SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
Information Security
Start Test
Study First
Subject
:
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.
Stateful packet filtering
Bluesnarfing
Session hijacking
DNS Log
2. Mass mailings sent as Instant Messages to users. Often these can feature links to explicit porn sites.
Spimming
MPack
Spyware
Hybird
3. An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.
TACACS
Phishing
Association request
Scatternet
4. Web application attacks are considered ____ attacks.
Worm
Stateful packet filtering
Content inspection
Server-Side
5. Can also capture transmissions that contain passwords.
Replay Attack
Protocol analyzer
Packet filtering
Cybercriminals
6. Type of software attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.
Replay Attack
Distributed
BioMetric devices
Data
7. Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.
CCTV
Blacklisting Software
Proximity reader
Replay
8. ____ can be prewired for electrical power as well as wired network connections.
Locking Cabinets
Private
IEEE 802.1x
Association request
9. A method for confirming users' identities
Authentication
Phishing
Replay
Worm
10. Peering over the shoulder of someone to see the contents on that person's computer or cell phone screen.
Session hijacking
Content filtering
Spyware
Shoulder Surfing
11. Software attack using special monitoring software to gain access to private communications on the network wire or across a wireless network. (aka sniffing attack)
Electronic Activist (hacktivist)
Role
Identity Theft
Eavesdropping Attack
12. A threat that originates from outside the company. (ex. power failure.)
External Threat
Phishing
Subject
Client_Hello
13. An attacker motivated by the ideology to attack computer or infrastructure networks.
Social engineering
Cyberterrorist
Tailgate sensors
Distributed storage
14. An attack that targets a computer's physical components and peripherals. (ie. hard disk - motherboard - cabling - etc.)
Router
Backup frequency
Content inspection
Hardware Attack
15. An attack that sends unsolicited messages to Bluetooth-enabled devices.
Bluejacking
Blacklisting Software
Dumpster Diving
Replay Attack
16. An authentication protocol that operates over PPP and that requires the authenticator to take the first step by offering the other computer a challenge. The requestor responds by combining the challenge with its password - encrypting the new string o
Access Control
CHAP (Challenge Handshake Authentication Protocol)
Hardware Attack
Ciphertext
17. An attack that accesses unauthorized information from a wireless device through a Bluetooth connection - often between cell phones and laptop computers.
Authentication request
Symmetric encryption
DAC
Bluesnarfing
18. A ____ is designed to separate a nonsecured area from a secured area.
Three-Way Handshake
Mantrap
Logic Bomb
DAC
19. If a user typically accesses his bank's Web site from his home computer on nights and weekends - then this information can be used to establish a ____ of typical access.
Phishing
Electronic Vandal
computer footprint
Cyber Theft
20. It is able to code and decode data
Authentication
Virtualization
Symmetric encryption
Malicious code
21. Use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.
Tailgate sensors
Load balancing
Stateless Firewall
Cyberstalking/Harassment
22. Often used for managing user access to one or more systems.
Spear Phishing
Electronic Activist (hacktivist)
Stateless Firewall
Rule Based Access Control
23. Considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.
Access Control
Role Based Access Control
War Driving
Electronic eavesdropping
24. Magnetic tape drives - hard drives - optical media (CD or DVD) - solid-state media (flash drives or SD)
Boot
Backup frequency
DNS Log
Media for backups
25. Provides a greater degree of security by implementing port-based authentication.
Tailgate sensors
Environmental Threat
Phishing
IEEE 802.1x
26. A private key and public key
NAT
BioMetric devices
What is asymmetic encryption?
Malicious code
27. A technique for crashing by sending too much data to the buffer in a comuter's memory
Protocol analyzer
Physical security access control measures
Bluejacking
Buffer Overflow
28. The action that is taken by the subject over the object is called a ____.
Tailgating
Operation
Token
Rule Based Access Control
29. The Chinese government uses _____ to prevent Internet content that it considers unfavorable from reaching its citizenry.
Prevention and detection
DNS poisoning
Authentication request
ACL (Access Control List)
30. When organizations use software that filters content to prevent the transmission of unauthorized information
Dwell Time
Content filtering
Resident
DLP
31. Content filtering - encryption - firewalls
Prevention and detection
70
Denial of service attack
PAT
32. A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.
Eavesdropping Attack
Password
EAP
ACL (Access Control List)
33. A program or device that can monitor data traveling over a network. Sniffers can show - all the data being transmitted over a network - including passwords and sensitive information - tends to be a favorite weapon in the hacker's arsenal
Loop Protection
Proximity reader
Sniffer
Stateful Firewall
34. Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker. <dumpster diving - or looking through people's trash - etc>
Drive-by Download
PAT
Social engineering
DNS poisoning
35. A standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.
Reverse proxy
Symmetric encryption
Access Control
Geometric variance
36. Could become a key element in authentication in the future.
Cognitive biometrics
Token
DNS Log
Distributed Denial of Service (DDoS)
37. The most restrictive access control model is ____.
Bluesnarfing
Mandatory Access Control
Virtualization
Vishing
38. The signal from an ID badge is detected as the owner moves near a ____ - which receives the signal.
SYN Flood
Proximity reader
White Hat
Impersonation
39. Hides inside other software - usually as an attachment or a downloadable file
Spimming
Token
Spear Phishing
Trojan-horse virus
40. Hacker who exposes vulnerabilities for financial gain or malicious purpose.
Black Hat
Authentication request
Mandatory Access Control
Router
41. A security analysis of the transaction within its approved context.
Rainbow Tables
Insiders
Amart card
Content inspection
42. Attack computer systems by transmitting a virus hoax - with a real virus attached. By masking the attack in a seemingly legitimate message - unsuspecting users more readily distribute the message and send the attack on to their co-workers and friends
Mantrap
Dwell Time
Hoaxes
Data
43. Holds the promise of reducing the number of usernames and passwords that users must memorize.
Challenge
SSO
Federated identity management
Three-Way Handshake
44. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e
Testing
Security
Physical security access control measures
Client_Hello
45. Pretending to be another person.
DNS Log
Authentication
Impersonation
DNS
46. Related to the perception - thought process - and understanding of the user.
LDAP injection
Cyberbullying
Cognitive biometrics
Physical security access control measures
47. ____ involves horizontally separating words - although it is still readable by the human eye.
Content inspection
Script Kiddie
Word Splitting
Sniffer
48. When DNS servers exchange information among themselves it is known as a ____.
Cipher locks
Scatternet
Zone transfer
Evil Twin
49. Users who access a Web server are usually restricted to the ____ directory.
ACL
Cybercriminals
Mouse Trapping
Root
50. A type of virus that spreads itself - not only from file to file - but also from computer to computer - do not need to attach to anything to spread and can tunnel themselves into computers.
Worm
Speech recognition
Man-in-the-Middle Attack
Man-made Threat
