SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
IDS data normalization
File integrity checking work
A blind FTP
Address resolution protocol
2. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Types of viruses
Race conditions
Wardriving
A blind FTP
3. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
SYN flood
What range is a class B network?
Some common UDP ports
Browsing attack
4. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
IDS signature analysis work
Snort
Program infector
Deep packet inspection
5. Going around with equipment to detect wireless networks
Stateful firewall
Wardriving
Asynchronous Transfer Mode
PAN
6. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Group
Browsing attack
Datagram length of a UDP packet
Some malware propagation techniques
7. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
The different cable categories
Address resolution protocol
Honeyd
Social engineering
8. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Checksum in UDP
Buffer overflow
The data link layer
When setting up a virtual circuit
9. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Some FTP dangers
To close a TCP session
Vulnerabilities
Switches
10. Syn - Syn/Ack - Ack
A netcat listener
To establish a TCP session
Program infector
What threats should be protected against - based on threat levels
11. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
The OSI Protocol Stack
Honeyd
The five threat vectors
Trap door
12. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Port scan
Shallow packet inspection
To establish a TCP session
CIDR
13. Stateful firewalls maintain state of traffic flows
Buffer overflow
Browsing attack
A network protocol
Stateful firewall
14. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
The difference in stacks
Some types of malicious code
Risk
No State Inspection ACK flag set
15. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
The OSI Protocol Stack
Permutation
When talking about protocols and referencing layers - what stack is used
NAC
16. One is for talking - one is for implementing
What range is a class B network?
Macro virus
Social engineering
The difference in stacks
17. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
What range is a class A network?
Integrity of Data
Shallow packet inspection
Some disadvantages of honeypots
18. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Network stumbler
Honeypot
To establish a TCP session
What categories do vulnerabilities fall into?
19. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Deep packet inspection
Logic bomb
What range is a class A network?
CIDR
20. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Best way to protect wireless networks
Trojan horse
Vulnerabilities
Bridge
21. Confidentiality - integrity - availability
The three goals of security
Some reasons to use TCP over UDP
Anomaly analysis work
3-way handshake
22. Intellectual property - business goals - validated data - historical
PAN
Hubs
What threats should be protected against - based on threat levels
Port scan
23. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Datagram length of a UDP packet
The physical layer stack
Some Pen Test techniques
Parasitic malware
24. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Snort
The TCP/IP model
A netcat listener
A netmask
25. logic bomb - trojan horse - trap door
Some types of malicious code
When talking about protocols and referencing layers - what stack is used
IDS not
The threat vector analysis in defense in depth
26. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some NIDS topology limitations
What range is a class B network?
Some ways to bypass firewall protections
The OSI Protocol Stack
27. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Some disadvantages of honeypots
The transport layer
Some common TCP ports
Datagram length of a UDP packet
28. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
File Integrity checking work
Plaintext
Worms
SYN flood
29. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Smurf attack
File Integrity checking work
Anomaly analysis work
What primary threats should be protected against
30. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
Permutation
IDS data normalization
A blind FTP
SQL Slammer Worm
31. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Ack Piggybacking
Firewall
Network stumbler
Types of viruses
32. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
IDS data normalization
Group
Honeypot
Best way to protect wireless networks
33. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
Honeypot
Datagram length of a UDP packet
What range is a class A network?
The OSI Protocol Stack
34. Intrusion detection system - it reports attacks against monitored systems/networks
Network stumbler
Snort
IDS
What range is a class B network?
35. The Practice of sending an ACK inside another packet going to the same destination
The protected enclave to defense in depth
Ack Piggybacking
Alteration of code
Boot record infector
36. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
COM/Script program infector
What primary threats should be protected against
The threat vector analysis in defense in depth
OS Command Injection defenses
37. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Network stumbler
A network protocol
Some malware capabilities
SQL Slammer Worm
38. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
PAN
The threat vector analysis in defense in depth
Datagram length of a UDP packet
The goals of cryptography
39. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
The threat vector analysis in defense in depth
COM/Script program infector
3-way handshake
A blind FTP
40. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
When setting up a virtual circuit
CIDR
Network stumbler
Some firewall challenges
41. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Log monitoring work?
Remote maintenance
CIDR
Some malware capabilities
42. It interacts with the application layer to determine which network services will be required
Router
What's a VLAN
Some NIDS topology limitations
the application layer
43. Uniform protection - protected enclaves - information centric - threat vector analysis
The four basic approaches to defense in depth
The three goals of security
Ack Piggybacking
Multi protocol label switching
44. FIN 130 - ACK 131 - FIN 570 - ACK 571
To close a TCP session
What range is a class B network?
What range is a class A network?
Rotation?
45. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
Proxy or application gateway
IDS not
What primary threats should be protected against
46. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
No State Inspection ACK flag set
Honeyd
Some firewall challenges
Nmap scanning techniques
47. Confidentiality - symmetric encryption
The goals of cryptography
Rotation?
The three goals of security
Some malware capabilities
48. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
Checksum in UDP
When talking about protocols and referencing layers - what stack is used
Multi protocol label switching
49. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Shallow packet inspection
Some reasons to use UDP over TCP
The five threat vectors
Port scan
50. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
SYN flood
The Information Centric defense in depth
PAN
Arbitrary substitution
