SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
Alteration of code
The different cable categories
SQL Slammer Worm
Bridge
2. Confidentiality - integrity - availability
The three goals of security
Worms
Permutation
Proxy or application gateway
3. It handles the establishment and maintenance of connections between systems
The goals of cryptography
Types of ATM virtual circuits
Some malware propagation techniques
The session layer
4. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
Risk
A blind FTP
The transport layer
The four basic approaches to defense in depth
5. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
3-way handshake
COM/Script program infector
Boot record infector
Worms
6. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Total cell size for asynchronous transfer mode (ATM)
A network protocol
The different cable categories
SYN flood
7. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Plaintext
The goals of cryptography
Ciphertext
Some ways to bypass firewall protections
8. destruction of data - leaking confidential information - providing backdoor access
Some other UDP based protocols
Some malware capabilities
A blind FTP
IDS signature analysis work
9. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Some malware propagation techniques
Honeyd
A netcat listener
Proxy or application gateway
10. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
A network protocol
Switches
DDoS attack
11. True positive - false positive - true negative - false negative
Plaintext
Proxy or application gateway
Some network design objectives
The four types of events reported by IDS
12. Uniform protection - protected enclaves - information centric - threat vector analysis
SQL Slammer Worm
Some honeypot advantages
Some types of malicious code
The four basic approaches to defense in depth
13. logic bomb - trojan horse - trap door
NIDS challenges
Some ways to bypass firewall protections
Some types of malicious code
Best way to protect wireless networks
14. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
When setting up a virtual circuit
The Uniform Protection to defense in depth
Group
The network layer
15. A cracking tool inserted into the OS that allows the attacker to do as they please.
Program infector
What range is a class B network?
Some common TCP ports
Rootkit
16. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Network stumbler
SQL Slammer Worm
Total cell size for asynchronous transfer mode (ATM)
Alteration of code
17. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
NIDS advantages
Anomaly analysis work
The OSI Protocol Stack
To close a TCP session
18. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
OS Command Injection defenses
To close a TCP session
Parasitic malware
Denial of service
19. Network scanner.
What's a VLAN
3-way handshake
Nmap
Some types of malicious code
20. Malware - insider threat - natural disaster - terrorism - pandemic
PAN
What primary threats should be protected against
EXE program infector
Logic bomb
21. FIN 130 - ACK 131 - FIN 570 - ACK 571
OS Command Injection defenses
To close a TCP session
Risk
IDS signature analysis work
22. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Trap door
Log monitoring work?
Best way to protect wireless networks
Bus Topology
23. Message in its encrypted form
Anomaly analysis work
MAN
Ciphertext
What range is a class A network?
24. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Some reasons to use TCP over UDP
The OSI model
Kismet
Alteration of code
25. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
Some disadvantages of honeypots
LAN
Honeyd
Bridge
26. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Hping
Ack Piggybacking
What range is a class A network?
Some external threat concerns
27. Unified data carrying service - replacing from replay and ATM
Multi protocol label switching
Some malware capabilities
Some reasons to use UDP over TCP
Some common UDP ports
28. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Some Pen Test techniques
IDS
The OSI model
Network stumbler
29. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Some ways to bypass firewall protections
The Uniform Protection to defense in depth
Stateless packet filter
A netmask
30. The Practice of sending an ACK inside another packet going to the same destination
A netcat listener
Ack Piggybacking
War Dialing
File integrity checking work
31. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
COM/Script program infector
Remote maintenance
The threat vector analysis in defense in depth
Some NIDS topology limitations
32. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Nmap
Vulnerabilities
Race conditions
The protected enclave to defense in depth
33. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
ACK piggybacking
Stateless packet filter
Firewall
Port scan
34. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Alteration of code
No State Inspection ACK flag set
Address resolution protocol
Some Pen Test techniques
35. Syn - Syn/Ack - Ack
File integrity checking work
To establish a TCP session
Honeyd
HIDS monitor
36. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
What ways should the crypto key be protected?
The conficker worm
Remote maintenance
The Uniform Protection to defense in depth
37. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Overview of TCP
Some common UDP ports
the application layer
Deep packet inspection
38. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
The OSI Protocol Stack
Race conditions
Brute force
The Information Centric defense in depth
39. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Address resolution protocol
What range is a class B network?
EXE program infector
Shallow packet inspection
40. Handles transmissions across the physical media like wires - fiber - etc
Bridge
Hubs
The TCP/IP model
The physical layer stack
41. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Logic bomb
When implementing protocols - what stack should be used?
3-way handshake
Some disadvantages of honeypots
42. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Some ways to bypass firewall protections
Hping
When setting up a virtual circuit
The four types of events reported by IDS
43. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Worms
Remote maintenance
Some other UDP based protocols
Some network design objectives
44. Confidentiality - integrity - availability
The CIA triad
What threats should be protected against - based on threat levels
Browsing attack
The data link layer
45. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
IDS data normalization
MAN
The goals of cryptography
the application layer
46. Intellectual property - business goals - validated data - historical
What threats should be protected against - based on threat levels
Wardriving
IDS data normalization
Bridge
47. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
When talking about protocols and referencing layers - what stack is used
A network protocol
NIDS challenges
48. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Trap door
Kismet
The goals of cryptography
Some firewall challenges
49. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
MAN
Social engineering
File Integrity checking work
Port scan
50. Unencrypted message in its original form
Bus Topology
A network protocol
Plaintext
Arbitrary substitution
