SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. True positive - false positive - true negative - false negative
Ack Piggybacking
Browsing attack
Some other UDP based protocols
The four types of events reported by IDS
2. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Arbitrary substitution
ACK piggybacking
The five threat vectors
Proxy or application gateway
3. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Port scan
What threats should be protected against - based on threat levels
Address Resolution Protocol (ARP)
Datagram length of a UDP packet
4. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Parasitic malware
Network stumbler
Buffer overflow
Switches
5. Trying to ID modems in a telephone exchange that may be susceptible to compromise
NIDS challenges
The network layer
War Dialing
Proxy or application gateway
6. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Ack Piggybacking
Port scan
File Integrity checking work
What range is a class C network?
7. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
The four types of events reported by IDS
CIDR
File Integrity checking work
Parasitic malware
8. It makes sure the data sent from one side to the other is in a format useful to the other side
Multi protocol label switching
What range is a class A network?
Permutation
The presentation layer
9. The Practice of sending an ACK inside another packet going to the same destination
Bus Topology
Asynchronous Transfer Mode
Anomaly analysis work
Ack Piggybacking
10. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
HIDS monitor
PAN
Risk
Types of viruses
11. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
The goals of cryptography
The Information Centric defense in depth
Some external threat concerns
Remote maintenance
12. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The physical layer stack
The network layer
OS Command Injection defenses
Firewall
13. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Address resolution protocol
What primary threats should be protected against
Some network design objectives
Some NIDS topology limitations
14. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
The transport layer
Bridge
What categories do vulnerabilities fall into?
No State Inspection ACK flag set
15. Relies on executable code insertion and user interaction to spread
Some reasons to use TCP over UDP
UDP packet headers
Parasitic malware
ACK piggybacking
16. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Permutation
Some common TCP ports
Some network design objectives
The network layer
17. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
What's a VLAN
Proxy or application gateway
Group
Integrity of Data
18. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
When talking about protocols and referencing layers - what stack is used
ACK piggybacking
Some types of malicious code
19. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
OS Command Injection defenses
ATM work
Log monitoring work?
SYN flood
20. Syn - Syn/Ack - Ack
Checksum in UDP
Anomaly analysis work
Some other UDP based protocols
To establish a TCP session
21. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
MAN
The four types of events reported by IDS
3-way handshake
Overview of TCP
22. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
The protected enclave to defense in depth
What range is a class C network?
Vulnerabilities
Integrity of Data
23. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Hping
Some FTP dangers
The goals of cryptography
Bridge
24. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
The OSI model
Hubs
A netcat listener
Some common TCP ports
25. An attempt to gain access by bombarding it with guesses until the password is found.
Some ways to bypass firewall protections
NIDS advantages
Remote maintenance
Brute force
26. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Some common UDP ports
The five threat vectors
TFTP
Ack Piggybacking
27. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Trojan horse
Some Pen Test techniques
A network protocol
Integrity of Data
28. Infects MBR - no network spreading potential
Boot record infector
Some FTP dangers
What's a VLAN
The protected enclave to defense in depth
29. destruction of data - leaking confidential information - providing backdoor access
Brute force
Snort
Some malware capabilities
The TCP/IP model
30. Bits of code embedded in programs to quickly gain access at a later time
Trap door
The different cable categories
Wardriving
The Uniform Protection to defense in depth
31. Handles transmissions across the physical media like wires - fiber - etc
Permutation
Port scan
Some honeypot advantages
The physical layer stack
32. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
When implementing protocols - what stack should be used?
Some common TCP ports
Log monitoring work?
Some types of malicious code
33. Confidentiality - integrity - availability
The physical layer stack
The three goals of security
Brute force
The five threat vectors
34. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Trojan horse
When implementing protocols - what stack should be used?
What categories do vulnerabilities fall into?
Some disadvantages of honeypots
35. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Race conditions
Some external threat concerns
Address Resolution Protocol (ARP)
What's a VLAN
36. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Bridge
Logic bomb
Some FTP dangers
Datagram length of a UDP packet
37. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Anomaly analysis work
Wardriving
SQL Slammer Worm
Some types of malicious code
38. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
The four types of events reported by IDS
When implementing protocols - what stack should be used?
EXE program infector
Honeypot
39. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
What range is a class A network?
The goals of cryptography
IDS signature analysis work
Buffer overflow
40. The practice of sending an ACK inside another packet going to the same destination
WAN
Bus Topology
ACK piggybacking
Risk
41. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Types of ATM virtual circuits
Rotation?
The physical layer stack
NIDS advantages
42. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Multi protocol label switching
Best way to protect wireless networks
Macro virus
The network layer
43. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
What primary threats should be protected against
Some Pen Test techniques
Multi protocol label switching
IDS not
44. Personal area network - phone tethering - bluetooth - etc
COM/Script program infector
What range is a class A network?
Datagram length of a UDP packet
PAN
45. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Some common TCP ports
Best way to protect wireless networks
Anomaly analysis work
Macro virus
46. Stateful firewalls maintain state of traffic flows
Stateful firewall
Log monitoring work?
WAN
File Integrity checking work
47. Network scanner.
Log monitoring work?
Some Pen Test techniques
DDoS attack
Nmap
48. Malware - insider threat - natural disaster - terrorism - pandemic
What ways should the crypto key be protected?
What range is a class A network?
What primary threats should be protected against
Deep packet inspection
49. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
The session layer
A netmask
The Uniform Protection to defense in depth
What primary threats should be protected against
50. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
What's an easy way to test encryption?
Plaintext
Checksum in UDP
Ciphertext
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests