Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






2. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






3. Slow - requires stateful data tracking - inspects all fields - including variable-length fields






4. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






5. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






6. logic bomb - trojan horse - trap door






7. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






8. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






9. Infects MBR - no network spreading potential






10. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






11. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






12. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






13. The practice of sending an ACK inside another packet going to the same destination






14. An attempt to gain access by bombarding it with guesses until the password is found.






15. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






16. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






17. Considered to be a perimeter device






18. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






19. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






20. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






21. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored






22. It makes sure the data sent from one side to the other is in a format useful to the other side






23. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






24. Attaches itself to existing program files and activated when the exe is launched






25. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






26. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






27. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.






28. Handles transmissions across the physical media like wires - fiber - etc






29. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






30. Confidentiality - symmetric encryption






31. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






32. Unencrypted message in its original form






33. Known - unknown - zero day






34. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






35. Protected at rest - protected in transit - secure the key






36. destruction of data - leaking confidential information - providing backdoor access






37. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






38. Full open - half open (stealth scan) - UDP - Ping






39. Confidentiality - integrity - availability






40. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






41. True positive - false positive - true negative - false negative






42. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






43. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






44. FIN 130 - ACK 131 - FIN 570 - ACK 571






45. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






46. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






47. Personal area network - phone tethering - bluetooth - etc






48. Intrusion detection system - it reports attacks against monitored systems/networks






49. Relies on executable code insertion and user interaction to spread






50. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction