Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


2. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






3. Intrusion detection system - it reports attacks against monitored systems/networks






4. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






5. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port






6. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






7. Uniform protection - protected enclaves - information centric - threat vector analysis






8. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






9. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






10. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






11. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






12. Relies on executable code insertion and user interaction to spread






13. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key






14. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






15. 53 bytes - 48 bytes for data - 5 bytes for the header






16. Considered to be a perimeter device






17. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






18. Infects MBR - no network spreading potential






19. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






20. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






21. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






22. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






23. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






24. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.






25. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0






26. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has






27. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






28. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






29. Message in its encrypted form






30. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






31. Connects many WANs - MANs - and LANs - provided via ISP






32. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






33. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






34. Confidentiality - symmetric encryption






35. destruction of data - leaking confidential information - providing backdoor access






36. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






37. Known - unknown - zero day






38. Unencrypted message in its original form






39. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






40. Handles transmissions across the physical media like wires - fiber - etc






41. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






42. Unified data carrying service - replacing from replay and ATM






43. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






44. Malware - insider threat - natural disaster - terrorism - pandemic






45. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






46. Syn - Syn/Ack - Ack






47. Bits of code embedded in programs to quickly gain access at a later time






48. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest






49. It interacts with the application layer to determine which network services will be required






50. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks