Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






2. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






3. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






4. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






5. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






6. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






7. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






8. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






9. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






10. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






11. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






12. Provides insight into the tactics - motives - and attacker tools






13. Unencrypted message in its original form






14. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






15. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






16. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






17. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






18. Malware - insider threat - natural disaster - terrorism - pandemic






19. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






20. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






21. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






22. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






23. It interacts with the application layer to determine which network services will be required






24. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






25. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






26. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






27. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






28. Confidentiality - integrity - availability






29. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






30. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






31. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






32. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






33. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






34. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






35. Infects MBR - no network spreading potential






36. Uniform protection - protected enclaves - information centric - threat vector analysis






37. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






38. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






39. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






40. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






41. Trying to ID modems in a telephone exchange that may be susceptible to compromise






42. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






43. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






44. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






45. It makes sure the data sent from one side to the other is in a format useful to the other side






46. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






47. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






48. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






49. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






50. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535