Test your basic knowledge |

Information Security

Subject : it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. If a password is communicated across a network to log on to a remote system - it is vulnerable to ______.
Electronic eavesdropping
Token
Firewall logs
IEEE 802.1x

2. These attacks may allow an attacker to construct LDAP statements based on user input statements.
LDAP injection
DNS poisoning
Cloud computing
ACL

3. The ____ attack will slightly alter dictionary words by adding numbers to the end of the password - spelling words backward - slightly misspelling words - or including special characters such as @ - $ - ! - or %.
Man-in-the-Middle Attack
Smurf Attack
Hybird
Replicating

4. In the context of SSL encryption - a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher (for e
Router
Honeypot
Client_Hello
Brute Force Attack

5. Below 40% or above 50%
Distributed
Evil Twin
PAT
Extreme Humidity

6. A security attack in which an internet user sends commands to another internet user's machine that cause the screen to fill with garbage characters. A flashing attack causes the user to terminate her session.
Boot
GIF Layering
DLP
Flashing

7. An independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it.
Man-made Threat
IEEE 802.1x
Natural Threat
Roller barrier

8. Attack computer systems by transmitting a virus hoax - with a real virus attached. By masking the attack in a seemingly legitimate message - unsuspecting users more readily distribute the message and send the attack on to their co-workers and friends
Logic Bomb
Content inspection
Hoaxes
Testing

9. ____ involves horizontally separating words - although it is still readable by the human eye.
What is asymmetic encryption?
Word Splitting
Stateless Firewall
Distributed Denial of Service (DDoS)

10. A ____ means that the application or service assigned to that port is listening for any instructions.
Mantrap
Backup scope
Open Port
Cracker

11. The action that is taken by the subject over the object is called a ____.
Bluejacking
Scatternet
Operation
DNS Log

12. A method for confirming users' identities
Standard biometrics
Cognitive biometrics
Cybercriminals
Authentication

13. Broadcast storms can be prevented with ____.
Virtualization
Role Based Access Control
Loop Protection
ICMP Flood

14. A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.
Script Kiddie
Logic Bomb
White box
Cyber Theft

15. In a ____ attack - attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.
DAP
Three-Way Handshake
Distributed
Port Scanner

16. A user under Role Based Access Control can be assigned only one ____.
Content inspection
Packet filtering
Role
DMS (Demilitarized Zone)

17. Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident <tell people passwords - etc>
Insiders
Dumpster Diving
Replicating
70

18. The process of verifying that your backups actually work
Testing
Standard biometrics
Cybercriminals
Dwell Time

19. A pay-per-use computing model in which customers pay only for the computing resources they need.
Phishing
Cloud computing
Blacklisting Software
Amart card

20. ____ are a loose-knit network of attackers - identity thieves - and financial fraudsters.
Drive-by Download
Whaling
Cybercriminals
Web security gateway

21. The weakness of passwords centers on ____.
Account expiration
Dwell Time
Stateful Firewall
Human memory

22. A firewall capable only of examining packets individually. Stateless firewalls perform more quickly than stateful firewalls - but are not as sophisticated.
Prevention and detection
Stateless Firewall
Impersonation
Sniffer

23. Has limited technical knowledge and is motivated by a desire to gain and display technical skills.
Script Kiddie
WEP (Wired Equivalent Privacy)
Testing
Flaming

24. Can use fingerprints or other unique characteristics of a person's face - hands - or eyes (irises and retinas) to authenticate a user.
Standard biometrics
Eavesdropping Attack
Stateful Firewall
Honeypot

25. Permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site.
Evil Twin
Wireless VLANs
OAuth
Session hijacking

26. Pretending to be another person.
Impersonation
Natural Threat
Digital Certificate
Server-Side

27. Countless requests for a TCP connection sent to an FTP server - web server - or system attached to the internet.
SYN Flood
DMS (Demilitarized Zone)
Honeynet
Amart card

28. ____ uses "speckling" and different colors so that no two spam e-mails appear to be the same.
Man-in-the-Middle Attack
Geometric variance
Speech recognition
Brute Force Attack

29. The identification of a user based on a physical characteristic - such as a fingerprint - iris - face - voice - or handwriting
Offline cracking
Session hijacking
Spimming
Biometrics

30. The unique data block that results when an original piece of data (such as text) is encrypted (for example - by using a key.)
CHAP (Challenge Handshake Authentication Protocol)
Ciphertext
Insiders
Adware

31. The process of giving someone permission to do or have something
Content inspection
Spear Phishing
Authorization
Impersonation

32. How often you perform your backups (cost-benefit analysis of backing up)
Backup frequency
CCTV
Open Port
Cipher locks

33. An attempt to discover an encryption key or password by trying numerous possible character combinations. usually - a brute force attack is performed rapidly by a program designed for that purpose.
Brute Force Attack
Phishing
Black Hat
Physical security access control measures

34. The perimeter of a protected - internal network where users - both authorized and unauthorized - from external networks can attempt to access it. Firewalls and IDS/IPS systems are typically placed in the DMZ.
Adware
Root
Content filtering
DMS (Demilitarized Zone)

35. Malicious or accidental threats by employees. (ex. door to secure building left propped open.)
Internal Threat
Brute Force
Shoulder Surfing
TCP/IP

36. A security analysis of the transaction within its approved context.
Content inspection
RADIUS
Flashing
Cipher locks

37. Magnetic tape drives - hard drives - optical media (CD or DVD) - solid-state media (flash drives or SD)
NAT
Replay
Media for backups
Server-Side

38. Software attack using special monitoring software to gain access to private communications on the network wire or across a wireless network. (aka sniffing attack)
Eavesdropping Attack
Federated identity management
Cyberstalking/Harassment
RADIUS

39. These accounts are user accounts that remain active after an employee has left an organization.
Root
ICMP Flood
Loop Protection
Orphaned

40. Securing a restricted area by erecting a barrier is called ____.
Firewall logs
70
DLP
Fencing

41. A variety of threats such as viruses - worms - and Trojan horses
Malicious code
Security
CCTV
Mouse Trapping

42. The time it takes for a key to be pressed and then released.
Root
Orphaned
Dwell Time
Drive-by Download

43. An attacker slips through a secure area following a legitimate employee.
Subject
Kerberos
Ciphertext
Tailgating

44. Can be accidental or intentional - internal or external. (ex. back-hoe operator performing legitimate construction cuts cables leading into a facility.)
Malicious code
MPack
Man-made Threat
Replay

45. Scrambles information into an alternative form that requires a key or password to decrypt the information
Private
Server-Side
Information security
Encryption

46. It accepts spoken words for input as if they had been typed on the keyboard.
Spyware
Three-Way Handshake
Eavesdropping Attack
Speech recognition

47. The ____ model is the least restrictive.
Adware
DAC
SSO
Resident

48. An attack that sends unsolicited messages to Bluetooth-enabled devices.
Bluejacking
Loop Protection
Zone transfer
Replicating

49. Sending or posting harmful or cruel text or images using the internet or other digital communication devices.
Rogue
Cyberbullying
Offline cracking
Cipher locks

50. The set of letters - symbols - and characters that make up the password are known as a ____ set.
White box
Character
Flashing
Tailgating