Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Message in its encrypted form






2. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






3. 53 bytes - 48 bytes for data - 5 bytes for the header






4. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






5. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






6. Provides insight into the tactics - motives - and attacker tools






7. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






8. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






9. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






10. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






11. It makes sure the data sent from one side to the other is in a format useful to the other side






12. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






13. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






14. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






15. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






16. FIN 130 - ACK 131 - FIN 570 - ACK 571






17. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






18. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






19. Intrusion detection system - it reports attacks against monitored systems/networks






20. It handles the establishment and maintenance of connections between systems






21. Handles transmissions across the physical media like wires - fiber - etc






22. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted






23. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


24. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






25. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






26. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application






27. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall






28. logic bomb - trojan horse - trap door






29. Connects many WANs - MANs - and LANs - provided via ISP






30. Relies on executable code insertion and user interaction to spread






31. Considered to be a perimeter device






32. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






33. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






34. fast - with little fidelity - examines header information and limited payload data






35. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






36. The Practice of sending an ACK inside another packet going to the same destination






37. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection






38. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






39. Simple attack done by simply browsing available information that's allowed on a local network.






40. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






41. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






42. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






43. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






44. Connects the physical part of the network (cables) with the abstract (packets and datastreams)






45. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.






46. Attaches itself to existing program files and activated when the exe is launched






47. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering






48. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






49. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






50. Going around with equipment to detect wireless networks