SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Information Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A ____ attack is similar to a passive man-in-the-middle attack.
Hoaxes
Resident
Replay
Dwell Time
2. A ____ is designed to separate a nonsecured area from a secured area.
Brute Force Attack
Mantrap
Blacklisting Software
Token
3. Computer crimes involving the theft of money
Cyber Theft
VPN
Whaling
Separation of duties
4. Hurricanes - tornadoes - flooding and earthquakes are all examples of this.
Authorization
Trusted OS
Natural Threat
Rule Based Access Control
5. In a ____ attack - attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.
Distributed
SYN Flood
DNS
DNS Log
6. Hides inside other software - usually as an attachment or a downloadable file
Cloud computing
Digital Certificate
Extreme Humidity
Trojan-horse virus
7. When organizations use software that filters content to prevent the transmission of unauthorized information
Identity management
Subject
Swiss Cheese
Content filtering
8. A key encryption technique for wireless networks that uses keys both to authenticate network clients and to encrypt data in transit.
Man-made Threat
WEP (Wired Equivalent Privacy)
Virus
Cyberbullying
9. An independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.
Authentication
Challenge
Roller barrier
Internal Threat
10. Hacker who exposes vulnerabilities for financial gain or malicious purpose.
ACL (Access Control List)
Stateless Firewall
Black Hat
Cyberstalking/Harassment
11. Email attack that targets only specific users and has familiar information in it - making it more tempting to click the links in the message.
Worm
Spear Phishing
Separation of duties
Loop Protection
12. Sifting through a company's garbage to find information to help break into their computers
Dumpster Diving
ACL
Shoulder Surfing
Authorization
13. Requires that if the fraudulent application of a process could potentially result in a breach of security - then the process should be divided between two or more individuals.
Separation of duties
Web security gateway
Rainbow Tables
Loop Protection
14. The most common protocol suite used today for local area networks (LANs) as well as the Internet is ____.
Replicating
TCP/IP
Physical security
Access Control
15. Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident <tell people passwords - etc>
Resident
Private
Insiders
Fake Antivirus
16. A ____ does not serve clients - but instead routes incoming requests to the correct server.
Protocol analyzer
Reverse proxy
Account expiration
Distributed storage
17. A standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.
Federated identity management
Character
Access Control
Port Scanner
18. This attack is where every possible combination of letters - numbers - and characters is used to create encrypted passwords.
OAuth
Brute Force
Zone transfer
Distributed
19. Sending extremely critcal - derogatory - and oftern vulgar email messages or newsgroup postings to other user on the internet or online services
RADIUS
Flaming
Smurf Attack
Extreme temperatures
20. Using a single authentication credential that is shared across multiple networks.
CardSpace
Identity management
War Driving
Root
21. The Chinese government uses _____ to prevent Internet content that it considers unfavorable from reaching its citizenry.
DNS poisoning
Adware
Symmetric encryption
Role Based Access Control
22. Content filtering - encryption - firewalls
Federated identity management
Prevention and detection
Man-in-the-Middle Attack
White box
23. Allows a single access point to service different types of users.
Resident
Authentication
Wireless VLANs
Insiders
24. Four interrelated aspects to _________:Access - data - infrastructure - computers
Physical security
Phishing
Cybercriminals
Cloud computing
25. An authentication protocol that operates over PPP and that requires the authenticator to take the first step by offering the other computer a challenge. The requestor responds by combining the challenge with its password - encrypting the new string o
CHAP (Challenge Handshake Authentication Protocol)
DAP
Kerberos
Blacklisting Software
26. An authentication process that involves three steps.
Three-Way Handshake
Cloud computing
Extreme Humidity
Information security
27. Due to the limitations of online guessing - most password attacks today use ____.
Three-Way Handshake
Offline cracking
MPack
Wireless VLANs
28. Hardware and/or software that guards a private network by analyzing the information leaving and entering the network
Stateless Firewall
Kerberos
Replay Attack
Firewalls
29. Could become a key element in authentication in the future.
Replay Attack
Cognitive biometrics
ICMP Flood
Private
30. A group of piconets in which connections exist between different piconets is called a ____.
What is asymmetic encryption?
Role
Wireless security
Scatternet
31. The weakness of passwords centers on ____.
ACL
Whaling
Virtualization
Human memory
32. A ____ tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.
Backup scope
Security
TACACS
White box
33. A means of managing and presenting computer resources by function without regard to their physical layout or location.
Rogue
Router
White box
Virtualization
34. Suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.
RADIUS
Prevention and detection
Physical security access control measures
Bluesnarfing
35. Can be used to determine whether new IP addresses are attempting to probe the network.
Firewall logs
Distributed Denial of Service (DDoS)
Root
Electronic Vandal
36. Provides a greater degree of security by implementing port-based authentication.
Hardware Attack
IEEE 802.1x
Honeynet
Dwell Time
37. A variety of threats such as viruses - worms - and Trojan horses
Identification
Malicious code
Wireless security
Internal Threat
38. Software that searches a server - switch - router - or other device for open ports - which can be vulnerable to attack.
Port Scanner
CHAP (Challenge Handshake Authentication Protocol)
DNS Log
Authorization
39. These accounts are user accounts that remain active after an employee has left an organization.
Orphaned
Clickjacking
Spear Phishing
Federated identity management
40. Software that can guess passwords
External Threat
Password Crackers
Packet tampering
Mantrap
41. Motivated by a desire to cause social change - trying to get media attention by disrupting services - or promoting a message by changing information on public websites.
History
Denial of service attack
Electronic Activist (hacktivist)
Rule Based Access Control
42. Holds the promise of reducing the number of usernames and passwords that users must memorize.
SSO
Mouse Trapping
Shoulder Surfing
Fake Antivirus
43. A person who uses his knowledge of operating systems and utilities to intentionally damage or destroy data or systems.
Identity management
Cracker
Operation
CCTV
44. A firewall that can block designated types of traffic from entering a protected network.
Resident
Mouse Trapping
Content-Filtering Firewall
UDP Flood
45. A pay-per-use computing model in which customers pay only for the computing resources they need.
Backup scope
PAT
Cloud computing
Testing
46. Indicates when an account is no longer active.
Word Splitting
DNS
Bluejacking
Account expiration
47. An attack where the goal is to extract personal - financial or confidential information from the victim by using services such as the telephone or VOIP.
Vishing
What is asymmetic encryption?
Geometric variance
Scatternet
48. The most popular attack toolkit - which has almost half of the attacker toolkit market is ____.
Private
Backup frequency
Operation
MPack
49. Form of phishing that targets wealthy individuals.
Whaling
Wireless security
Cyberterrorist
ARP Poisoning
50. A user accessing a computer system must present credentials or ____ when logging on to the system.
Authentication request
Identification
Honeypot
Replicating
