Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management






2. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address






3. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






4. Simple attack done by simply browsing available information that's allowed on a local network.






5. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute






6. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis






7. Confidentiality - integrity - availability






8. Syn - Syn/Ack - Ack






9. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






10. Connects many WANs - MANs - and LANs - provided via ISP






11. Stateful firewalls maintain state of traffic flows






12. It interacts with the application layer to determine which network services will be required






13. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






14. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area






15. FIN 130 - ACK 131 - FIN 570 - ACK 571






16. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs






17. Uniform protection - protected enclaves - information centric - threat vector analysis






18. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce






19. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself






20. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom






21. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535






22. Confidentiality - integrity - availability






23. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system






24. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs






25. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






26. Relies on executable code insertion and user interaction to spread






27. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


28. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host






29. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input






30. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






31. Network scanner.






32. A cracking tool inserted into the OS that allows the attacker to do as they please.






33. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found






34. fast - with little fidelity - examines header information and limited payload data






35. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures






36. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






37. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






38. 53 bytes - 48 bytes for data - 5 bytes for the header






39. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority






40. Full open - half open (stealth scan) - UDP - Ping






41. Going around with equipment to detect wireless networks






42. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.






43. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks






44. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






45. The Practice of sending an ACK inside another packet going to the same destination






46. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring






47. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p






48. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






49. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






50. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer