Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Attacker sets up a rogue DNS server that responds to legitimate requests with IP addresses for malicious or non-existent websites.






2. A method for confirming users' identities






3. Forging of the return address on an e-mail so that the e-mail message appears to come from someone other than the actual sender. This is not a virus but rather a way by which virus authors conceal their identities as they send out viruses.






4. Lock - conduit - card key - video equipment - secured guard






5. A password-protected and encrypted file that holds an individual's identification information - including a public key and a private key. The individual's public key is used to verify the sender's digital signature - and the private key allows the in






6. A ____ attack is similar to a passive man-in-the-middle attack.






7. Related to the perception - thought process - and understanding of the user.






8. An AP that is set up by an attacker.






9. Can create entries in a log for all queries that are received.






10. A person who uses his knowledge of operating systems and utilities to intentionally damage or destroy data or systems.






11. Can be used to determine whether new IP addresses are attempting to probe the network.






12. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e






13. Software that searches a server - switch - router - or other device for open ports - which can be vulnerable to attack.






14. The most restrictive access control model is ____.






15. Could become a key element in authentication in the future.






16. A security analysis of the transaction within its approved context.






17. The weakness of passwords centers on ____.






18. ____ involves horizontally separating words - although it is still readable by the human eye.






19. A firewall capable of monitoring a data stream from end to end.






20. Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.






21. Keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.






22. A secret combination of letters - numbers - and/or characters that only the user should know.






23. Floods a Web site with so many requests for service that it slows down or crashes the site






24. An authentication protocol that operates over PPP and that requires the authenticator to take the first step by offering the other computer a challenge. The requestor responds by combining the challenge with its password - encrypting the new string o






25. These attacks may allow an attacker to construct LDAP statements based on user input statements.






26. Four interrelated aspects to _________:Access - data - infrastructure - computers






27. A ____ is designed to separate a nonsecured area from a secured area.






28. Hardware and/or software that guards a private network by analyzing the information leaving and entering the network






29. Can be accidental or intentional - internal or external. (ex. back-hoe operator performing legitimate construction cuts cables leading into a facility.)






30. Type of software attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.






31. A ____ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks.






32. People very knowledgeable about computers who use their knowledge to invade other people's computers






33. Small electronic devices that change user passwords automatically






34. Viruses and worms are said to be self-____.






35. Wants to cause as much damage as possible - without a particular target or goal.






36. An attack that targets a computer's physical components and peripherals. (ie. hard disk - motherboard - cabling - etc.)






37. When DNS servers exchange information among themselves it is known as a ____.






38. Password and BioMetric






39. The protection of information from accidental or intentional misuse by persons inside or outside an organization






40. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.






41. Scrambles information into an alternative form that requires a key or password to decrypt the information






42. Malicious or accidental threats by employees. (ex. door to secure building left propped open.)






43. There are almost ____ different Microsoft Windows file extensions that could contain a virus.






44. Requires that if the fraudulent application of a process could potentially result in a breach of security - then the process should be divided between two or more individuals.






45. An attack that uses multiple computers on disparate networks to launch an attack from multiple hosts simultaneously.






46. The perimeter of a protected - internal network where users - both authorized and unauthorized - from external networks can attempt to access it. Firewalls and IDS/IPS systems are typically placed in the DMZ.






47. The process of verifying that your backups actually work






48. A group of piconets in which connections exist between different piconets is called a ____.






49. A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.






50. How many past backups you keep - what you did on your machine etc.