Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






2. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






3. destruction of data - leaking confidential information - providing backdoor access






4. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






5. Confidentiality - integrity - availability






6. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






7. Attaches itself to existing program files and activated when the exe is launched






8. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






9. Confidentiality - integrity - availability






10. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






11. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






12. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






13. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






14. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






15. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






16. Network scanner.






17. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






18. An attempt to gain access by bombarding it with guesses until the password is found.






19. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






20. Provides insight into the tactics - motives - and attacker tools






21. Unencrypted message in its original form






22. The practice of sending an ACK inside another packet going to the same destination






23. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






24. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






25. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






26. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






27. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






28. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






29. Uniform protection - protected enclaves - information centric - threat vector analysis






30. Infects MBR - no network spreading potential






31. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






32. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






33. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






34. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






35. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






36. OSI






37. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






38. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






39. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






40. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






41. True positive - false positive - true negative - false negative






42. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






43. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






44. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


45. Stateful firewalls maintain state of traffic flows






46. It makes sure the data sent from one side to the other is in a format useful to the other side






47. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






48. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






49. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






50. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183