SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Information Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.
Logic Bomb
Vishing
Identity management
Zone transfer
2. A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.
Honeynet
70
Port Scanner
ACL (Access Control List)
3. The X.500 standard defines a protocol for a client application to access an X.500 directory called ____.
Role Based Access Control
DAP
GIF Layering
Internal Threat
4. Type of software attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.
Digital Certificate
Packet tampering
Swiss Cheese
Replay Attack
5. Sending high volumes of ICMP (usually ping) packets to a target.
Swiss Cheese
Trojan-horse virus
ICMP Flood
Natural Threat
6. A ____ attack is similar to a passive man-in-the-middle attack.
Authentication
Buffer Overflow
Replay
Session hijacking
7. The time it takes for a key to be pressed and then released.
Resident
Man-made Threat
Dwell Time
Web security gateway
8. Form of phishing that targets wealthy individuals.
Mandatory Access Control
Honeynet
Whaling
Black Hat
9. An attempt to discover an encryption key or password by trying numerous possible character combinations. usually - a brute force attack is performed rapidly by a program designed for that purpose.
What is asymmetic encryption?
Electronic Vandal
Brute Force
Brute Force Attack
10. Due to the limitations of online guessing - most password attacks today use ____.
Open Port
Offline cracking
Macro
Cognitive biometrics
11. A ____ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system.
UDP Flood
Word Splitting
Separation of duties
Resident
12. Malicious or accidental threats by employees. (ex. door to secure building left propped open.)
Internal Threat
ACL (Access Control List)
Symmetric encryption
DAC
13. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.
Federated identity management
War Driving
Server-Side
Role Based Access Control
14. Four interrelated aspects to _________:Access - data - infrastructure - computers
Port Scanner
Word Splitting
Private
Physical security
15. A person who uses his knowledge of operating systems and utilities to intentionally damage or destroy data or systems.
White box
Cracker
Distributed storage
Biometrics
16. To create a rainbow table - each ____ begins with an initial password that is encrypted.
Phishing
Flaming
Blacklisting Software
Chain
17. Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.
VPN
Data
Malicious Insiders
Bluesnarfing
18. A ____ tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.
White box
OAuth
DAP
Biometrics
19. These access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data.
Rogue
Spimming
DAC
Token
20. Software that can guess passwords
Packet filtering
Password Crackers
Client_Hello
Extreme temperatures
21. ____ is an image spam that is divided into multiple images.
Account expiration
Authentication
Hybird
GIF Layering
22. Can be accidental or intentional - internal or external. (ex. back-hoe operator performing legitimate construction cuts cables leading into a facility.)
Account expiration
Man-made Threat
Electronic eavesdropping
Backup frequency
23. A firewall that can block designated types of traffic from entering a protected network.
Character
DAP
Content-Filtering Firewall
Replicating
24. An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.
Federated identity management
Denial of service attack
TACACS
Physical security
25. Peering over the shoulder of someone to see the contents on that person's computer or cell phone screen.
DAP
Stateless Firewall
Shoulder Surfing
Honeynet
26. A ____ is a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic - yet they are actually imitations of real data files.
Malicious code
Worm
TACACS
Honeypot
27. A ____ can block malicious content in "real time" as it appears without first knowing the URL of a dangerous site.
CHAP (Challenge Handshake Authentication Protocol)
Web security gateway
Data
Buffer Overflow
28. Tools used to configure ________: WEP - WPA - MAC address filtering - SSID broadcasting - wireless antennae
Resident
Wireless security
UDP Flood
IEEE 802.1x
29. ____ involves stealing another person's personal information - such as a Social Security number - and then using the information to impersonate the victim - generally for financial gain.
Password Crackers
Identity Theft
Spear Phishing
Malicious Insiders
30. Countless requests for a TCP connection sent to an FTP server - web server - or system attached to the internet.
Server-Side
Bluejacking
SYN Flood
DAP
31. Can also capture transmissions that contain passwords.
Router
ICMP Flood
Spear Phishing
Protocol analyzer
32. Web application attacks are considered ____ attacks.
Encryption
Server-Side
Worm
Load balancing
33. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e
DMS (Demilitarized Zone)
Client_Hello
Macro
Proximity reader
34. When a device receives a beacon frame from an AP - the device then sends a frame known as a ____ frame to the AP.
Data
TACACS
Standard biometrics
Association request
35. This attack is where every possible combination of letters - numbers - and characters is used to create encrypted passwords.
Trusted OS
Three-Way Handshake
Extreme Humidity
Brute Force
36. Fire - extreme weather - flooding - extreme temperatures - extreme humidity.
Environmental Threat
Data
Operation
Backup frequency
37. A threat to networked hosts in which the host is flooded with broadcast ping messages. A _____ _____ is a type of denial-of-service attack.
EAP
Kerberos
Identification
Smurf Attack
38. Generally represent disgruntled employees and alike who are seeking to perform vengeful acts against their current or former employer.
Tailgate sensors
Prevention and detection
Malicious Insiders
Password Crackers
39. Attack computer systems by transmitting a virus hoax - with a real virus attached. By masking the attack in a seemingly legitimate message - unsuspecting users more readily distribute the message and send the attack on to their co-workers and friends
Malicious Insiders
TCP/IP
Trusted OS
Hoaxes
40. Fingerprints and patterns
BioMetric devices
Malicious code
SSO
Mandatory Access Control
41. An authentication process that involves three steps.
Identity management
Three-Way Handshake
GIF Layering
Session hijacking
42. A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.
Association request
Floor Guard
DNS poisoning
Trusted OS
43. Sending high volumes of UDP requests to a target.
Impersonation
Standard biometrics
UDP Flood
Port Scanner
44. The protection of information from accidental or intentional misuse by persons inside or outside an organization
What is asymmetic encryption?
LEAP
Information security
EAP
45. Requires mutual authentication used for WLAN encryption using Cisco client software.
Mandatory Access Control
LEAP
Zone transfer
Backup frequency
46. Email attack that targets only specific users and has familiar information in it - making it more tempting to click the links in the message.
SSO
MPack
Bluesnarfing
Spear Phishing
47. An attacker redirects an IP address to the MAC address of a computer that is not the intended recipient.
Bluesnarfing
Cyberstalking/Harassment
ARP Poisoning
Identity Theft
48. Using a single authentication credential that is shared across multiple networks.
Cognitive biometrics
Stateful packet filtering
Identity management
Protocol analyzer
49. A ____ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software - such as Trojans - viruses - or worms.
Packet filtering
Rootkit
Mantrap
Identification
50. The weakness of passwords centers on ____.
Human memory
DAP
Media for backups
Hacker
