Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






2. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






3. It handles the establishment and maintenance of connections between systems






4. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






5. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






6. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






7. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






8. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






9. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






10. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






11. Connects many WANs - MANs - and LANs - provided via ISP






12. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






13. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






14. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






15. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






16. Protected at rest - protected in transit - secure the key






17. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






18. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






19. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






20. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






21. Relies on executable code insertion and user interaction to spread






22. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






23. Unencrypted message in its original form






24. Simple attack done by simply browsing available information that's allowed on a local network.






25. The practice of sending an ACK inside another packet going to the same destination






26. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






27. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






28. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






29. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






30. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






31. It makes sure the data sent from one side to the other is in a format useful to the other side






32. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






33. An attempt to gain access by bombarding it with guesses until the password is found.






34. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






35. True positive - false positive - true negative - false negative






36. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






37. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






38. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






39. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






40. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






41. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






42. Confidentiality - symmetric encryption






43. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






44. Considered to be a perimeter device






45. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






46. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






47. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






48. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






49. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






50. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.