SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Considered to be a perimeter device
The four types of events reported by IDS
Router
The data link layer
Total cell size for asynchronous transfer mode (ATM)
2. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
The protected enclave to defense in depth
The Information Centric defense in depth
Some common TCP ports
3. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
IDS not
Total cell size for asynchronous transfer mode (ATM)
The TCP/IP model
4. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
ATM work
Some external threat concerns
LAN
Some firewall benefits
5. Malware - insider threat - natural disaster - terrorism - pandemic
What primary threats should be protected against
Bridge
Risk
War Dialing
6. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Overview of TCP
Firewall
Smurf attack
Some ways to bypass firewall protections
7. Going around with equipment to detect wireless networks
Address resolution protocol
A netcat listener
Wardriving
What categories do vulnerabilities fall into?
8. Stateful firewalls maintain state of traffic flows
Anomaly analysis work
Macro virus
The transport layer
Stateful firewall
9. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
A netmask
ATM work
Some honeypot advantages
10. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
No State Inspection ACK flag set
Some Pen Test techniques
SQL Slammer Worm
ATM work
11. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Some common TCP ports
The five threat vectors
Honeyd
The physical layer stack
12. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Some other UDP based protocols
Firewall
Permutation
When talking about protocols and referencing layers - what stack is used
13. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
Ack Piggybacking
COM/Script program infector
3-way handshake
14. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Proxy or application gateway
Some ways to bypass firewall protections
Some other UDP based protocols
Total cell size for asynchronous transfer mode (ATM)
15. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
MAN
The Information Centric defense in depth
File integrity checking work
Types of ATM virtual circuits
16. Intellectual property - business goals - validated data - historical
NIDS advantages
What threats should be protected against - based on threat levels
Types of viruses
Overview of TCP
17. Known - unknown - zero day
Address resolution protocol
The network layer
Checksum in UDP
What categories do vulnerabilities fall into?
18. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Some malware propagation techniques
Some types of malicious code
Risk
Remote maintenance
19. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
Buffer overflow
When implementing protocols - what stack should be used?
Boot record infector
Some reasons to use TCP over UDP
20. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
War Dialing
UDP packet headers
Datagram length of a UDP packet
Some FTP dangers
21. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Some disadvantages of honeypots
Defense in depth
What range is a class A network?
Some Pen Test techniques
23. Unified data carrying service - replacing from replay and ATM
Multi protocol label switching
Firewall
Some external threat concerns
Honeyd
24. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Vulnerabilities
Types of viruses
EXE program infector
The Uniform Protection to defense in depth
25. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
TFTP
Program infector
EXE program infector
A netcat listener
26. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
TFTP
Rotation?
The five threat vectors
27. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Stateless packet filter
Race conditions
Denial of service
Log monitoring work?
28. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
DDoS attack
When implementing protocols - what stack should be used?
What range is a class C network?
The four types of events reported by IDS
29. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
To close a TCP session
The transport layer
the application layer
Browsing attack
30. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Buffer overflow
Port scan
Some other UDP based protocols
3-way handshake
31. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Some FTP dangers
What primary threats should be protected against
Hping
Trojan horse
32. It interacts with the application layer to determine which network services will be required
IDS not
IDS signature analysis work
CIDR
the application layer
33. FIN 130 - ACK 131 - FIN 570 - ACK 571
PAN
To close a TCP session
Parasitic malware
Wardriving
34. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Firewall
Boot record infector
UDP packet headers
The data link layer
35. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Some NIDS topology limitations
When setting up a virtual circuit
What's an easy way to test encryption?
Some types of malicious code
36. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
When talking about protocols and referencing layers - what stack is used
A blind FTP
Bus Topology
Deep packet inspection
37. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Ack Piggybacking
Network stumbler
Some malware capabilities
Stateless packet filter
38. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
When implementing protocols - what stack should be used?
The five threat vectors
Denial of service
Rotation?
39. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Trojan horse
Honeypot
Overview of TCP
Hping
40. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
The goals of cryptography
Parasitic malware
Address Resolution Protocol (ARP)
Anomaly analysis work
41. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
OS Command Injection defenses
Bus Topology
MAN
Network stumbler
42. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Honeypot
IDS signature analysis work
Alteration of code
The three goals of security
43. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
HIDS monitor
The OSI model
Trojan horse
MAN
44. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some malware propagation techniques
Some ways to bypass firewall protections
IDS
Some external threat concerns
45. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
A netcat listener
Program infector
What's an easy way to test encryption?
CIDR
46. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
PAN
Bridge
File Integrity checking work
TFTP
47. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Group
Anomaly analysis work
NIDS advantages
The network layer
48. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Worms
IDS signature analysis work
The Uniform Protection to defense in depth
Proxy or application gateway
49. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Some firewall challenges
Honeypot
Race conditions
Rotation?
50. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
The three goals of security
What range is a class A network?
What range is a class B network?
PAN
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests