Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






2. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






3. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






4. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






5. Intrusion detection system - it reports attacks against monitored systems/networks






6. FIN 130 - ACK 131 - FIN 570 - ACK 571






7. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


8. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






9. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






10. Simple attack done by simply browsing available information that's allowed on a local network.






11. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






12. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






13. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






14. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






15. destruction of data - leaking confidential information - providing backdoor access






16. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






17. Full open - half open (stealth scan) - UDP - Ping






18. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






19. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






20. Bits of code embedded in programs to quickly gain access at a later time






21. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






22. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






23. logic bomb - trojan horse - trap door






24. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






25. Going around with equipment to detect wireless networks






26. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


27. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






28. Known - unknown - zero day






29. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






30. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






31. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






32. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






33. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






34. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






35. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






36. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






37. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






38. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






39. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






40. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






41. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






42. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






43. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






44. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






45. Syn - Syn/Ack - Ack






46. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






47. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






48. Unified data carrying service - replacing from replay and ATM






49. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






50. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer