Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






2. Uniform protection - protected enclaves - information centric - threat vector analysis






3. 53 bytes - 48 bytes for data - 5 bytes for the header






4. Infects MBR - no network spreading potential






5. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






6. An attempt to gain access by bombarding it with guesses until the password is found.






7. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






8. logic bomb - trojan horse - trap door






9. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






10. One is for talking - one is for implementing






11. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






12. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






13. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






14. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






15. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






16. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






17. Unencrypted message in its original form






18. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






19. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






20. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






21. It interacts with the application layer to determine which network services will be required






22. A cracking tool inserted into the OS that allows the attacker to do as they please.






23. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






24. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






25. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






26. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






27. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






28. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






29. OSI






30. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






31. Network scanner.






32. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






33. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






34. It makes sure the data sent from one side to the other is in a format useful to the other side






35. Relies on executable code insertion and user interaction to spread






36. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






37. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


38. Stateful firewalls maintain state of traffic flows






39. The practice of sending an ACK inside another packet going to the same destination






40. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






41. Full open - half open (stealth scan) - UDP - Ping






42. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






43. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






44. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






45. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






46. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






47. Syn - Syn/Ack - Ack






48. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






49. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






50. Personal area network - phone tethering - bluetooth - etc