SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Comptia Security +: Network Security
Start Test
Study First
Subjects
:
certifications
,
comptia-security-+
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A variation of a smurf attack using UDP
fraggle
deny by default
twisted pair
repeater
2. Used by ISPs - single public network IP address is shared among many hosts on a private network - also known as PAT
screened subnet
ARP poisoning
port address translation
dual homed
3. A packet filtering firewall works at this layer of the OSI model
coaxial
spoofing
network
split horizon DNS
4. Connects two or more subnets - determines the best path to forward packets based on packet header and forwarding table information
IP spoofing
ping flooding
router
promiscuous
5. A logical connection point allowing computers and software to communicate and exchange data
spoofing
firewall architectures
port
IP spoofing
6. Head of a packet contains...
coaxial
honeynet
behavior based
source - destination - protocol
7. Malicious activity not reported or detected
hub
smurf
false negative
proxy server
8. Take control of a session between a server and client - the users gets kicked off the session while the attacker inserts himself into the session by sending a reset request to the client
private
NIDS
session hijacking
man in the middle
9. Promiscuous NIC to sniff passing traffic - admin NIC to send alerts to centralized management system
extranet
application gateway
NIDS network connections
packet filter
10. Attempt to block service or reduce activity by overloading the victim machine with ping requests
repeater
multi homed
null session
ping flooding
11. Firewall that communicates directly with a perimeter router and the internal network - 2 NICs - screens internal traffic
active
screened host
null session
zone transfer
12. Attack where an attacker intercepts traffic and tricks parties at either end into believing they are communicating with each other
10Base5
firewalls
NIDS network connections
man in the middle
13. A method - used by switches and email servers - of delivering messages which are temporarily held by an intermediary before being sent to their final destination
zone transfer
tcp/ip hijacking
store and forward
screened host
14. Web servers - FTP servers - DNS servers - mail servers should be located on the _____________
49 -152 - 65 -535
passive
fraggle
DMZ
15. One private IP address is mapped to one public IP address
protocol analyzer
static NAT
private
man in the middle and replay
16. A complete transfer of all DNS zone information from one server to another
PBX (Private Branch Exchange)
proxy
application gateway
zone transfer
17. Known as thinnet - 10mbps - limited to 185 meters
10base2
static NAT
informed
IP spoofing
18. Collection on honeypots
honeynet
proxy
firewalls
spoofing
19. A firewall that checks all layers of a packet including content - verifying an expected response to a current communication session - also call a deep packet inspection
DoS attacks
spoofing
blind
stateful inspection
20. Bastion host - dual homed firewall - multi homed firewall - screened host - screened subnet
firewall architectures
twisted pair
spoofing
proxy
21. IDS that relies on usage patterns and baseline operation - can ID new vulnerability - high rate of false alarms
behavior based
proxy server
risk mitigation
switch
22. Bbenign activity reported as malicious
ping of death
fiber optic
false positive
split horizon DNS
23. A DoS attack that subverts the normal "three way handshake" of TCP/IP by sending SYN packets - but no corresponding ACK packets
tcp/ip hijacking
multiple interface firewall
SYN flood
subnet
24. Session hijacking countermeasure
encrypt session key
repeater
null session
replay
25. Unauthenticated connections - creating the potential for a successful connection as an anonymous user
VLAN
informed
promiscuous
null session
26. IP spoofing attack where the attacker can only send packets and has to guess about replies
NIDS
49 -152 - 65 -535
blind
honeynet
27. Allows all traffic except traffic that is specifically denied - also known as permissive access
PBX (Private Branch Exchange)
allow by default
proxy server
cat3
28. A group of hosts on logical network segment that communicate as if they were attached to the same broadcast domain - regardless of their physical location
VLAN
store and forward
HIDS
packet filter
29. Firewall with two NICs - one internal and one external facing - NAT is often used with this firewall
man in the middle and replay
dual homed
ARP poisoning
risk mitigation
30. A set of rules computers use to communicate with each other across a network
dual homed
spoofing attacks
store and forward
protocol
31. A logical group of computers connected via a switch/hub that share the same network prefix in their IP address
smurf
fiber optic
NIDS
subnet
32. A pool of public IP addresses is shared by a collection of private IP addresses
dynamic NAT
repeater
IP spoofing
null session
33. A level 3 firewall that remembers / tracks network connections - maintains a state table - distinguish which side of a firewall a connection was initiated - higher security
stateful inspection
hub
fiber optic
0 - 1023
34. Acts as an organizations internal phone system
PBX (Private Branch Exchange)
HIDS
hub
store and forward
35. One process on every system - use local system resources - detect attacks that NIDS misses - examine data after decrypted - can be OS specific - more expensive
HIDS
null session
active
SYN flood
36. An attacker redirects valid request to malicious sites by feeding a DNS server altered records which are retained in its cache
DNS spoofing
port
HIDS
IP spoofing
37. Creating a illegitimate website with the intention of convincing victims that they are visiting a legitimate site - typically to collect confidential information
repeater
passive
website spoofing
screened subnet
38. Twisted pair cable with speed capability of 1Gbps
cat5
ARP
encrypt session key
smurf
39. Connects devices together to form a subnet - broadcasts incoming packets to all devices
fraggle
application gateway
man in the middle
hub
40. Packets with a forged source IP address - purpose to conceal the identity of the sender or impersonate another computing system
SYN flood
VLAN
teardrop
IP spoofing
41. Dynamic / private ports
port address translation
49 -152 - 65 -535
broadcast domain
false positive
42. Firewall with several NICs connected to different networks
PBX (Private Branch Exchange)
multi homed
dual homed
extranet
43. Crashing a computer by sending oversized packets (over 64 bytes) that it doesn't know how to handle
tcp/ip hijacking
switch
DoS attacks
ping of death
44. DMZ implementation using two firewalls with different rule sets for the DMZ and intranet
IP spoofing
DNS spoofing
spoofing attacks
layered
45. Type of IP addresses not routed on the internet: 10.x.x.x - 172.16.x.x - 192.168.x.x
defense in depth
risk mitigation
application gateway
private
46. Forging an IP address with the address of a trusted host
informed
IP spoofing
allow by default
passive
47. Level 2 firewall often used to filter web traffic
cat3
proxy
layered
protocol
48. IDS response method using logging and notification
passive
protocol analyzer
NIDS network connections
ping of death
49. Connects devices together to form a subnet - packet forwarding is based on MAC addresses - works at the data link layer of the OSI
NIDS
switch
DNS spoofing
extranet
50. A person or program masquerades as another by presenting false information to gain an illegitimate advantage
0 - 1023
firewalls
spoofing
active
