Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






2. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






3. Stateful firewalls maintain state of traffic flows






4. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






5. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






6. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






7. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






8. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






9. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






10. Infects MBR - no network spreading potential






11. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






12. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable


13. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






14. Trying to ID modems in a telephone exchange that may be susceptible to compromise






15. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






16. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






17. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






18. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






19. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






20. Confidentiality - integrity - availability






21. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






22. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






23. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






24. Protected at rest - protected in transit - secure the key






25. Bits of code embedded in programs to quickly gain access at a later time






26. Unified data carrying service - replacing from replay and ATM






27. Relies on executable code insertion and user interaction to spread






28. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






29. fast - with little fidelity - examines header information and limited payload data






30. Considered to be a perimeter device






31. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






32. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






33. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






34. Intrusion detection system - it reports attacks against monitored systems/networks






35. Known - unknown - zero day






36. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






37. True positive - false positive - true negative - false negative






38. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






39. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






40. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






41. Personal area network - phone tethering - bluetooth - etc






42. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






43. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






44. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






45. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






46. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






47. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






48. Intellectual property - business goals - validated data - historical






49. A cracking tool inserted into the OS that allows the attacker to do as they please.






50. Full open - half open (stealth scan) - UDP - Ping