Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Proxy or application gateway
The data link layer
Hubs
Stateless packet filter

2. Network scanner.
Nmap
Social engineering
TFTP
The session layer

3. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Datagram length of a UDP packet
ATM work
When setting up a virtual circuit
Parasitic malware

4. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
IDS not
the application layer
Some NIDS topology limitations
Denial of service

5. Provides insight into the tactics - motives - and attacker tools
Some honeypot advantages
Network stumbler
The data link layer
Some firewall challenges

6. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
Bridge
The presentation layer
Some reasons to use UDP over TCP

7. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
Some reasons to use UDP over TCP
What primary threats should be protected against
The network layer
The OSI Protocol Stack

8. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Vulnerabilities
Risk
Stateful firewall
The data link layer

9. One is for talking - one is for implementing
What ways should the crypto key be protected?
Permutation
The difference in stacks
What range is a class A network?

10. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
What's a VLAN
DDoS attack
TFTP
Types of viruses

11. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Proxy or application gateway
Trap door
Race conditions
Social engineering

12. Message in its encrypted form
OS Command Injection defenses
Ciphertext
When implementing protocols - what stack should be used?
Some reasons to use TCP over UDP

13. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
What ways should the crypto key be protected?
The three goals of security
DDoS attack
Honeypot

14. Syn - Syn/Ack - Ack
Firewall
To establish a TCP session
Proxy or application gateway
Some firewall challenges

15. Known - unknown - zero day
Overview of TCP
ACK piggybacking
What categories do vulnerabilities fall into?
Trojan horse

16. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
NIDS challenges
NIDS advantages
To establish a TCP session
Datagram length of a UDP packet

17. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Defense in depth
IDS data normalization
Some disadvantages of honeypots
Deep packet inspection

18. True positive - false positive - true negative - false negative
A network protocol
What range is a class B network?
The four types of events reported by IDS
Some network design objectives

19. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
A netcat listener
Bridge
Some FTP dangers
The Information Centric defense in depth

20. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
Some honeypot advantages
Address Resolution Protocol (ARP)
War Dialing

21. Confidentiality - integrity - availability
Permutation
Overview of TCP
The CIA triad
Parasitic malware

22. destruction of data - leaking confidential information - providing backdoor access
Worms
Some malware capabilities
Social engineering
Some types of malicious code

23. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
Checksum in UDP
Ack Piggybacking
Port scan

24. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
LAN
DDoS attack
NAC
Port scan

25. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Router
Internet
The OSI model
Buffer overflow

26. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Logic bomb
The data link layer
Some NIDS topology limitations
Network stumbler

27. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
The Uniform Protection to defense in depth
Router
Remote maintenance
File integrity checking work

28. Infects MBR - no network spreading potential
Boot record infector
Types of ATM virtual circuits
IDS
Honeypot

29. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
The five threat vectors
The Information Centric defense in depth
Shallow packet inspection
The threat vector analysis in defense in depth

30. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
What categories do vulnerabilities fall into?
Proxy or application gateway
SQL Slammer Worm
Nmap scanning techniques

31. Confidentiality - symmetric encryption
LAN
Deep packet inspection
Some other UDP based protocols
The goals of cryptography

32. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
What categories do vulnerabilities fall into?
File integrity checking work
Macro virus

33. Uniform protection - protected enclaves - information centric - threat vector analysis
Proxy or application gateway
Some malware propagation techniques
The four basic approaches to defense in depth
Some external threat concerns

34. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
LAN
A blind FTP
The CIA triad
Some reasons to use TCP over UDP

35. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Logic bomb
Some common UDP ports
NIDS challenges
Some reasons to use UDP over TCP

36. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Nmap scanning techniques
Stateless packet filter
The four basic approaches to defense in depth
The data link layer

37. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Some common UDP ports
Risk
What range is a class B network?
The difference in stacks

38. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
EXE program infector
Trojan horse
Log monitoring work?
The different cable categories

39. It makes sure the data sent from one side to the other is in a format useful to the other side
ACK piggybacking
The Uniform Protection to defense in depth
Some common TCP ports
The presentation layer

40. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
WAN
Proxy or application gateway
Defense in depth
Denial of service

41. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Some FTP dangers
Group
What range is a class A network?
Some firewall challenges

42. Attaches itself to existing program files and activated when the exe is launched
Program infector
Bus Topology
Trap door
Some common TCP ports

43. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Deep packet inspection
Boot record infector
What's a VLAN
War Dialing

44. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Asynchronous Transfer Mode
The Information Centric defense in depth
Logic bomb
Nmap

45. Going around with equipment to detect wireless networks
Wardriving
Browsing attack
Some ways to bypass firewall protections
Shallow packet inspection

46. Confidentiality - integrity - availability
The three goals of security
A network protocol
Router
Stateful firewall

47. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
PAN
EXE program infector
Brute force
Kismet

48. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
File integrity checking work
Some firewall benefits
CIDR
Anomaly analysis work

49. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

50. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
Permutation
File Integrity checking work
Some common TCP ports
Some firewall benefits