Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Personal area network - phone tethering - bluetooth - etc






2. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






3. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






4. 53 bytes - 48 bytes for data - 5 bytes for the header






5. Confidentiality - integrity - availability






6. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






7. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






8. Confidentiality - symmetric encryption






9. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






10. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






11. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






12. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






13. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






14. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






15. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






16. The practice of sending an ACK inside another packet going to the same destination






17. Provides insight into the tactics - motives - and attacker tools






18. OSI






19. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






20. Confidentiality - integrity - availability






21. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






22. Attaches itself to existing program files and activated when the exe is launched






23. Stateful firewalls maintain state of traffic flows






24. Known - unknown - zero day






25. Protected at rest - protected in transit - secure the key






26. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






27. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






28. True positive - false positive - true negative - false negative






29. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






30. Trying to ID modems in a telephone exchange that may be susceptible to compromise






31. Syn - Syn/Ack - Ack






32. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






33. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






34. fast - with little fidelity - examines header information and limited payload data






35. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






36. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






37. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






38. Intellectual property - business goals - validated data - historical






39. The Practice of sending an ACK inside another packet going to the same destination






40. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






41. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






42. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






43. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






44. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






45. Relies on executable code insertion and user interaction to spread






46. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






47. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






48. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






49. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






50. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script