Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






2. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






3. Confidentiality - symmetric encryption






4. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






5. Protected at rest - protected in transit - secure the key






6. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






7. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






8. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






9. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






10. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






11. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






12. Confidentiality - integrity - availability






13. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






14. Provides insight into the tactics - motives - and attacker tools






15. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






16. Connects many WANs - MANs - and LANs - provided via ISP






17. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






18. Full open - half open (stealth scan) - UDP - Ping






19. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






20. FIN 130 - ACK 131 - FIN 570 - ACK 571






21. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






22. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






23. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






24. Personal area network - phone tethering - bluetooth - etc






25. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






26. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






27. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






28. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






29. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






30. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






31. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


32. The Practice of sending an ACK inside another packet going to the same destination






33. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






34. Considered to be a perimeter device






35. It interacts with the application layer to determine which network services will be required






36. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






37. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






38. It makes sure the data sent from one side to the other is in a format useful to the other side






39. Known - unknown - zero day






40. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






41. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






42. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






43. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






44. Message in its encrypted form






45. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






46. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






47. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






48. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






49. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






50. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed