Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Trying to ID modems in a telephone exchange that may be susceptible to compromise






2. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script






3. Worms and Wireless - modems - tunnel anything through HTTP - social engineering






4. Handles the network address scheme and connectivity of multiple network segments. It handles communication.






5. Malware - insider threat - natural disaster - terrorism - pandemic






6. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






7. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks






8. Personal area network - phone tethering - bluetooth - etc






9. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






10. Connects many WANs - MANs - and LANs - provided via ISP






11. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






12. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire






13. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






14. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






15. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.






16. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






17. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector






18. Bits of code embedded in programs to quickly gain access at a later time






19. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






20. A cracking tool inserted into the OS that allows the attacker to do as they please.






21. Handles transmissions across the physical media like wires - fiber - etc






22. Intrusion detection system - it reports attacks against monitored systems/networks






23. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






24. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






25. Full open - half open (stealth scan) - UDP - Ping






26. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired






27. FIN 130 - ACK 131 - FIN 570 - ACK 571






28. Intellectual property - business goals - validated data - historical






29. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






30. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






31. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






32. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline






33. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0






34. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






35. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks






36. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.






37. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched






38. It handles the establishment and maintenance of connections between systems






39. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS






40. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP






41. One is for talking - one is for implementing






42. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere






43. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






44. logic bomb - trojan horse - trap door






45. Syn - Syn/Ack - Ack






46. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested






47. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






48. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code






49. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






50. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process