Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






2. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






3. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






4. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






5. It interacts with the application layer to determine which network services will be required






6. Unencrypted message in its original form






7. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






8. logic bomb - trojan horse - trap door






9. Malware - insider threat - natural disaster - terrorism - pandemic






10. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






11. Bits of code embedded in programs to quickly gain access at a later time






12. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






13. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






14. Handles transmissions across the physical media like wires - fiber - etc






15. Considered to be a perimeter device






16. Protected at rest - protected in transit - secure the key






17. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






18. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






19. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






20. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






21. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






22. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






23. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






24. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






25. Stateful firewalls maintain state of traffic flows






26. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






27. FIN 130 - ACK 131 - FIN 570 - ACK 571






28. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






29. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






30. Personal area network - phone tethering - bluetooth - etc






31. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






32. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






33. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






34. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






35. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






36. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






37. Relies on executable code insertion and user interaction to spread






38. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






39. Provides insight into the tactics - motives - and attacker tools






40. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






41. An attempt to gain access by bombarding it with guesses until the password is found.






42. Intellectual property - business goals - validated data - historical






43. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






44. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






45. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






46. Message in its encrypted form






47. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






48. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






49. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






50. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire