SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Information Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A program or device that can monitor data traveling over a network. Sniffers can show - all the data being transmitted over a network - including passwords and sensitive information - tends to be a favorite weapon in the hacker's arsenal
Authentication
Sniffer
Adware
Blacklisting Software
2. ____ involves horizontally separating words - although it is still readable by the human eye.
Word Splitting
Spyware
IEEE 802.1x
Cyber Theft
3. A threat that originates from outside the company. (ex. power failure.)
Cyberstalking/Harassment
External Threat
Stateless Firewall
Hoaxes
4. Allows a single access point to service different types of users.
Authorization
Wireless VLANs
Firewalls
Spoofing
5. An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users.
Stateful packet filtering
Cipher locks
Distributed
Kerberos
6. Securing a restricted area by erecting a barrier is called ____.
Cybercriminals
Honeynet
Natural Threat
Fencing
7. A ____ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks.
Macro
Zone transfer
Dumpster Diving
Ciphertext
8. Ensures that messages are not corrupt or tampered with
Hash encoding
Electronic Vandal
Denial of service attack
WEP (Wired Equivalent Privacy)
9. A private key and public key
Virus
What is asymmetic encryption?
Fencing
Authentication
10. ____ uses "speckling" and different colors so that no two spam e-mails appear to be the same.
Replay Attack
Phishing
Geometric variance
Eavesdropping Attack
11. A ____ attack is similar to a passive man-in-the-middle attack.
LEAP
Identity Theft
Authentication request
Replay
12. Peering over the shoulder of someone to see the contents on that person's computer or cell phone screen.
Shoulder Surfing
Cracker
Trojan-horse virus
UDP Flood
13. A program that is automatically downloaded to your computer without your consent or even your knowledge.
ARP Poisoning
Rule Based Access Control
WEP (Wired Equivalent Privacy)
Drive-by Download
14. An attack that forces a user to unintentionally click a link.
Clickjacking
GIF Layering
Worm
Phishing
15. Hurricanes - tornadoes - flooding and earthquakes are all examples of this.
Open Port
Natural Threat
Speech recognition
ACL
16. Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker. <dumpster diving - or looking through people's trash - etc>
Social engineering
Bluejacking
RADIUS
Worm
17. An attempt to discover an encryption key or password by trying numerous possible character combinations. usually - a brute force attack is performed rapidly by a program designed for that purpose.
DLP
Environmental Threat
Stateful Firewall
Brute Force Attack
18. A means of managing and presenting computer resources by function without regard to their physical layout or location.
Malicious code
Virtualization
Tailgate sensors
Access Control
19. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e
Malicious code
Testing
Rootkit
Client_Hello
20. Has limited technical knowledge and is motivated by a desire to gain and display technical skills.
LEAP
SYN Flood
Script Kiddie
Orphaned
21. A ____ tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.
Trusted OS
WEP (Wired Equivalent Privacy)
Scatternet
White box
22. An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____.
TCP/IP
Trusted OS
VPN
Wireless VLANs
23. A database - organized as a hierarchy or tree - of the name of each site on the Internet and its corresponding IP number.
BioMetric devices
Black Hat
DNS
Spimming
24. A ____ means that the application or service assigned to that port is listening for any instructions.
Human memory
Open Port
Distributed storage
Malicious code
25. The perimeter of a protected - internal network where users - both authorized and unauthorized - from external networks can attempt to access it. Firewalls and IDS/IPS systems are typically placed in the DMZ.
DMS (Demilitarized Zone)
Human memory
Drive-by Download
Resident
26. A firewall that can block designated types of traffic from entering a protected network.
NAT
Identification
computer footprint
Content-Filtering Firewall
27. ____ attacks are responsible for half of all malware delivered by Web advertising.
Bluesnarfing
MPack
Hoaxes
Fake Antivirus
28. Computer crimes involving the theft of money
Cyber Theft
VPN
Hoaxes
Distributed
29. A technology that can help to evenly distribute work across a network.
Digital Certificate
Wireless VLANs
Load balancing
Root
30. The breadth of your back-up (what types of files you will back up-media - documents - OS - etc)
Proximity reader
Backup scope
computer footprint
LDAP injection
31. An attack that intercepts legitimate communication between two victims and captures - analyzes and possibly alters the data packets before sending a fake reply.
Electronic Vandal
Kerberos
Man-in-the-Middle Attack
Fencing
32. Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident <tell people passwords - etc>
Insiders
Authentication
Phishing
Information security
33. Floods a Web site with so many requests for service that it slows down or crashes the site
War Driving
Denial of service attack
CCTV
Cyberbullying
34. Using a single authentication credential that is shared across multiple networks.
DNS poisoning
Identity management
Cybercriminals
Load balancing
35. Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.
Bluesnarfing
Hash encoding
CCTV
Content inspection
36. A commonly used technique by pornography sites where a user gets "locked" in a web site.
Packet filtering
Mouse Trapping
Identity Theft
ACL
37. Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.
Buffer Overflow
Fake Antivirus
Data
Trojan-horse virus
38. The action that is taken by the subject over the object is called a ____.
Three-Way Handshake
Geometric variance
Operation
Stateless Firewall
39. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.
SYN Flood
Identity management
Password Crackers
Role Based Access Control
40. These access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data.
Tailgating
Rogue
Physical security access control measures
Client_Hello
41. A user accessing a computer system must present credentials or ____ when logging on to the system.
Mandatory Access Control
Identification
Authorization
Load balancing
42. A device that is around the same size as a credit card - containing embedded technologies that can store information and small amounts of software to perform some limited processing
Locking Cabinets
Password Crackers
Amart card
MPack
43. An attack where the goal is to extract personal - financial or confidential information from the victim by using services such as the telephone or VOIP.
Bluesnarfing
Shoulder Surfing
Content inspection
Vishing
44. During RADIUS authentication the AP - serving as the authenticator that will accept or reject the wireless device - creates a data packet from this information called the ____.
Zone transfer
Role
Authentication request
DAP
45. The geographical storage of your backups-safest place is a different place from where you keep your actual data
Distributed storage
LEAP
Wireless security
Electronic Activist (hacktivist)
46. Wants to cause as much damage as possible - without a particular target or goal.
Role Based Access Control
Hardware Attack
Floor Guard
Electronic Vandal
47. Below 40% or above 50%
Extreme Humidity
Testing
Bluejacking
Macro
48. Can be accidental or intentional - internal or external. (ex. back-hoe operator performing legitimate construction cuts cables leading into a facility.)
Boot
Man-made Threat
Drive-by Download
Smurf Attack
49. There are almost ____ different Microsoft Windows file extensions that could contain a virus.
Encryption
Brute Force
White box
70
50. Forging of the return address on an e-mail so that the e-mail message appears to come from someone other than the actual sender. This is not a virus but rather a way by which virus authors conceal their identities as they send out viruses.
Token
DNS Hijacking
Drive-by Download
Spoofing
