Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A type of virus that spreads itself - not only from file to file - but also from computer to computer - do not need to attach to anything to spread and can tunnel themselves into computers.






2. Hacker who exposes vulnerabilities for financial gain or malicious purpose.






3. A ____ tester has an in-depth knowledge of the network and systems being tested - including network diagrams - IP addresses - and even the source code of custom applications.






4. Software that can guess passwords






5. People very knowledgeable about computers who use their knowledge to invade other people's computers






6. ____ involves stealing another person's personal information - such as a Social Security number - and then using the information to impersonate the victim - generally for financial gain.






7. ____ is an image spam that is divided into multiple images.






8. Keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.






9. When organizations use software that filters content to prevent the transmission of unauthorized information






10. Countless requests for a TCP connection sent to an FTP server - web server - or system attached to the internet.






11. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e






12. The X.500 standard defines a protocol for a client application to access an X.500 directory called ____.






13. Below 40% or above 50%






14. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.






15. Permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site.






16. Requires that if the fraudulent application of a process could potentially result in a breach of security - then the process should be divided between two or more individuals.






17. An attempt to discover an encryption key or password by trying numerous possible character combinations. usually - a brute force attack is performed rapidly by a program designed for that purpose.






18. Password and BioMetric






19. A set of permissions that are attached to an object.






20. Motivated by a desire to cause social change - trying to get media attention by disrupting services - or promoting a message by changing information on public websites.






21. Email attack that targets only specific users and has familiar information in it - making it more tempting to click the links in the message.






22. A technology that can help to evenly distribute work across a network.






23. Allows a single access point to service different types of users.






24. Four interrelated aspects to _________:Access - data - infrastructure - computers






25. ____ IP addresses are IP addresses that are not assigned to any specific user or organization.






26. Attack computer systems by transmitting a virus hoax - with a real virus attached. By masking the attack in a seemingly legitimate message - unsuspecting users more readily distribute the message and send the attack on to their co-workers and friends






27. Wants to cause as much damage as possible - without a particular target or goal.






28. Hardware and/or software that guards a private network by analyzing the information leaving and entering the network






29. Viruses and worms are said to be self-____.






30. The identification of a user based on a physical characteristic - such as a fingerprint - iris - face - voice - or handwriting






31. ____ attacks are responsible for half of all malware delivered by Web advertising.






32. A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.






33. Lock - conduit - card key - video equipment - secured guard






34. An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.






35. The signal from an ID badge is detected as the owner moves near a ____ - which receives the signal.






36. Terms that can refer to the online enticement of children; rude or threatening messages; slanderous information; or repeated - unwanted messages






37. Form of phishing that targets wealthy individuals.






38. Software that comes hidden in free downloadable software and tracks online movements - mines the information stored on a computer - or uses a computer's CPU and storage for some task the user knows nothing about - can cause extremely slow performance






39. A group of piconets in which connections exist between different piconets is called a ____.






40. A firewall capable only of examining packets individually. Stateless firewalls perform more quickly than stateful firewalls - but are not as sophisticated.






41. ____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.






42. If a user typically accesses his bank's Web site from his home computer on nights and weekends - then this information can be used to establish a ____ of typical access.






43. Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker. <dumpster diving - or looking through people's trash - etc>






44. Attacker sets up a rogue DNS server that responds to legitimate requests with IP addresses for malicious or non-existent websites.






45. Scrambles information into an alternative form that requires a key or password to decrypt the information






46. An attack that intercepts legitimate communication between two victims and captures - analyzes and possibly alters the data packets before sending a fake reply.






47. An attack that sends unsolicited messages to Bluetooth-enabled devices.






48. An attacker redirects an IP address to the MAC address of a computer that is not the intended recipient.






49. During RADIUS authentication the AP - serving as the authenticator that will accept or reject the wireless device - creates a data packet from this information called the ____.






50. Could become a key element in authentication in the future.