Test your basic knowledge |

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.






2. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0






3. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end






4. Intrusion detection system - it reports attacks against monitored systems/networks






5. Attaches itself to existing program files and activated when the exe is launched






6. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication






7. One is for talking - one is for implementing






8. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con






9. Unencrypted message in its original form






10. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP






11. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment






12. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls






13. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry






14. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector






15. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in






16. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability






17. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone






18. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer






19. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability






20. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system






21. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive






22. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS






23. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet






24. Going around with equipment to detect wireless networks






25. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer






26. Considered to be a perimeter device






27. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously






28. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code






29. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK






30. Handles transmissions across the physical media like wires - fiber - etc






31. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside






32. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches






33. An FTP that allows downloads only if the user knows the exact name of the file they're looking for






34. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS






35. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.






36. FIN 130 - ACK 131 - FIN 570 - ACK 571






37. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution






38. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address






39. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies






40. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network






41. Confidentiality - symmetric encryption






42. Provides insight into the tactics - motives - and attacker tools






43. Bits of code embedded in programs to quickly gain access at a later time






44. It interacts with the application layer to determine which network services will be required






45. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.






46. Relies on executable code insertion and user interaction to spread






47. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment






48. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process






49. Confidentiality - integrity - availability






50. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks