SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
What's an easy way to test encryption?
Plaintext
Ack Piggybacking
2. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
LAN
Internet
Checksum in UDP
Bridge
3. fast - with little fidelity - examines header information and limited payload data
Some firewall benefits
Shallow packet inspection
ATM work
Some common TCP ports
4. An attempt to gain access by bombarding it with guesses until the password is found.
EXE program infector
What threats should be protected against - based on threat levels
Brute force
Bridge
5. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some reasons to use TCP over UDP
OS Command Injection defenses
Checksum in UDP
Some Pen Test techniques
6. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
The four types of events reported by IDS
Firewall
The four basic approaches to defense in depth
What range is a class A network?
7. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Some Pen Test techniques
Shallow packet inspection
IDS not
Bus Topology
8. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
Worms
PAN
Group
9. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Log monitoring work?
The TCP/IP model
Hubs
The conficker worm
10. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some ways to bypass firewall protections
Asynchronous Transfer Mode
Some FTP dangers
Deep packet inspection
11. Handles transmissions across the physical media like wires - fiber - etc
Shallow packet inspection
Router
Social engineering
The physical layer stack
12. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
The data link layer
EXE program infector
The goals of cryptography
The Information Centric defense in depth
13. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
Plaintext
What's an easy way to test encryption?
WAN
14. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
Some disadvantages of honeypots
The difference in stacks
DDoS attack
15. A cracking tool inserted into the OS that allows the attacker to do as they please.
Rootkit
When setting up a virtual circuit
The five threat vectors
Nmap scanning techniques
16. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
To establish a TCP session
TFTP
War Dialing
Honeyd
17. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Boot record infector
Some common TCP ports
Stateless packet filter
File integrity checking work
18. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
What's a VLAN
The data link layer
LAN
Bus Topology
19. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Types of ATM virtual circuits
Worms
Proxy or application gateway
Log monitoring work?
20. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Types of viruses
Honeyd
Log monitoring work?
Denial of service
21. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
When setting up a virtual circuit
File integrity checking work
What categories do vulnerabilities fall into?
Best way to protect wireless networks
22. Network scanner.
CIDR
Nmap
Address Resolution Protocol (ARP)
To establish a TCP session
23. Simple attack done by simply browsing available information that's allowed on a local network.
Browsing attack
The OSI model
Proxy or application gateway
Total cell size for asynchronous transfer mode (ATM)
24. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
Alteration of code
HIDS monitor
When implementing protocols - what stack should be used?
Group
25. FIN 130 - ACK 131 - FIN 570 - ACK 571
Plaintext
To close a TCP session
What ways should the crypto key be protected?
Rotation?
26. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
27. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
The four basic approaches to defense in depth
Some malware capabilities
Ack Piggybacking
The protected enclave to defense in depth
28. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Some common UDP ports
Some ways to bypass firewall protections
A netmask
Some firewall benefits
29. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Bus Topology
Overview of TCP
Some firewall challenges
Some common TCP ports
30. Considered to be a perimeter device
Bridge
Some reasons to use UDP over TCP
The OSI model
Router
31. destruction of data - leaking confidential information - providing backdoor access
MAN
Internet
The data link layer
Some malware capabilities
32. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
Types of ATM virtual circuits
Arbitrary substitution
WAN
The data link layer
33. The Practice of sending an ACK inside another packet going to the same destination
Brute force
What range is a class B network?
Some NIDS topology limitations
Ack Piggybacking
34. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The network layer
The data link layer
Buffer overflow
Anomaly analysis work
35. Intrusion detection system - it reports attacks against monitored systems/networks
Worms
IDS
TFTP
Anomaly analysis work
36. Infects MBR - no network spreading potential
Some Pen Test techniques
The goals of cryptography
Boot record infector
No State Inspection ACK flag set
37. It handles the establishment and maintenance of connections between systems
Some external threat concerns
Remote maintenance
The session layer
Some common TCP ports
38. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
What range is a class C network?
Social engineering
Integrity of Data
Checksum in UDP
39. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
Remote maintenance
The session layer
The threat vector analysis in defense in depth
When implementing protocols - what stack should be used?
40. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Some firewall benefits
Switches
What range is a class B network?
Some NIDS topology limitations
41. One is for talking - one is for implementing
Some types of malicious code
NAC
The difference in stacks
Honeypot
42. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Nmap scanning techniques
Checksum in UDP
What range is a class A network?
Firewall
43. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Hping
ACK piggybacking
Trojan horse
OS Command Injection defenses
44. Uniform protection - protected enclaves - information centric - threat vector analysis
The four basic approaches to defense in depth
Denial of service
Some ways to bypass firewall protections
Worms
45. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
Network stumbler
IDS signature analysis work
Macro virus
3-way handshake
46. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
The four basic approaches to defense in depth
the application layer
Denial of service
File integrity checking work
47. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
SQL Slammer Worm
Ack Piggybacking
OS Command Injection defenses
Deep packet inspection
48. The practice of sending an ACK inside another packet going to the same destination
Best way to protect wireless networks
The difference in stacks
A blind FTP
ACK piggybacking
49. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
To establish a TCP session
Total cell size for asynchronous transfer mode (ATM)
Log monitoring work?
EXE program infector
50. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
Integrity of Data
Some firewall challenges
Some malware capabilities
