Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






2. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






3. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






4. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






5. fast - with little fidelity - examines header information and limited payload data






6. It interacts with the application layer to determine which network services will be required






7. Full open - half open (stealth scan) - UDP - Ping






8. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






9. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






10. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






11. Malware - insider threat - natural disaster - terrorism - pandemic






12. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






13. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






14. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






15. Personal area network - phone tethering - bluetooth - etc






16. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






17. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






18. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






19. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware


20. Confidentiality - integrity - availability






21. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






22. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






23. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






24. Provides insight into the tactics - motives - and attacker tools






25. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






26. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






27. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






28. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






29. logic bomb - trojan horse - trap door






30. Unified data carrying service - replacing from replay and ATM






31. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






32. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






33. Attaches itself to existing program files and activated when the exe is launched






34. Uniform protection - protected enclaves - information centric - threat vector analysis






35. An attempt to gain access by bombarding it with guesses until the password is found.






36. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






37. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






38. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






39. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable


40. destruction of data - leaking confidential information - providing backdoor access






41. Going around with equipment to detect wireless networks






42. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






43. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






44. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






45. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






46. A cracking tool inserted into the OS that allows the attacker to do as they please.






47. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






48. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






49. Message in its encrypted form






50. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application