SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Cable with copper core - has no physical transmission security and is easy to tap - 10mbps - maximum length 500 meters
IP spoofing
coaxial
firewalls
cat3
2. An attack where fragmented UDP packets with odd offset values are sent to the victim - when the OS attempts to rebuild the fragments they overwrite each other and cause confusion
teardrop
store and forward
IP spoofing
repeater
3. Unauthenticated connections - creating the potential for a successful connection as an anonymous user
encrypt session key
proxy
null session
IP spoofing
4. Dynamic / private ports
defense in depth
multiple interface firewall
49 -152 - 65 -535
false negative
5. A ping message is broadcast to an entire network with a spoofed source IP addess of the victim computer - flooding the victim computer with responses during this attack
packet filter
man in the middle
smurf
proxy
6. Malicious activity not reported or detected
false negative
honeypot
network
10Base5
7. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
ARP poisoning
layered
behavior based
dual homed
8. Packet filtering - proxies - stateful inspection
port
firewalls
multi homed
dynamic NAT
9. Twisted pair cable with speed capability of 10Mbps
protocol analyzer
teardrop
dual homed
cat3
10. A complete transfer of all DNS zone information from one server to another
smurf
NIDS network connections
deny by default
zone transfer
11. Capture and analyze network traffic - also known as packet analyzer - sniffer - network analyzer
active
man in the middle and replay
protocol analyzer
proxy server
12. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
proxy server
risk mitigation
blind
website spoofing
13. A sniffer mode used to capture traffic addressed to/from another machine on the network
passive
repeater
promiscuous
VLAN
14. Level 1 firewall that looks at the head of a packet - (not content) - operates rapidly - application independent - either allow or deny packets
ARP poisoning
layered
packet filter
replay
15. IPS response method - terminate process/session - block/reject and redirect network traffic
49 -152 - 65 -535
active
false negative
protocol analyzer
16. A pool of public IP addresses is shared by a collection of private IP addresses
dynamic NAT
informed
protocol
firewalls
17. A level 3 firewall that remembers / tracks network connections - maintains a state table - distinguish which side of a firewall a connection was initiated - higher security
10base2
stateful inspection
dual homed
application gateway
18. One device per network segment - does not use local system resources - can't examine encrypted traffic - OS independent - less expensive
NIDS
HIDS
split horizon DNS
knowledge based
19. A flaw in TCP/IP to verify that a packet really comes from the addess indicated in the IP header leads to this attack
IP spoofing
PBX (Private Branch Exchange)
DoS attacks
knowledge based
20. Network configuration that permits selected outsiders access internal information systems
NIDS network connections
extranet
zone transfer
firewalls
21. A logical connection point allowing computers and software to communicate and exchange data
port
fraggle
content filter
dynamic NAT
22. Cable designed for transmission at higher speeds (100Mbps - 2Gbps) and longer distances (2km) - expensive -eliminates signal tapping
fiber optic
content filter
active
blind
23. Connects two or more subnets - determines the best path to forward packets based on packet header and forwarding table information
proxy
DoS attacks
defense in depth
router
24. A feature of firewalls / routers that disguise the IP address of internal systems allowing connection to the Internet using one public address
screened host
honeynet
smurf
NAT
25. Multiple network defense components are placed throughout the organizations assets and the network is properly segmented
DNS spoofing
IP spoofing
proxy
defense in depth
26. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client
subnet
protocol analyzer
deny by default
session hijacking
27. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system
IP spoofing
subnet
protocol analyzer
extranet
28. Firewall with two NICs - one internal and one external facing - NAT is often used with this firewall
dynamic NAT
dual homed
store and forward
replay
29. A server that sits between an intranet and it's Internet connection - masking all IP addresses
screened subnet
proxy server
NAT
multiple interface firewall
30. Crashing a computer by sending oversized packets (over 64 bytes) that it doesn't know how to handle
firewalls
IP spoofing
ping of death
proxy
31. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet
DMZ
PBX (Private Branch Exchange)
website spoofing
layered
32. Connects devices together to form a subnet - packet forwarding is based on MAC addresses - works at the data link layer of the OSI
store and forward
multiple interface firewall
switch
session hijacking
33. Firewall with several NICs connected to different networks
multi homed
allow by default
10base2
DMZ
34. A set of rules computers use to communicate with each other across a network
ARP poisoning
protocol
10Base5
firewall architectures
35. Ping flooding - ping of death - smurf - fraggle - SYN flood - land - teardrop - email flood
DoS attacks
false negative
port address translation
passive
36. Examines a entire packet and determines action based on a complex set of rules
behavior based
stateful inspection
application gateway
spoofing attacks
37. Forging an IP address with the address of a trusted host
active
ping flooding
knowledge based
IP spoofing
38. A logical group of computers connected via a switch/hub that share the same network prefix in their IP address
cat3
twisted pair
router
subnet
39. Monitors network traffic to identify possible attacks
defense in depth
NIDS
application
IP spoofing
40. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x
private
active
fraggle
router
41. A variation of a smurf attack using UDP
content filter
fraggle
spoofing
NIDS
42. Evolved from IDS - monitors network traffic - detects and responds to attack on network
content filter
honeynet
NIPS
NIDS
43. Protocol used to map an known IP address to its corresponding media access control (MAC) address
ARP
honeynet
IP spoofing
layered
44. A packet filtering firewall works at this layer of the OSI model
DoS attacks
man in the middle
network
ARP poisoning
45. Man in the middle attack where the content of an intercepted message is altered before it is sent on
0 - 1023
packet filter
stateful inspection
active
46. Generate random TCP sequence numbers and encrypt traffic countermeasure what attacks
knowledge based
man in the middle and replay
proxy
defense in depth
47. Variation of the SYN flood where SYN packets are spoofed to have the same source and destination IP address and port
land attack
NIPS
bastion host
NIDS
48. Amplifies the signal of incoming packets before broadcasting them to the network
promiscuous
repeater
49 -152 - 65 -535
spoofing
49. Attempt to block service or reduce activity by overloading the victim machine with ping requests
ping flooding
false positive
stateful inspection
DMZ
50. An application layer gateway works at this layer of the OSI model
cat5
dual homed
SYN flood
application
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests
