Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. If a user typically accesses his bank's Web site from his home computer on nights and weekends - then this information can be used to establish a ____ of typical access.






2. Can create entries in a log for all queries that are received.






3. A secret combination of letters - numbers - and/or characters that only the user should know.






4. Requires that if the fraudulent application of a process could potentially result in a breach of security - then the process should be divided between two or more individuals.






5. Securing a restricted area by erecting a barrier is called ____.






6. It is able to code and decode data






7. A firewall that can block designated types of traffic from entering a protected network.






8. Password and BioMetric






9. A user accessing a computer system must present credentials or ____ when logging on to the system.






10. Hacker who exposes vulnerabilities for financial gain or malicious purpose.






11. Using a single authentication credential that is shared across multiple networks.






12. Hardware and/or software that guards a private network by analyzing the information leaving and entering the network






13. During RADIUS authentication the AP - serving as the authenticator that will accept or reject the wireless device - creates a data packet from this information called the ____.






14. A group of piconets in which connections exist between different piconets is called a ____.






15. The ____ attack will slightly alter dictionary words by adding numbers to the end of the password - spelling words backward - slightly misspelling words - or including special characters such as @ - $ - ! - or %.






16. Suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.






17. An independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.






18. Sending extremely critcal - derogatory - and oftern vulgar email messages or newsgroup postings to other user on the internet or online services






19. Type of software attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.






20. Floods a Web site with so many requests for service that it slows down or crashes the site






21. The X.500 standard defines a protocol for a client application to access an X.500 directory called ____.






22. An AP that is set up by an attacker.






23. Attacker sets up a rogue DNS server that responds to legitimate requests with IP addresses for malicious or non-existent websites.






24. Typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).






25. ____ involves stealing another person's personal information - such as a Social Security number - and then using the information to impersonate the victim - generally for financial gain.






26. An attack that accesses unauthorized information from a wireless device through a Bluetooth connection - often between cell phones and laptop computers.






27. Due to the limitations of online guessing - most password attacks today use ____.






28. A set of permissions that are attached to an object.






29. A ____ encrypts all data that is transmitted between the remote device and the network.






30. A feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy.






31. The ____ model is the least restrictive.






32. A ____ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software - such as Trojans - viruses - or worms.






33. The geographical storage of your backups-safest place is a different place from where you keep your actual data






34. A firewall capable only of examining packets individually. Stateless firewalls perform more quickly than stateful firewalls - but are not as sophisticated.






35. A ____ attack is similar to a passive man-in-the-middle attack.






36. A method for confirming users' identities






37. An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____.






38. Sifting through a company's garbage to find information to help break into their computers






39. Four interrelated aspects to _________:Access - data - infrastructure - computers






40. Magnetic tape drives - hard drives - optical media (CD or DVD) - solid-state media (flash drives or SD)






41. An authentication protocol that operates over PPP and that requires the authenticator to take the first step by offering the other computer a challenge. The requestor responds by combining the challenge with its password - encrypting the new string o






42. A security attack in which an internet user sends commands to another internet user's machine that cause the screen to fill with garbage characters. A flashing attack causes the user to terminate her session.






43. Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker. <dumpster diving - or looking through people's trash - etc>






44. The weakness of passwords centers on ____.






45. An attack that accesses unauthorized information from a wireless device through a Bluetooth connection - often between cell phones and laptop computers.






46. Email attack that targets only specific users and has familiar information in it - making it more tempting to click the links in the message.






47. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.






48. Malicious or accidental threats by employees. (ex. door to secure building left propped open.)






49. The identification of a user based on a physical characteristic - such as a fingerprint - iris - face - voice - or handwriting






50. The process of giving someone permission to do or have something