfer
proxy
23. Well known ports - allow administrative access - used for network services - considered only ports allowed to transmit traffic thru a firewall
1024 - 49 -151
store and forward
stateful inspection
0 - 1023
24. A decoy system - intentionally left exposed to attract/distract attackers - logs and monitors attacker activities
store and forward
multiple interface firewall
port
honeypot
25. A logical division of a computer network - in which all nodes can reach each other by broadcast at the data link layer - equivalent to a VLAN
private
null session
broadcast domain
screened subnet
26. A server that sits between an intranet and it's Internet connection - masking all IP addresses
passive
stateful inspection
deny by default
proxy server
27. Network configuration that permits selected outsiders access internal information systems
allow by default
10base2
multiple interface firewall
extranet
28. Cable designed for transmission at higher speeds (100Mbps - 2Gbps) and longer distances (2km) - expensive -eliminates signal tapping
NIDS
man in the middle and replay
fiber optic
null session
29. Malicious insiders - connections that bypass the firewall (i.e. IM) - encrypted traffic/tunneling - social engineering - physical access are missed by ___________
dynamic NAT
0 - 1023
promiscuous
firewalls
30. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache
man in the middle
passive
DNS spoofing
port address translation
31. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
website spoofing
fiber optic
session hijacking
network
32. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination
store and forward
router
session hijacking
null session
33. Cable with copper core - has no physical transmission security and is easy to tap - 10mbps - maximum length 500 meters
null session
promiscuous
false positive
coaxial
34. IP spoofing attack where the attacker can monitor packets and participate in bidirectional communication
teardrop
layered
proxy
informed
35. IDS that relies on the identification of known attack signatures
knowledge based
encrypt session key
protocol analyzer
deny by default
36. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
fiber optic
session hijacking
PBX (Private Branch Exchange)
behavior based
37. Forging an IP address with the address of a trusted host
ping flooding
NIPS
dual homed
IP spoofing
38. A packet filtering firewall works at this layer of the OSI model
network
port address translation
NIDS
split horizon DNS
39. Twisted pair cable with speed capability of 1Gbps
port address translation
cat5
IP spoofing
tcp/ip hijacking
40. Examines content passing through and makes a decision on the data based on a set of criteria - normal uses email filtering and web browsing
knowledge based
content filter
router
multi homed
41. Two authoritative sources for your domain namespace with differing contents depending on whether the query is internal or external
split horizon DNS
deny by default
IP spoofing
IP spoofing
42. Blocks all traffic from passing through the firewall except for traffic that is explicitly allowed - also known as restrictive access - best practice
man in the middle and replay
SYN flood
deny by default
HIDS
43. Firewall with two NICs - one internal and one external facing - NAT is often used with this firewall
land attack
dual homed
informed
ARP poisoning
44. Examines a entire packet and determines action based on a complex set of rules
private
DoS attacks
store and forward
application gateway
45. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
packet filter
port address translation
broadcast domain
false positive
46. Allows all traffic except traffic that is specifically denied - also known as permissive access
allow by default
active
0 - 1023
blind
47. An attack where an attacker captures sensitive information and sends it again later in an attempt to replicate the transaction
smurf
encrypt session key
replay
proxy server
48. Monitors network traffic to identify possible attacks
passive
network
passive
NIDS
49. Evolved from IDS - monitors network traffic - detects and responds to attack on network
spoofing
NIPS
proxy
honeynet
50. Unauthenticated connections - creating the potential for a successful connection as an anonymous user
layered
behavior based
private
null session