Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






2. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






3. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






4. Going around with equipment to detect wireless networks






5. Personal area network - phone tethering - bluetooth - etc






6. A cracking tool inserted into the OS that allows the attacker to do as they please.






7. One is for talking - one is for implementing






8. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






9. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






10. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






11. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






12. Handles transmissions across the physical media like wires - fiber - etc






13. Considered to be a perimeter device






14. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






15. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






16. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






17. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






18. Trying to ID modems in a telephone exchange that may be susceptible to compromise






19. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






20. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






21. Attaches itself to existing program files and activated when the exe is launched






22. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






23. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






24. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






25. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






26. An attempt to gain access by bombarding it with guesses until the password is found.






27. Protected at rest - protected in transit - secure the key






28. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






29. It handles the establishment and maintenance of connections between systems






30. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






31. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






32. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






33. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






34. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






35. It interacts with the application layer to determine which network services will be required






36. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






37. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






38. Full open - half open (stealth scan) - UDP - Ping






39. Infects MBR - no network spreading potential






40. fast - with little fidelity - examines header information and limited payload data






41. Confidentiality - symmetric encryption






42. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






43. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority






44. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






45. Provides insight into the tactics - motives - and attacker tools






46. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






47. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






48. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






49. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






50. logic bomb - trojan horse - trap door







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests