Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Hides inside other software - usually as an attachment or a downloadable file






2. There are almost ____ different Microsoft Windows file extensions that could contain a virus.






3. Peering over the shoulder of someone to see the contents on that person's computer or cell phone screen.






4. Holds the promise of reducing the number of usernames and passwords that users must memorize.






5. A key encryption technique for wireless networks that uses keys both to authenticate network clients and to encrypt data in transit.






6. The most common protocol suite used today for local area networks (LANs) as well as the Internet is ____.






7. In a ____ infection - a virus injects itself into the program's executable code instead of at the end of the file.






8. Hacker who exposes vulnerabilities for financial gain or malicious purpose.






9. A program or device that can monitor data traveling over a network. Sniffers can show - all the data being transmitted over a network - including passwords and sensitive information - tends to be a favorite weapon in the hacker's arsenal






10. Fingerprints and patterns






11. Forwards packets across computer networks.






12. A user under Role Based Access Control can be assigned only one ____.






13. A ____ means that the application or service assigned to that port is listening for any instructions.






14. ____ is an attack in which an attacker attempts to impersonate the user by using his session token.






15. A commonly used technique by pornography sites where a user gets "locked" in a web site.






16. The unique data block that results when an original piece of data (such as text) is encrypted (for example - by using a key.)






17. A type of virus that spreads itself - not only from file to file - but also from computer to computer - do not need to attach to anything to spread and can tunnel themselves into computers.






18. An attack that accesses unauthorized information from a wireless device through a Bluetooth connection - often between cell phones and laptop computers.






19. When a device receives a beacon frame from an AP - the device then sends a frame known as a ____ frame to the AP.






20. A program that is automatically downloaded to your computer without your consent or even your knowledge.






21. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.






22. ____ attacks are responsible for half of all malware delivered by Web advertising.






23. A user or a process functioning on behalf of the user that attempts to access an object is known as the ____.






24. A framework for transporting authentication protocols instead of the authentication protocol itself.






25. A ____ can block malicious content in "real time" as it appears without first knowing the URL of a dangerous site.






26. Floods a Web site with so many requests for service that it slows down or crashes the site






27. The Chinese government uses _____ to prevent Internet content that it considers unfavorable from reaching its citizenry.






28. These accounts are user accounts that remain active after an employee has left an organization.






29. A security attack in which an internet user sends commands to another internet user's machine that cause the screen to fill with garbage characters. A flashing attack causes the user to terminate her session.






30. An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.






31. How many past backups you keep - what you did on your machine etc.






32. A technique to gain personal information for the purpose of identity theft - usually by means of fraudulent e-mail






33. Using a single authentication credential that is shared across multiple networks.






34. A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.






35. Motivated by a desire to cause social change - trying to get media attention by disrupting services - or promoting a message by changing information on public websites.






36. Software written with malicious intent to cause annoyance or damage - need to attach to something (such as an executable file)






37. A system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.






38. A ____ tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.






39. An attack that intercepts legitimate communication between two victims and captures - analyzes and possibly alters the data packets before sending a fake reply.






40. A ____ attack is similar to a passive man-in-the-middle attack.






41. Attack computer systems by transmitting a virus hoax - with a real virus attached. By masking the attack in a seemingly legitimate message - unsuspecting users more readily distribute the message and send the attack on to their co-workers and friends






42. A technique that allows private IP addresses to be used on the public Internet.






43. A firewall capable of monitoring a data stream from end to end.






44. A method for confirming users' identities






45. A form of filtering that blocks only sites specified as harmful.






46. Software that can guess passwords






47. Set of rules that allow or deny traffic






48. A threat to networked hosts in which the host is flooded with broadcast ping messages. A _____ _____ is a type of denial-of-service attack.






49. An attack where the goal is to extract personal - financial or confidential information from the victim by using services such as the telephone or VOIP.






50. Software that comes hidden in free downloadable software and tracks online movements - mines the information stored on a computer - or uses a computer's CPU and storage for some task the user knows nothing about - can cause extremely slow performance