Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






2. Syn - Syn/Ack - Ack






3. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






4. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






5. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






6. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






7. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






8. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






9. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






10. Known - unknown - zero day






11. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






12. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






13. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






14. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






15. Personal area network - phone tethering - bluetooth - etc






16. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






17. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






18. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






19. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






20. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






21. OSI






22. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






23. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






24. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






25. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






26. Confidentiality - integrity - availability






27. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






28. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






29. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






30. Full open - half open (stealth scan) - UDP - Ping






31. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






32. Connects many WANs - MANs - and LANs - provided via ISP






33. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






34. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






35. Protected at rest - protected in transit - secure the key






36. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






37. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






38. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






39. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






40. fast - with little fidelity - examines header information and limited payload data






41. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






42. 53 bytes - 48 bytes for data - 5 bytes for the header






43. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






44. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






45. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






46. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






47. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






48. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






49. Bits of code embedded in programs to quickly gain access at a later time






50. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce







Sorry!:) No result found.

Can you answer 50 questions in 15 minutes?


Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests