Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A technique to gain personal information for the purpose of identity theft - usually by means of fraudulent e-mail






2. Requires that if the fraudulent application of a process could potentially result in a breach of security - then the process should be divided between two or more individuals.






3. Small electronic devices that change user passwords automatically






4. An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____.






5. Can be used to determine whether new IP addresses are attempting to probe the network.






6. A secret combination of letters - numbers - and/or characters that only the user should know.






7. Computer crimes involving the theft of money






8. A password-protected and encrypted file that holds an individual's identification information - including a public key and a private key. The individual's public key is used to verify the sender's digital signature - and the private key allows the in






9. An attack that intercepts legitimate communication between two victims and captures - analyzes and possibly alters the data packets before sending a fake reply.






10. Form of phishing that targets wealthy individuals.






11. The signal from an ID badge is detected as the owner moves near a ____ - which receives the signal.






12. A type of virus that spreads itself - not only from file to file - but also from computer to computer - do not need to attach to anything to spread and can tunnel themselves into computers.






13. A system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.






14. An attack that uses multiple computers on disparate networks to launch an attack from multiple hosts simultaneously.






15. ____ involves horizontally separating words - although it is still readable by the human eye.






16. A security analysis of the transaction within its approved context.






17. The act of driving while running a laptop configured to detect and capture wireless data transmissions.






18. Email attack that targets only specific users and has familiar information in it - making it more tempting to click the links in the message.






19. A technique that allows private IP addresses to be used on the public Internet.






20. Hides inside other software - usually as an attachment or a downloadable file






21. An AP that is set up by an attacker.






22. A user accessing a computer system must present credentials or ____ when logging on to the system.






23. A ____ means that the application or service assigned to that port is listening for any instructions.






24. If a user typically accesses his bank's Web site from his home computer on nights and weekends - then this information can be used to establish a ____ of typical access.






25. If a password is communicated across a network to log on to a remote system - it is vulnerable to ______.






26. In a ____ infection - a virus injects itself into the program's executable code instead of at the end of the file.






27. A pay-per-use computing model in which customers pay only for the computing resources they need.






28. A method for confirming users' identities






29. A technique for crashing by sending too much data to the buffer in a comuter's memory






30. Web application attacks are considered ____ attacks.






31. To create a rainbow table - each ____ begins with an initial password that is encrypted.






32. An attacker motivated by the ideology to attack computer or infrastructure networks.






33. Scrambles information into an alternative form that requires a key or password to decrypt the information






34. Hardware and/or software that guards a private network by analyzing the information leaving and entering the network






35. The process of giving someone permission to do or have something






36. A program or device that can monitor data traveling over a network. Sniffers can show - all the data being transmitted over a network - including passwords and sensitive information - tends to be a favorite weapon in the hacker's arsenal






37. Can also capture transmissions that contain passwords.






38. The Chinese government uses _____ to prevent Internet content that it considers unfavorable from reaching its citizenry.






39. Could become a key element in authentication in the future.






40. ____ are combination locks that use buttons which must be pushed in the proper sequence to open the door.






41. Forwards packets across computer networks.






42. ____ involves stealing another person's personal information - such as a Social Security number - and then using the information to impersonate the victim - generally for financial gain.






43. An attacker slips through a secure area following a legitimate employee.






44. Using a single authentication credential that is shared across multiple networks.






45. A key encryption technique for wireless networks that uses keys both to authenticate network clients and to encrypt data in transit.






46. Set of rules that allow or deny traffic






47. Indicates when an account is no longer active.






48. A set of permissions that are attached to an object.






49. Attacker sets up a rogue DNS server that responds to legitimate requests with IP addresses for malicious or non-existent websites.






50. A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.