SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Bridge
WAN
Wardriving
TFTP
2. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Some ways to bypass firewall protections
OS Command Injection defenses
Group
The OSI model
3. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Multi protocol label switching
When talking about protocols and referencing layers - what stack is used
Address resolution protocol
Stateless packet filter
4. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Race conditions
The OSI Protocol Stack
The CIA triad
Defense in depth
5. Known - unknown - zero day
EXE program infector
3-way handshake
What categories do vulnerabilities fall into?
No State Inspection ACK flag set
6. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Macro virus
NIDS challenges
Some malware propagation techniques
Asynchronous Transfer Mode
7. Malware - insider threat - natural disaster - terrorism - pandemic
Some network design objectives
Some NIDS topology limitations
What primary threats should be protected against
The four basic approaches to defense in depth
8. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Nmap
Permutation
OS Command Injection defenses
Buffer overflow
9. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Logic bomb
Bus Topology
Defense in depth
Some firewall benefits
10. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
Some types of malicious code
Ciphertext
To establish a TCP session
11. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
The TCP/IP model
Types of ATM virtual circuits
Address Resolution Protocol (ARP)
Arbitrary substitution
12. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
WAN
What threats should be protected against - based on threat levels
Network stumbler
What's a VLAN
13. An attempt to gain access by bombarding it with guesses until the password is found.
Best way to protect wireless networks
Brute force
LAN
The Information Centric defense in depth
14. A cracking tool inserted into the OS that allows the attacker to do as they please.
IDS signature analysis work
Rootkit
Risk
Some NIDS topology limitations
15. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Smurf attack
Bus Topology
TFTP
Some reasons to use TCP over UDP
16. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Some common TCP ports
Social engineering
A network protocol
Some network design objectives
17. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Smurf attack
File Integrity checking work
Permutation
Checksum in UDP
18. Handles transmissions across the physical media like wires - fiber - etc
What categories do vulnerabilities fall into?
Some malware propagation techniques
The physical layer stack
The data link layer
19. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
The session layer
OS Command Injection defenses
IDS data normalization
Worms
20. Considered to be a perimeter device
Router
The data link layer
WAN
Proxy or application gateway
21. Attaches itself to existing program files and activated when the exe is launched
Some firewall benefits
Program infector
Worms
The protected enclave to defense in depth
22. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
Snort
Risk
When setting up a virtual circuit
23. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Risk
Rotation?
PAN
Proxy or application gateway
24. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Kismet
CIDR
Nmap
The protected enclave to defense in depth
25. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Some firewall challenges
The data link layer
The difference in stacks
Stateless packet filter
26. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Checksum in UDP
The four basic approaches to defense in depth
WAN
Types of viruses
27. The Practice of sending an ACK inside another packet going to the same destination
When implementing protocols - what stack should be used?
OS Command Injection defenses
Ack Piggybacking
ATM work
28. Connects many WANs - MANs - and LANs - provided via ISP
Internet
A blind FTP
Address resolution protocol
Checksum in UDP
29. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Smurf attack
SYN flood
CIDR
Some ways to bypass firewall protections
30. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
File integrity checking work
Address Resolution Protocol (ARP)
Datagram length of a UDP packet
File Integrity checking work
31. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Honeypot
Defense in depth
Rootkit
Logic bomb
32. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Alteration of code
The Uniform Protection to defense in depth
ATM work
When setting up a virtual circuit
33. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Some FTP dangers
Permutation
Asynchronous Transfer Mode
Parasitic malware
34. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Remote maintenance
Some reasons to use UDP over TCP
The physical layer stack
Integrity of Data
35. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
The four types of events reported by IDS
The threat vector analysis in defense in depth
Firewall
When setting up a virtual circuit
36. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Some firewall benefits
Race conditions
The five threat vectors
The TCP/IP model
37. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
Nmap scanning techniques
Macro virus
File Integrity checking work
Ack Piggybacking
38. Protected at rest - protected in transit - secure the key
Remote maintenance
ATM work
What's an easy way to test encryption?
What ways should the crypto key be protected?
39. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Browsing attack
SQL Slammer Worm
Hping
File Integrity checking work
40. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Worms
Hubs
Firewall
What ways should the crypto key be protected?
41. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
What's a VLAN
the application layer
What range is a class B network?
IDS signature analysis work
42. Personal area network - phone tethering - bluetooth - etc
the application layer
Hubs
PAN
Rootkit
43. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Brute force
No State Inspection ACK flag set
MAN
NAC
44. It makes sure the data sent from one side to the other is in a format useful to the other side
The physical layer stack
Some common UDP ports
Log monitoring work?
The presentation layer
45. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Denial of service
The session layer
When talking about protocols and referencing layers - what stack is used
Defense in depth
46. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
DDoS attack
The OSI Protocol Stack
Multi protocol label switching
Datagram length of a UDP packet
47. Infects MBR - no network spreading potential
Buffer overflow
Boot record infector
Defense in depth
Checksum in UDP
48. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
Firewall
Wardriving
The goals of cryptography
49. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
The difference in stacks
Address Resolution Protocol (ARP)
Bus Topology
50. Confidentiality - symmetric encryption
Buffer overflow
Best way to protect wireless networks
Smurf attack
The goals of cryptography