SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Connects many WANs - MANs - and LANs - provided via ISP
Bridge
Address Resolution Protocol (ARP)
When implementing protocols - what stack should be used?
Internet
2. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
What's an easy way to test encryption?
Denial of service
The four basic approaches to defense in depth
Group
3. Confidentiality - integrity - availability
The three goals of security
Nmap
Social engineering
SYN flood
4. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
SQL Slammer Worm
The presentation layer
Address resolution protocol
Address Resolution Protocol (ARP)
5. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Port scan
CIDR
NIDS challenges
Shallow packet inspection
6. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
7. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Alteration of code
Some malware propagation techniques
Smurf attack
Some other UDP based protocols
8. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Alteration of code
SYN flood
Kismet
Stateless packet filter
9. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
The session layer
The different cable categories
Honeyd
NIDS challenges
10. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
Some FTP dangers
Best way to protect wireless networks
A netmask
The different cable categories
11. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Bus Topology
Ciphertext
The presentation layer
War Dialing
12. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
Network stumbler
Wardriving
IDS signature analysis work
13. Message in its encrypted form
Firewall
Ciphertext
PAN
The five threat vectors
14. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
IDS signature analysis work
When implementing protocols - what stack should be used?
Smurf attack
COM/Script program infector
15. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
File Integrity checking work
What threats should be protected against - based on threat levels
Types of ATM virtual circuits
NAC
16. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
EXE program infector
TFTP
The three goals of security
Arbitrary substitution
17. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Hubs
The goals of cryptography
Race conditions
WAN
18. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Browsing attack
Group
What range is a class B network?
Asynchronous Transfer Mode
19. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
Nmap scanning techniques
Some disadvantages of honeypots
The four basic approaches to defense in depth
3-way handshake
20. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
The threat vector analysis in defense in depth
Hping
The presentation layer
Some honeypot advantages
21. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Hubs
Best way to protect wireless networks
Datagram length of a UDP packet
The protected enclave to defense in depth
22. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
SYN flood
What's a VLAN
What range is a class B network?
Switches
23. The Practice of sending an ACK inside another packet going to the same destination
What's an easy way to test encryption?
Ack Piggybacking
Asynchronous Transfer Mode
A netcat listener
24. Protected at rest - protected in transit - secure the key
The session layer
WAN
What ways should the crypto key be protected?
Nmap scanning techniques
25. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Brute force
Snort
Datagram length of a UDP packet
Some Pen Test techniques
26. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
Stateful firewall
Wardriving
To establish a TCP session
27. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Buffer overflow
NIDS challenges
Logic bomb
Some reasons to use UDP over TCP
28. Intellectual property - business goals - validated data - historical
Some reasons to use TCP over UDP
The protected enclave to defense in depth
What categories do vulnerabilities fall into?
What threats should be protected against - based on threat levels
29. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Some malware propagation techniques
The protected enclave to defense in depth
SQL Slammer Worm
Internet
30. OSI
the application layer
OS Command Injection defenses
When talking about protocols and referencing layers - what stack is used
Parasitic malware
31. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Checksum in UDP
What ways should the crypto key be protected?
Some common TCP ports
When implementing protocols - what stack should be used?
32. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
No State Inspection ACK flag set
IDS signature analysis work
SYN flood
Group
33. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
NIDS advantages
Hubs
Hping
UDP packet headers
34. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
DDoS attack
The transport layer
Ack Piggybacking
Honeypot
35. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Rootkit
Some malware propagation techniques
When setting up a virtual circuit
Deep packet inspection
36. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
The five threat vectors
Log monitoring work?
Alteration of code
The conficker worm
37. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The network layer
Switches
What ways should the crypto key be protected?
The five threat vectors
38. Handles transmissions across the physical media like wires - fiber - etc
Some common UDP ports
Brute force
Some malware capabilities
The physical layer stack
39. Going around with equipment to detect wireless networks
The difference in stacks
COM/Script program infector
IDS not
Wardriving
40. It handles the establishment and maintenance of connections between systems
Switches
Boot record infector
Some common UDP ports
The session layer
41. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Stateless packet filter
Arbitrary substitution
ACK piggybacking
Remote maintenance
42. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Some ways to bypass firewall protections
Some reasons to use TCP over UDP
Datagram length of a UDP packet
The data link layer
43. Relies on executable code insertion and user interaction to spread
Permutation
Some firewall benefits
Parasitic malware
TFTP
44. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Remote maintenance
Some reasons to use UDP over TCP
The threat vector analysis in defense in depth
Buffer overflow
45. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Browsing attack
Rotation?
Hubs
The threat vector analysis in defense in depth
46. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
LAN
CIDR
Log monitoring work?
Wardriving
47. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
ACK piggybacking
Macro virus
Race conditions
What range is a class B network?
49. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Some network design objectives
Shallow packet inspection
Some external threat concerns
Rootkit
50. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Overview of TCP
Browsing attack
Switches
Address Resolution Protocol (ARP)
