SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Trying to ID modems in a telephone exchange that may be susceptible to compromise
War Dialing
The OSI Protocol Stack
When implementing protocols - what stack should be used?
To close a TCP session
2. Stateful firewalls maintain state of traffic flows
Some network design objectives
Denial of service
Stateful firewall
UDP packet headers
3. logic bomb - trojan horse - trap door
Some types of malicious code
The different cable categories
Smurf attack
The Information Centric defense in depth
4. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Some types of malicious code
DDoS attack
HIDS monitor
Some common UDP ports
5. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Some Pen Test techniques
Buffer overflow
TFTP
Some types of malicious code
6. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A network protocol
NAC
What categories do vulnerabilities fall into?
Alteration of code
7. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Address Resolution Protocol (ARP)
To establish a TCP session
CIDR
Vulnerabilities
8. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Port scan
SYN flood
Snort
Datagram length of a UDP packet
9. Malware - insider threat - natural disaster - terrorism - pandemic
Bridge
What primary threats should be protected against
Switches
Boot record infector
10. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
The OSI model
Trap door
Some common TCP ports
The four types of events reported by IDS
11. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
To establish a TCP session
The presentation layer
Denial of service
Some malware propagation techniques
12. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
Alteration of code
NAC
Some types of malicious code
13. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
A network protocol
Denial of service
File integrity checking work
Some network design objectives
14. Unencrypted message in its original form
Hubs
The network layer
Plaintext
Brute force
15. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
The five threat vectors
Address Resolution Protocol (ARP)
Group
Checksum in UDP
16. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Some firewall challenges
Stateful firewall
OS Command Injection defenses
When talking about protocols and referencing layers - what stack is used
17. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some ways to bypass firewall protections
Multi protocol label switching
LAN
Some external threat concerns
18. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
When implementing protocols - what stack should be used?
Router
Some FTP dangers
The different cable categories
19. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
What range is a class C network?
The presentation layer
A netmask
What's an easy way to test encryption?
20. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
WAN
Smurf attack
Rootkit
The four basic approaches to defense in depth
21. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. Simple attack done by simply browsing available information that's allowed on a local network.
Browsing attack
Remote maintenance
When setting up a virtual circuit
Parasitic malware
23. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
The three goals of security
A network protocol
Worms
What range is a class C network?
24. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Multi protocol label switching
Some types of malicious code
Some NIDS topology limitations
IDS
25. It interacts with the application layer to determine which network services will be required
the application layer
Checksum in UDP
When setting up a virtual circuit
MAN
26. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The OSI model
Address Resolution Protocol (ARP)
Honeypot
No State Inspection ACK flag set
27. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Vulnerabilities
IDS not
Shallow packet inspection
NIDS challenges
28. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
The goals of cryptography
Snort
What range is a class B network?
File integrity checking work
29. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Worms
Log monitoring work?
Remote maintenance
What range is a class C network?
30. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
A blind FTP
Some honeypot advantages
Anomaly analysis work
31. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Snort
OS Command Injection defenses
Some malware capabilities
What range is a class B network?
32. One is for talking - one is for implementing
The difference in stacks
Ciphertext
Switches
Log monitoring work?
33. Network scanner.
Boot record infector
CIDR
The protected enclave to defense in depth
Nmap
34. Confidentiality - symmetric encryption
What threats should be protected against - based on threat levels
NAC
The OSI model
The goals of cryptography
35. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Some external threat concerns
Some firewall benefits
Trojan horse
No State Inspection ACK flag set
36. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Race conditions
the application layer
Hubs
Kismet
37. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
Logic bomb
The threat vector analysis in defense in depth
Some network design objectives
Nmap scanning techniques
38. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
War Dialing
The presentation layer
IDS signature analysis work
Buffer overflow
39. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Social engineering
The TCP/IP model
Nmap
Some disadvantages of honeypots
40. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Anomaly analysis work
Some types of malicious code
A netcat listener
Switches
41. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Anomaly analysis work
Some other UDP based protocols
IDS not
Some reasons to use UDP over TCP
42. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
Some reasons to use UDP over TCP
PAN
Remote maintenance
43. Personal area network - phone tethering - bluetooth - etc
What primary threats should be protected against
Denial of service
Defense in depth
PAN
44. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
What range is a class C network?
SYN flood
Macro virus
Hubs
45. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Proxy or application gateway
The TCP/IP model
Hping
Macro virus
46. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
The three goals of security
Some external threat concerns
Log monitoring work?
Wardriving
47. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
LAN
The transport layer
Some reasons to use UDP over TCP
Logic bomb
48. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
SYN flood
HIDS monitor
To close a TCP session
Some reasons to use TCP over UDP
49. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When setting up a virtual circuit
Some reasons to use TCP over UDP
Stateful firewall
Total cell size for asynchronous transfer mode (ATM)
50. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Types of ATM virtual circuits
Some external threat concerns
DDoS attack
Smurf attack