SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Program infector
What's an easy way to test encryption?
The CIA triad
The transport layer
2. Intellectual property - business goals - validated data - historical
Browsing attack
What threats should be protected against - based on threat levels
The data link layer
Types of viruses
3. Confidentiality - symmetric encryption
Some Pen Test techniques
Some types of malicious code
The goals of cryptography
Program infector
4. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
What ways should the crypto key be protected?
Some network design objectives
Nmap
Shallow packet inspection
5. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
What range is a class C network?
When implementing protocols - what stack should be used?
Address resolution protocol
Some firewall challenges
6. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
What's an easy way to test encryption?
Datagram length of a UDP packet
Browsing attack
The three goals of security
7. A cracking tool inserted into the OS that allows the attacker to do as they please.
When setting up a virtual circuit
Rootkit
Overview of TCP
Honeyd
8. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
When setting up a virtual circuit
Log monitoring work?
Buffer overflow
The protected enclave to defense in depth
9. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Honeypot
Some external threat concerns
The OSI model
Trojan horse
10. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
The four types of events reported by IDS
Honeyd
Log monitoring work?
Some other UDP based protocols
11. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
the application layer
Remote maintenance
The four basic approaches to defense in depth
A blind FTP
12. The Practice of sending an ACK inside another packet going to the same destination
The four basic approaches to defense in depth
Trojan horse
Some ways to bypass firewall protections
Ack Piggybacking
13. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Kismet
Some network design objectives
The Uniform Protection to defense in depth
The difference in stacks
14. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
NIDS challenges
What range is a class A network?
Program infector
IDS
15. Known - unknown - zero day
What categories do vulnerabilities fall into?
Ciphertext
The threat vector analysis in defense in depth
Network stumbler
16. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Parasitic malware
The Information Centric defense in depth
Some Pen Test techniques
A blind FTP
17. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
The session layer
Vulnerabilities
What primary threats should be protected against
Address Resolution Protocol (ARP)
18. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
NIDS advantages
The five threat vectors
SYN flood
19. Unified data carrying service - replacing from replay and ATM
Plaintext
Internet
Rotation?
Multi protocol label switching
20. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Rootkit
Proxy or application gateway
Types of ATM virtual circuits
The Uniform Protection to defense in depth
21. True positive - false positive - true negative - false negative
Some common UDP ports
Types of ATM virtual circuits
When talking about protocols and referencing layers - what stack is used
The four types of events reported by IDS
22. It handles the establishment and maintenance of connections between systems
The session layer
Hping
Arbitrary substitution
Alteration of code
23. Considered to be a perimeter device
File integrity checking work
Port scan
Boot record infector
Router
24. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
IDS not
Defense in depth
The presentation layer
Nmap
25. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
The data link layer
Deep packet inspection
Anomaly analysis work
Some FTP dangers
26. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The TCP/IP model
Some network design objectives
The four types of events reported by IDS
Integrity of Data
27. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Some firewall benefits
Types of viruses
IDS signature analysis work
Risk
28. destruction of data - leaking confidential information - providing backdoor access
COM/Script program infector
Nmap
Some malware capabilities
Firewall
29. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
The threat vector analysis in defense in depth
Worms
SYN flood
Ack Piggybacking
30. It interacts with the application layer to determine which network services will be required
Nmap
The conficker worm
Anomaly analysis work
the application layer
31. Confidentiality - integrity - availability
IDS signature analysis work
Alteration of code
No State Inspection ACK flag set
The CIA triad
32. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Honeyd
Bus Topology
Parasitic malware
Hubs
33. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
The data link layer
EXE program infector
the application layer
The physical layer stack
34. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The OSI model
Some reasons to use UDP over TCP
SYN flood
Denial of service
35. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
The five threat vectors
Defense in depth
Arbitrary substitution
When setting up a virtual circuit
36. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
What primary threats should be protected against
Hping
Social engineering
Trap door
37. Personal area network - phone tethering - bluetooth - etc
The TCP/IP model
Firewall
Denial of service
PAN
38. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Defense in depth
The threat vector analysis in defense in depth
TFTP
What range is a class C network?
39. The practice of sending an ACK inside another packet going to the same destination
Log monitoring work?
Asynchronous Transfer Mode
ACK piggybacking
the application layer
40. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
File integrity checking work
Some other UDP based protocols
WAN
What's an easy way to test encryption?
41. An attempt to gain access by bombarding it with guesses until the password is found.
What threats should be protected against - based on threat levels
Stateless packet filter
Some types of malicious code
Brute force
42. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Plaintext
Hubs
IDS signature analysis work
Types of ATM virtual circuits
43. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
HIDS monitor
Some firewall benefits
Parasitic malware
Group
44. Intrusion detection system - it reports attacks against monitored systems/networks
A netmask
Some Pen Test techniques
IDS
The four basic approaches to defense in depth
45. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
PAN
The Uniform Protection to defense in depth
Social engineering
ATM work
46. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
The Uniform Protection to defense in depth
ATM work
Some other UDP based protocols
Some reasons to use UDP over TCP
47. Malware - insider threat - natural disaster - terrorism - pandemic
Some network design objectives
What primary threats should be protected against
When implementing protocols - what stack should be used?
the application layer
48. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Boot record infector
Snort
IDS signature analysis work
Some reasons to use UDP over TCP
49. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Bridge
Port scan
Deep packet inspection
Some NIDS topology limitations
50. Confidentiality - integrity - availability
Plaintext
The three goals of security
To establish a TCP session
Some network design objectives