Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






2. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






3. Attaches itself to existing program files and activated when the exe is launched






4. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






5. Bits of code embedded in programs to quickly gain access at a later time






6. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






7. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


8. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






9. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






10. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






11. Going around with equipment to detect wireless networks






12. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






13. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






14. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






15. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






16. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






17. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






18. Infects MBR - no network spreading potential






19. True positive - false positive - true negative - false negative






20. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






21. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






22. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






23. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






24. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






25. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






26. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






27. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






28. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






29. The practice of sending an ACK inside another packet going to the same destination






30. Considered to be a perimeter device






31. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






32. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






33. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






34. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






35. Network scanner.






36. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






37. The Practice of sending an ACK inside another packet going to the same destination






38. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






39. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






40. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






41. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






42. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






43. fast - with little fidelity - examines header information and limited payload data






44. Provides insight into the tactics - motives - and attacker tools






45. Relies on executable code insertion and user interaction to spread






46. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






47. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






48. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






49. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






50. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction