Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






2. Bits of code embedded in programs to quickly gain access at a later time






3. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






4. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






5. Simple attack done by simply browsing available information that's allowed on a local network.






6. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






7. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






8. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






9. It makes sure the data sent from one side to the other is in a format useful to the other side






10. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






11. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






12. OSI






13. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






14. FIN 130 - ACK 131 - FIN 570 - ACK 571






15. Relies on executable code insertion and user interaction to spread






16. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






17. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






18. Infects MBR - no network spreading potential






19. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






20. A cracking tool inserted into the OS that allows the attacker to do as they please.






21. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






22. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






23. Intellectual property - business goals - validated data - historical






24. Considered to be a perimeter device






25. Syn - Syn/Ack - Ack






26. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






27. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






28. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






29. Connects many WANs - MANs - and LANs - provided via ISP






30. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority






31. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






32. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






33. The Practice of sending an ACK inside another packet going to the same destination






34. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






35. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






36. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






37. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






38. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






39. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






40. Known - unknown - zero day






41. Malware - insider threat - natural disaster - terrorism - pandemic






42. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






43. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






44. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


45. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






46. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






47. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






48. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






49. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






50. Handles the network address scheme and connectivity of multiple network segments. It handles communication.