SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Group
Deep packet inspection
The five threat vectors
What categories do vulnerabilities fall into?
2. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
Program infector
Log monitoring work?
A netmask
3. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
The CIA triad
Rotation?
Asynchronous Transfer Mode
Some disadvantages of honeypots
4. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Some malware propagation techniques
Defense in depth
Trojan horse
Deep packet inspection
5. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some ways to bypass firewall protections
Brute force
Wardriving
Rotation?
6. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
DDoS attack
3-way handshake
Datagram length of a UDP packet
CIDR
7. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
NIDS advantages
Vulnerabilities
EXE program infector
OS Command Injection defenses
8. The practice of sending an ACK inside another packet going to the same destination
Some firewall benefits
What primary threats should be protected against
Bus Topology
ACK piggybacking
9. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
The TCP/IP model
TFTP
IDS
Macro virus
10. Handles transmissions across the physical media like wires - fiber - etc
Race conditions
EXE program infector
IDS data normalization
The physical layer stack
11. logic bomb - trojan horse - trap door
The network layer
The data link layer
Some types of malicious code
3-way handshake
12. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
The four types of events reported by IDS
Some Pen Test techniques
Permutation
Some common UDP ports
13. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Total cell size for asynchronous transfer mode (ATM)
Honeyd
The four basic approaches to defense in depth
Some FTP dangers
14. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Types of ATM virtual circuits
Ciphertext
Address resolution protocol
ACK piggybacking
15. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
File integrity checking work
OS Command Injection defenses
WAN
The Information Centric defense in depth
16. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
ACK piggybacking
Social engineering
Buffer overflow
The five threat vectors
17. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
Snort
A netmask
Types of ATM virtual circuits
18. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
A blind FTP
Checksum in UDP
The Information Centric defense in depth
LAN
19. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
The conficker worm
SYN flood
Group
Datagram length of a UDP packet
20. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
To establish a TCP session
The protected enclave to defense in depth
Router
The different cable categories
21. Intellectual property - business goals - validated data - historical
Hubs
What threats should be protected against - based on threat levels
Switches
Some types of malicious code
22. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Wardriving
Address Resolution Protocol (ARP)
Deep packet inspection
The OSI model
23. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Trojan horse
Rotation?
Stateless packet filter
Network stumbler
24. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
LAN
Some common TCP ports
Alteration of code
Rootkit
25. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
What primary threats should be protected against
The Information Centric defense in depth
Router
SQL Slammer Worm
26. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
WAN
Firewall
Some NIDS topology limitations
Parasitic malware
27. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Types of viruses
Kismet
A network protocol
Smurf attack
28. Provides insight into the tactics - motives - and attacker tools
Browsing attack
Some honeypot advantages
Some malware propagation techniques
The session layer
29. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
PAN
Router
Log monitoring work?
Hping
30. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
What's an easy way to test encryption?
Integrity of Data
Wardriving
Proxy or application gateway
31. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
Log monitoring work?
Race conditions
The network layer
Risk
32. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Anomaly analysis work
Proxy or application gateway
PAN
Nmap scanning techniques
33. Connects many WANs - MANs - and LANs - provided via ISP
Internet
The different cable categories
When implementing protocols - what stack should be used?
Buffer overflow
34. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Snort
Social engineering
PAN
Shallow packet inspection
35. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
the application layer
Honeypot
Race conditions
The five threat vectors
36. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
A netmask
Port scan
Worms
Some firewall benefits
37. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
OS Command Injection defenses
Some NIDS topology limitations
NIDS challenges
Some reasons to use TCP over UDP
38. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
The goals of cryptography
PAN
IDS signature analysis work
Worms
39. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
IDS signature analysis work
Switches
When talking about protocols and referencing layers - what stack is used
Some common UDP ports
40. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
What range is a class A network?
A netmask
Proxy or application gateway
The OSI model
41. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Bridge
IDS not
Group
File integrity checking work
42. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Router
Plaintext
What range is a class C network?
Some firewall challenges
43. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
44. fast - with little fidelity - examines header information and limited payload data
Anomaly analysis work
Shallow packet inspection
To establish a TCP session
The TCP/IP model
45. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
The Uniform Protection to defense in depth
Hping
Arbitrary substitution
COM/Script program infector
46. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
War Dialing
Multi protocol label switching
PAN
Social engineering
47. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When setting up a virtual circuit
Types of ATM virtual circuits
Some disadvantages of honeypots
The transport layer
48. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Race conditions
Risk
Ack Piggybacking
Browsing attack
49. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
The data link layer
Some reasons to use TCP over UDP
The OSI Protocol Stack
A netcat listener
50. FIN 130 - ACK 131 - FIN 570 - ACK 571
What range is a class A network?
Some firewall benefits
To close a TCP session
Honeypot