SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Stateful firewalls maintain state of traffic flows
Stateful firewall
Buffer overflow
Vulnerabilities
Some FTP dangers
2. Message in its encrypted form
Ciphertext
IDS
The TCP/IP model
Some Pen Test techniques
3. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Arbitrary substitution
Some NIDS topology limitations
Ack Piggybacking
COM/Script program infector
4. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
What primary threats should be protected against
Hping
Best way to protect wireless networks
The Information Centric defense in depth
5. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Parasitic malware
What's an easy way to test encryption?
What categories do vulnerabilities fall into?
Permutation
6. Relies on executable code insertion and user interaction to spread
What range is a class B network?
Parasitic malware
The four types of events reported by IDS
The five threat vectors
7. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Proxy or application gateway
Some common TCP ports
IDS data normalization
Integrity of Data
8. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
The Uniform Protection to defense in depth
Proxy or application gateway
Asynchronous Transfer Mode
The conficker worm
9. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Datagram length of a UDP packet
SYN flood
Some malware propagation techniques
Stateless packet filter
10. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
Race conditions
Nmap
Asynchronous Transfer Mode
The Information Centric defense in depth
11. Protected at rest - protected in transit - secure the key
Smurf attack
Types of ATM virtual circuits
Some FTP dangers
What ways should the crypto key be protected?
12. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Trap door
Wardriving
Types of viruses
A blind FTP
13. It handles the establishment and maintenance of connections between systems
The session layer
Some common TCP ports
Race conditions
ACK piggybacking
14. It makes sure the data sent from one side to the other is in a format useful to the other side
Smurf attack
Race conditions
Some external threat concerns
The presentation layer
15. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
IDS signature analysis work
The data link layer
The OSI Protocol Stack
The transport layer
16. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
The difference in stacks
Some common UDP ports
Plaintext
Firewall
17. Simple attack done by simply browsing available information that's allowed on a local network.
Browsing attack
Ciphertext
ATM work
The physical layer stack
18. Personal area network - phone tethering - bluetooth - etc
NIDS advantages
Some reasons to use UDP over TCP
Group
PAN
19. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
NAC
What range is a class B network?
NIDS challenges
To establish a TCP session
20. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
Buffer overflow
The Uniform Protection to defense in depth
Address resolution protocol
21. Malware - insider threat - natural disaster - terrorism - pandemic
Risk
A netmask
What primary threats should be protected against
Rotation?
22. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Hping
Macro virus
EXE program infector
Proxy or application gateway
23. fast - with little fidelity - examines header information and limited payload data
Shallow packet inspection
Some reasons to use UDP over TCP
What's a VLAN
Ack Piggybacking
24. destruction of data - leaking confidential information - providing backdoor access
Stateless packet filter
Some FTP dangers
WAN
Some malware capabilities
25. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Vulnerabilities
DDoS attack
Some FTP dangers
Checksum in UDP
26. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
No State Inspection ACK flag set
Macro virus
Some reasons to use UDP over TCP
IDS not
27. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Logic bomb
Anomaly analysis work
Wardriving
Defense in depth
28. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Address resolution protocol
Some firewall benefits
Firewall
What ways should the crypto key be protected?
29. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
The session layer
the application layer
Ciphertext
NIDS advantages
30. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
What ways should the crypto key be protected?
Types of ATM virtual circuits
OS Command Injection defenses
Trap door
31. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
CIDR
Some firewall benefits
Bridge
Alteration of code
32. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Some common TCP ports
The Uniform Protection to defense in depth
The different cable categories
File Integrity checking work
33. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Kismet
What range is a class A network?
The OSI Protocol Stack
Bridge
34. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Some reasons to use TCP over UDP
Logic bomb
The five threat vectors
Program infector
35. Provides insight into the tactics - motives - and attacker tools
Risk
Race conditions
Logic bomb
Some honeypot advantages
36. It interacts with the application layer to determine which network services will be required
Multi protocol label switching
the application layer
OS Command Injection defenses
The difference in stacks
37. The practice of sending an ACK inside another packet going to the same destination
ACK piggybacking
COM/Script program infector
Firewall
The OSI Protocol Stack
38. Connects many WANs - MANs - and LANs - provided via ISP
Best way to protect wireless networks
IDS not
Internet
Defense in depth
39. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
File integrity checking work
Some FTP dangers
NAC
Logic bomb
41. Confidentiality - integrity - availability
Parasitic malware
The protected enclave to defense in depth
Some Pen Test techniques
The three goals of security
42. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
The threat vector analysis in defense in depth
What categories do vulnerabilities fall into?
The Information Centric defense in depth
When talking about protocols and referencing layers - what stack is used
43. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Social engineering
Logic bomb
Macro virus
Hubs
44. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
The different cable categories
Logic bomb
Switches
Some Pen Test techniques
45. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
HIDS monitor
Log monitoring work?
Bus Topology
Defense in depth
46. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
When implementing protocols - what stack should be used?
Browsing attack
To establish a TCP session
A blind FTP
47. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Vulnerabilities
Proxy or application gateway
Some other UDP based protocols
IDS
48. Unencrypted message in its original form
The protected enclave to defense in depth
Nmap
Switches
Plaintext
49. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Trojan horse
Deep packet inspection
CIDR
IDS data normalization
50. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Parasitic malware
Boot record infector
Group
Some FTP dangers
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests