IT Security

Create an image showcasing a digital padlock symbolizing security, with elements representing network infrastructure, such as servers and cloud icons, set against a technology-themed background.

IT Security Knowledge Quiz

Test your knowledge with our comprehensive IT Security Quiz! This quiz consists of 35 questions covering essential concepts in cybersecurity, network protocols, and risk management.

  • Multiple choice and checkbox questions
  • Learn about the CIA Triad, network vulnerabilities, and security protocols
  • Score your knowledge and improve your understanding of IT security
35 Questions9 MinutesCreated by AnalyzingSword42
Based on the highlighted portion of the captured packet below, what protocol is being carried as payload within this IP packet? 4500 0064 0000 4000 4001 b755 c0a8 0101
IP
UDP
TCP
ICMP
None
Security goals are a balancing act between 3 key elements. What are these 3 elements?
Security, Integrity, Functionality
Security, Ease of Use, Functionality
Availability, Ease of Use, Functionality
Confidentiality, Security, Ease of Use
Confidentiality, Integrity, Availability
Which the vulnerabilities listed below is considered the hardest to secure against?
Low physical security
Active services
Open ports
The human element
Bad passwords
Which of the following is NOT a part of the Computer Security CIA Triad?
Confidentiality
Ease of Use
Availability
Integrity
Accountability
In security environments, Authentication refers to:
Confirming your identify with an element unique to the individual
Supplying your identity
Using your identity to assign access rights
Tracking what users are doing while accessing the systems
None of the above
The TCP three-way handshake used to open a TCP connection uses 3 packets. What 2 flags are required to be set across these 3 packets? (Select all that apply)
SYN Flag
Payload Flag
FIN Flag
ACK Flag
RST Flag
Which one of the tools below can be used as an effective vulnerability scanner?
Nmap
Snort
Nessus
Nmap
Tcpdump
What security term, coined by the SANS institute, is used to represent the optimal information security strategy?
Separation of Privileges
Principle of Least Privileges
Defence in Depth
Security through obscurity
All of the above
Which of the CIA Triad elements is responsible for ensuring that personal information is not disclosed to unauthorized users?
Availability
Confidentiality
Integrity
Accountability
Ease of Use
___ reconnaissance is used by hackers for observing and learning about the target from afar, while _____ reconnaissance is used to gain more active and direct knowledge of the target.
Active, Passive
Passive, Active
Active, Submissive
Positive, Active
None of the above
A threat must have a vulnerability to be effective. Security is concerned about threats & vulnerabilities related to:
Users
Network Infrastructure / systems
Operating Systems & services
Configuration Management
All of the above
When using a packet sniffer like TCPDump or Wireshark, what parts of the packet can the software access & display? (Select all that apply)
IP header content
Layer 4 header (TCP, UDP, ICMP, etc) content
Payload
MAC Address
All of the above
The TCP three-way handshake used to close a TCP connection uses 3 packets. What 2 flags are required to be set across these 3 packets? (Select all that apply)
SYN Flag
Payload Flag
FIN Flag
ACK Flag
RST Flag
Based on the highlighted portion of the captured packet code below, what network protocol is being used? 4500 0064 0000 4000 4001 b755 c0a8 0101
TCP
ICMP
UDP
IP
ARP
Which of the following security goals provides a method for objective verification of a user’s identity?
Authorization
Authentication
Verification
Identification
Clarification
The ICMP protocol is specifically designed to:
Check & report on network error conditions
Generate networking stats
Control traffic flow across networks
Track end-to-end connectivity
None of the above
A closed port will respond to a SYN Packet with a(n) RST packet
True
False
If you run password crackers or packet sniffers on the company network, which of the following is required?
Encrypt or Destroy cracked passwords
E-mail users using inappropriate software on the network to inform them you know
Don't crack passwords that meet the company's password policy
Get permission from management first
All of the above
Computer A wishes to open a TCP session with Computer B. If Computer A's initial sequence number is 145678913, then Computer B will respond with:
A randomly generated initial sequence number of its own and an acknowledgement number of 145678914
A randomly generated initial sequence number of its own and no acknowledgement number since no data was received
Only an acknowledgment number of 145678914
Only an acknowledgement number of 145678913
A randomly generated initial sequence number of its own and a randomly generated acknowledgement number
Your system receives a few packets, but no connection seems to be established. When you look at the logs, you notice you received a few SYN packets, immediately followed by RST packets, but no ACK packets. Which of the following best explains this behavior?
SYN Stealth Open Port scan from Nmap
XMAS Open Port scan from Nmap
Hacker trying to identify the O/S running on a port
TCP/IP stack has failed
None of the above
From the perspective of Risk Management, security can be defined as:
Ensuring the company so that security incidents don’t cost the organization a lot
Reducing / minimizing the risks to the organization and its assets to an acceptable level
Protecting the organization’s assets
All of the above
None of the above
Which of the following methods allows for determining the O/S a company is using?
Search the Web for e-mail addresses of IT employees
Connect via telnet to the company’s Web server
Ping the URL and analyze the ICMP messages
Use the ipconfig /os command
None of the above
The loss of one of the goals of security through an incident is known as a:
Hole
Vulnerability
Risk
Compromise
Threat
The phrase “No Tech Hacking” refers to:
The ability to acquire technical information without the need for technical tools
The ability to hack technical systems without technology
Hacking systems with antique technology
The ability some people have to hack without knowing much about technology
None of the above
In Security term, Authorization refers to:
Confirming your identity with a element unique to the person
Tracking what users are doing while accessing the systems
Supplying your identity when asked
Using your validated identity to assign access rights
None of the above
A fragmented IP datagram is only reassembled by:
The router closest to the destination
Any router along the path when the MTU changes to permit a larger datagram
By the destination host
By the application processing the information datagram
None of the above
A weakness in a computer system, or a point where the system is susceptible to attack. The weakness could be exploited to violate system security. This is the definition of a(n)
Exploit
Vulnerability
Threat
Risk
Hole
In order for a packet sniffer to work properly, it needs to put the NIC card into _____ mode
Listening
Active
Promiscuous
Normal
None of the above
In the TCP/IP stack, the ____ layer is concerned with physically moving electrons across a media or wire.
Internet
Network
Transport
Physical
Application
__ is designed as a connectionless protocol
ICMP
TCP
UDP
FTP
None of the above
Which of the following statements about session hijacking is false?
Most computers are vulnerable to this form of attack
Hijacking is not easy to prevent
Hijacking is very dangerous
Hijacking is quite simple with the proper tools at hand
If the session hijacking attempt fails, a hacker can keep trying until he gets it right
Each TCP connection on a given system can be uniquely identified by:
Source and Destination IP
Source and Destination port
Sequence Number
Connection Number
A and B
Natural disasters - I.e. earthquakes, flooding - are not considered a threat to security.
True
False
A ___ attaches itself to a program or file so it can spread from one computer to another with the file as it travels, leaving infections as it travels.
Worm
Trojan
Virus
Rootkit
None of the above
___ spread from computer to computer, but unlike other malware, it has the ability to travel and replicate itself without any user intervention.
Worm
Trojan
Virus
Rootkit
None of the above
{"name":"IT Security", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge with our comprehensive IT Security Quiz! This quiz consists of 35 questions covering essential concepts in cybersecurity, network protocols, and risk management.Multiple choice and checkbox questionsLearn about the CIA Triad, network vulnerabilities, and security protocolsScore your knowledge and improve your understanding of IT security","img":"https:/images/course5.png"}
Powered by: Quiz Maker