Test your basic knowledge |

Information Security

Subject : it-skills
Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Form of phishing that targets wealthy individuals.






2. A ____ is designed to separate a nonsecured area from a secured area.






3. Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password - today attackers usually prefer ____.






4. A firewall capable only of examining packets individually. Stateless firewalls perform more quickly than stateful firewalls - but are not as sophisticated.






5. Often used for managing user access to one or more systems.






6. When organizations use software that filters content to prevent the transmission of unauthorized information






7. Ensures that messages are not corrupt or tampered with






8. How secure the data in your backups is-can use physical security or encryption






9. The X.500 standard defines a protocol for a client application to access an X.500 directory called ____.






10. A firewall capable of monitoring a data stream from end to end.






11. Sifting through a company's garbage to find information to help break into their computers






12. A random string of text issued from one computer to another in some forms of authentication. It is used - along with the password (or other credential) - in a response to verify the computer's credentials.






13. These attacks may allow an attacker to construct LDAP statements based on user input statements.






14. If a password is communicated across a network to log on to a remote system - it is vulnerable to ______.






15. How often you perform your backups (cost-benefit analysis of backing up)






16. The time it takes for a key to be pressed and then released.






17. A ____ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system.






18. A ____ can block malicious content in "real time" as it appears without first knowing the URL of a dangerous site.






19. Suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network.






20. Software that can guess passwords






21. The protection of information from accidental or intentional misuse by persons inside or outside an organization






22. A pay-per-use computing model in which customers pay only for the computing resources they need.






23. Using a single authentication credential that is shared across multiple networks.






24. Malicious or accidental threats by employees. (ex. door to secure building left propped open.)






25. Indicates when an account is no longer active.






26. A private key and public key






27. A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.






28. An attack that sends unsolicited messages to Bluetooth-enabled devices.






29. A framework for transporting authentication protocols instead of the authentication protocol itself.






30. Email attack that targets only specific users and has familiar information in it - making it more tempting to click the links in the message.






31. A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.






32. Mass mailings sent as Instant Messages to users. Often these can feature links to explicit porn sites.






33. Forging of the return address on an e-mail so that the e-mail message appears to come from someone other than the actual sender. This is not a virus but rather a way by which virus authors conceal their identities as they send out viruses.






34. A set of permissions that are attached to an object.






35. A ____ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software - such as Trojans - viruses - or worms.






36. Requires that if the fraudulent application of a process could potentially result in a breach of security - then the process should be divided between two or more individuals.






37. A technology that can help to evenly distribute work across a network.






38. An authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users.






39. A ____ attack is similar to a passive man-in-the-middle attack.






40. A user under Role Based Access Control can be assigned only one ____.






41. ____ involves horizontally separating words - although it is still readable by the human eye.






42. It accepts spoken words for input as if they had been typed on the keyboard.






43. Can use fingerprints or other unique characteristics of a person's face - hands - or eyes (irises and retinas) to authenticate a user.






44. Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.






45. Due to the limitations of online guessing - most password attacks today use ____.






46. A method for confirming users' identities






47. A security attack in which an internet user sends commands to another internet user's machine that cause the screen to fill with garbage characters. A flashing attack causes the user to terminate her session.






48. An attack that forces a user to unintentionally click a link.






49. A security analysis of the transaction within its approved context.






50. A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.