Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. FIN 130 - ACK 131 - FIN 570 - ACK 571






2. Malware - insider threat - natural disaster - terrorism - pandemic






3. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






4. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






5. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host






6. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






7. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






8. It interacts with the application layer to determine which network services will be required






9. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






10. Known - unknown - zero day






11. Provides insight into the tactics - motives - and attacker tools






12. Network scanner.






13. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






14. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers






15. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






16. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






17. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






18. Handles transmissions across the physical media like wires - fiber - etc






19. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






20. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






21. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






22. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






23. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






24. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






25. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis






26. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






27. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.






28. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






29. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






30. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


31. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






32. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






33. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






34. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






35. Relies on executable code insertion and user interaction to spread






36. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






37. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






38. Going around with equipment to detect wireless networks






39. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules






40. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum






41. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols






42. Message in its encrypted form






43. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment






44. destruction of data - leaking confidential information - providing backdoor access






45. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.






46. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






47. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






48. A cracking tool inserted into the OS that allows the attacker to do as they please.






49. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






50. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters