Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






2. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






3. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






4. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






5. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






6. Intrusion detection system - it reports attacks against monitored systems/networks






7. Simple attack done by simply browsing available information that's allowed on a local network.






8. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






9. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






10. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






11. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






12. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






13. Confidentiality - symmetric encryption






14. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






15. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






16. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






17. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






18. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






19. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






20. Trying to ID modems in a telephone exchange that may be susceptible to compromise






21. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






22. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






23. destruction of data - leaking confidential information - providing backdoor access






24. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






25. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






26. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






27. Syn - Syn/Ack - Ack






28. Unencrypted message in its original form






29. logic bomb - trojan horse - trap door






30. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






31. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






32. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






33. Relies on executable code insertion and user interaction to spread






34. Malware - insider threat - natural disaster - terrorism - pandemic






35. Network scanner.






36. Bits of code embedded in programs to quickly gain access at a later time






37. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






38. One is for talking - one is for implementing






39. Provides insight into the tactics - motives - and attacker tools






40. Stateful firewalls maintain state of traffic flows






41. Message in its encrypted form






42. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






43. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






44. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






45. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






46. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






47. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






48. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






49. An attempt to gain access by bombarding it with guesses until the password is found.






50. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






Can you answer 50 questions in 15 minutes?



Let me suggest you:

Browse all subjects

Browse all tests

Most popular tests



Major Subjects

Tests & Exams


AP
CLEP
DSST
GRE
SAT
GMAT

Browse all subjects

Browse all tests

Most popular tests