Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit






2. It makes sure the data sent from one side to the other is in a format useful to the other side






3. Trying to ID modems in a telephone exchange that may be susceptible to compromise






4. logic bomb - trojan horse - trap door






5. Full open - half open (stealth scan) - UDP - Ping






6. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






7. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






8. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






9. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






10. Handles transmissions across the physical media like wires - fiber - etc






11. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






12. 53 bytes - 48 bytes for data - 5 bytes for the header






13. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






14. Intrusion detection system - it reports attacks against monitored systems/networks






15. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


16. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






17. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






18. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed






19. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






20. Confidentiality - symmetric encryption






21. Simple attack done by simply browsing available information that's allowed on a local network.






22. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






23. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above






24. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit






25. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






26. The practice of sending an ACK inside another packet going to the same destination






27. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






28. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






29. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.






30. Provides insight into the tactics - motives - and attacker tools






31. destruction of data - leaking confidential information - providing backdoor access






32. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






33. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






34. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






35. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters






36. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






37. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






38. The Practice of sending an ACK inside another packet going to the same destination






39. fast - with little fidelity - examines header information and limited payload data






40. Unencrypted message in its original form






41. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






42. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






43. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction






44. Personal area network - phone tethering - bluetooth - etc






45. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






46. Considered to be a perimeter device






47. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






48. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






49. It interacts with the application layer to determine which network services will be required






50. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks