Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






2. It makes sure the data sent from one side to the other is in a format useful to the other side






3. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






4. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






5. Provides insight into the tactics - motives - and attacker tools






6. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






7. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






8. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






9. Handles transmissions across the physical media like wires - fiber - etc






10. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






11. Protected at rest - protected in transit - secure the key






12. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






13. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






14. Confidentiality - symmetric encryption






15. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






16. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


17. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






18. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






19. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


20. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






21. fast - with little fidelity - examines header information and limited payload data






22. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






23. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






24. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






25. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






26. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






27. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






28. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






29. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






30. logic bomb - trojan horse - trap door






31. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






32. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






33. The Practice of sending an ACK inside another packet going to the same destination






34. Going around with equipment to detect wireless networks






35. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






36. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






37. Unified data carrying service - replacing from replay and ATM






38. OSI






39. Stateful firewalls maintain state of traffic flows






40. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






41. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






42. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






43. Personal area network - phone tethering - bluetooth - etc






44. Intellectual property - business goals - validated data - historical






45. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






46. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






47. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






48. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






49. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






50. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction