SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
COM/Script program infector
3-way handshake
Rotation?
IDS data normalization
2. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
The transport layer
Datagram length of a UDP packet
The network layer
Best way to protect wireless networks
3. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Plaintext
NAC
The protected enclave to defense in depth
Nmap
4. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Best way to protect wireless networks
The three goals of security
ACK piggybacking
Snort
5. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
The OSI Protocol Stack
OS Command Injection defenses
Some common UDP ports
Ack Piggybacking
6. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Best way to protect wireless networks
The goals of cryptography
The physical layer stack
Firewall
7. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Firewall
Integrity of Data
Some ways to bypass firewall protections
Some FTP dangers
8. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Trap door
Shallow packet inspection
What range is a class C network?
NIDS advantages
9. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
NIDS advantages
Rotation?
Multi protocol label switching
Kismet
10. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
PAN
Bridge
Trap door
The OSI model
11. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Network stumbler
Smurf attack
CIDR
When setting up a virtual circuit
12. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
13. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
HIDS monitor
IDS
Some disadvantages of honeypots
MAN
14. Bits of code embedded in programs to quickly gain access at a later time
Types of ATM virtual circuits
Trap door
The physical layer stack
Some disadvantages of honeypots
15. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
Anomaly analysis work
Network stumbler
When implementing protocols - what stack should be used?
When talking about protocols and referencing layers - what stack is used
16. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A network protocol
MAN
Denial of service
Overview of TCP
17. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
When setting up a virtual circuit
The presentation layer
Some FTP dangers
18. Malware - insider threat - natural disaster - terrorism - pandemic
What primary threats should be protected against
Stateful firewall
the application layer
Rotation?
19. Relies on executable code insertion and user interaction to spread
TFTP
IDS
Some FTP dangers
Parasitic malware
20. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
The threat vector analysis in defense in depth
The conficker worm
A network protocol
Stateless packet filter
21. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
File Integrity checking work
The OSI model
The protected enclave to defense in depth
Honeypot
22. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Address Resolution Protocol (ARP)
Alteration of code
3-way handshake
Bridge
23. It handles the establishment and maintenance of connections between systems
When implementing protocols - what stack should be used?
Some NIDS topology limitations
The session layer
Nmap
24. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Internet
Some external threat concerns
NAC
Parasitic malware
25. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
No State Inspection ACK flag set
Asynchronous Transfer Mode
Ack Piggybacking
Switches
26. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
Router
EXE program infector
Arbitrary substitution
27. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Stateful firewall
What primary threats should be protected against
IDS not
Types of ATM virtual circuits
28. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
Plaintext
When setting up a virtual circuit
LAN
Network stumbler
29. fast - with little fidelity - examines header information and limited payload data
The difference in stacks
Shallow packet inspection
Smurf attack
What primary threats should be protected against
30. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
The four basic approaches to defense in depth
When setting up a virtual circuit
Logic bomb
A blind FTP
31. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
OS Command Injection defenses
Ciphertext
Group
File Integrity checking work
32. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Types of viruses
Integrity of Data
Some external threat concerns
Kismet
33. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Parasitic malware
A netmask
The three goals of security
When implementing protocols - what stack should be used?
34. Considered to be a perimeter device
Some Pen Test techniques
The data link layer
Router
Some malware capabilities
35. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
UDP packet headers
Total cell size for asynchronous transfer mode (ATM)
3-way handshake
The network layer
36. Message in its encrypted form
Ciphertext
Proxy or application gateway
Defense in depth
When implementing protocols - what stack should be used?
37. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Datagram length of a UDP packet
Alteration of code
Hubs
What categories do vulnerabilities fall into?
38. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
What ways should the crypto key be protected?
NIDS advantages
the application layer
Port scan
39. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Arbitrary substitution
Denial of service
The different cable categories
DDoS attack
40. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
What primary threats should be protected against
Macro virus
Arbitrary substitution
The session layer
41. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Alteration of code
Some other UDP based protocols
Bridge
Some ways to bypass firewall protections
42. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Race conditions
Some reasons to use UDP over TCP
Worms
Network stumbler
43. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Switches
Rootkit
Honeypot
DDoS attack
44. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Snort
Some reasons to use UDP over TCP
Some reasons to use TCP over UDP
Some common TCP ports
45. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
IDS
Some network design objectives
Some reasons to use UDP over TCP
A network protocol
46. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
The four basic approaches to defense in depth
Logic bomb
DDoS attack
WAN
47. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Internet
Smurf attack
The Uniform Protection to defense in depth
EXE program infector
48. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Proxy or application gateway
Address resolution protocol
the application layer
Risk
49. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
What range is a class B network?
Nmap scanning techniques
Firewall
The Information Centric defense in depth
50. Simple attack done by simply browsing available information that's allowed on a local network.
Denial of service
EXE program infector
Browsing attack
Some malware propagation techniques