Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The ____ attack will slightly alter dictionary words by adding numbers to the end of the password - spelling words backward - slightly misspelling words - or including special characters such as @ - $ - ! - or %.






2. Broadcast storms can be prevented with ____.






3. Permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site.






4. An attacker redirects an IP address to the MAC address of a computer that is not the intended recipient.






5. A framework for transporting authentication protocols instead of the authentication protocol itself.






6. An attempt to discover an encryption key or password by trying numerous possible character combinations. usually - a brute force attack is performed rapidly by a program designed for that purpose.






7. A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.






8. It is able to code and decode data






9. Software written with malicious intent to cause annoyance or damage - need to attach to something (such as an executable file)






10. An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server.






11. An attack that uses multiple computers on disparate networks to launch an attack from multiple hosts simultaneously.






12. A threat to networked hosts in which the host is flooded with broadcast ping messages. A _____ _____ is a type of denial-of-service attack.






13. ____ is an attack in which an attacker attempts to impersonate the user by using his session token.






14. Holds the promise of reducing the number of usernames and passwords that users must memorize.






15. ____ are a loose-knit network of attackers - identity thieves - and financial fraudsters.






16. ____ uses "speckling" and different colors so that no two spam e-mails appear to be the same.






17. A technique for crashing by sending too much data to the buffer in a comuter's memory






18. An attack that sends unsolicited messages to Bluetooth-enabled devices.






19. A system of security tools that is used to recognize and identify data that is critical to the organization and ensure that it is protected.






20. The breadth of your back-up (what types of files you will back up-media - documents - OS - etc)






21. Wants to cause as much damage as possible - without a particular target or goal.






22. ____ attacks are responsible for half of all malware delivered by Web advertising.






23. The set of letters - symbols - and characters that make up the password are known as a ____ set.






24. ____ IP addresses are IP addresses that are not assigned to any specific user or organization.






25. A type of virus that spreads itself - not only from file to file - but also from computer to computer - do not need to attach to anything to spread and can tunnel themselves into computers.






26. An authentication process that involves three steps.






27. Below 40% or above 50%






28. Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker. <dumpster diving - or looking through people's trash - etc>






29. Software attack using special monitoring software to gain access to private communications on the network wire or across a wireless network. (aka sniffing attack)






30. The act of driving while running a laptop configured to detect and capture wireless data transmissions.






31. Suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.






32. Ensures that messages are not corrupt or tampered with






33. Could become a key element in authentication in the future.






34. When a device receives a beacon frame from an AP - the device then sends a frame known as a ____ frame to the AP.






35. Web application attacks are considered ____ attacks.






36. Password and BioMetric






37. The perimeter of a protected - internal network where users - both authorized and unauthorized - from external networks can attempt to access it. Firewalls and IDS/IPS systems are typically placed in the DMZ.






38. Using a single authentication credential that is shared across multiple networks.






39. In a ____ attack - attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.






40. An attack that intercepts legitimate communication between two victims and captures - analyzes and possibly alters the data packets before sending a fake reply.






41. Lock - conduit - card key - video equipment - secured guard






42. An attack that accesses unauthorized information from a wireless device through a Bluetooth connection - often between cell phones and laptop computers.






43. An attacker slips through a secure area following a legitimate employee.






44. Magnetic tape drives - hard drives - optical media (CD or DVD) - solid-state media (flash drives or SD)






45. ____ involves horizontally separating words - although it is still readable by the human eye.






46. The geographical storage of your backups-safest place is a different place from where you keep your actual data






47. Can also capture transmissions that contain passwords.






48. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e






49. Tools used to configure ________: WEP - WPA - MAC address filtering - SSID broadcasting - wireless antennae






50. To create a rainbow table - each ____ begins with an initial password that is encrypted.