Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






2. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






3. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






4. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






5. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






6. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






7. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






8. Connects many WANs - MANs - and LANs - provided via ISP






9. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






10. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






11. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






12. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






13. Confidentiality - integrity - availability






14. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






15. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






16. Considered to be a perimeter device






17. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






18. Intellectual property - business goals - validated data - historical






19. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






20. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






21. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






22. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






23. Malware - insider threat - natural disaster - terrorism - pandemic






24. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






25. It handles the establishment and maintenance of connections between systems






26. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






27. Handles transmissions across the physical media like wires - fiber - etc






28. logic bomb - trojan horse - trap door






29. A cracking tool inserted into the OS that allows the attacker to do as they please.






30. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






31. Simple attack done by simply browsing available information that's allowed on a local network.






32. Provides insight into the tactics - motives - and attacker tools






33. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






34. Unified data carrying service - replacing from replay and ATM






35. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






36. 53 bytes - 48 bytes for data - 5 bytes for the header






37. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






38. OSI






39. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






40. Confidentiality - symmetric encryption






41. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






42. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






43. True positive - false positive - true negative - false negative






44. One is for talking - one is for implementing






45. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






46. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






47. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






48. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






49. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






50. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code