Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






2. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






3. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






4. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






5. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






6. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






7. A cracking tool inserted into the OS that allows the attacker to do as they please.






8. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






9. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


10. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






11. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






12. Intellectual property - business goals - validated data - historical






13. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






14. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






15. Going around with equipment to detect wireless networks






16. Syn - Syn/Ack - Ack






17. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






18. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






19. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






20. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






21. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






22. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






23. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






24. Confidentiality - integrity - availability






25. One is for talking - one is for implementing






26. destruction of data - leaking confidential information - providing backdoor access






27. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






28. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






29. Stateful firewalls maintain state of traffic flows






30. 53 bytes - 48 bytes for data - 5 bytes for the header






31. True positive - false positive - true negative - false negative






32. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






33. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






34. The practice of sending an ACK inside another packet going to the same destination






35. Considered to be a perimeter device






36. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






37. fast - with little fidelity - examines header information and limited payload data






38. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






39. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






40. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






41. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






42. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






43. Bits of code embedded in programs to quickly gain access at a later time






44. FIN 130 - ACK 131 - FIN 570 - ACK 571






45. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






46. Relies on executable code insertion and user interaction to spread






47. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






48. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






49. Connects many WANs - MANs - and LANs - provided via ISP






50. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment