SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
Some reasons to use UDP over TCP
Plaintext
Stateless packet filter
2. Connects many WANs - MANs - and LANs - provided via ISP
Address resolution protocol
When talking about protocols and referencing layers - what stack is used
Internet
Datagram length of a UDP packet
3. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Bridge
Some reasons to use UDP over TCP
Some Pen Test techniques
Group
4. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Some malware propagation techniques
Parasitic malware
Firewall
Honeypot
5. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
The TCP/IP model
3-way handshake
A blind FTP
Some Pen Test techniques
6. OSI
COM/Script program infector
War Dialing
Brute force
When talking about protocols and referencing layers - what stack is used
7. fast - with little fidelity - examines header information and limited payload data
Worms
Arbitrary substitution
Kismet
Shallow packet inspection
8. 53 bytes - 48 bytes for data - 5 bytes for the header
The conficker worm
Total cell size for asynchronous transfer mode (ATM)
The physical layer stack
The session layer
9. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Plaintext
What primary threats should be protected against
Types of ATM virtual circuits
Buffer overflow
10. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Kismet
SYN flood
HIDS monitor
Address resolution protocol
11. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The OSI model
The session layer
PAN
Boot record infector
12. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
MAN
Remote maintenance
Internet
The data link layer
13. Message in its encrypted form
A blind FTP
Kismet
Ciphertext
What ways should the crypto key be protected?
14. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
The data link layer
The Information Centric defense in depth
Some ways to bypass firewall protections
Ciphertext
15. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
File integrity checking work
Types of ATM virtual circuits
A blind FTP
Address resolution protocol
16. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Smurf attack
Trap door
The session layer
Social engineering
17. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
The transport layer
Best way to protect wireless networks
Browsing attack
What primary threats should be protected against
18. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Datagram length of a UDP packet
IDS
Social engineering
Internet
19. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Datagram length of a UDP packet
What ways should the crypto key be protected?
The protected enclave to defense in depth
Parasitic malware
20. Infects MBR - no network spreading potential
Boot record infector
IDS signature analysis work
A netmask
The presentation layer
21. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Some malware capabilities
The three goals of security
TFTP
Some disadvantages of honeypots
22. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Types of ATM virtual circuits
Arbitrary substitution
Risk
The data link layer
23. Stateful firewalls maintain state of traffic flows
The four basic approaches to defense in depth
Some malware propagation techniques
A netmask
Stateful firewall
24. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
The session layer
What's a VLAN
The data link layer
The three goals of security
25. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
IDS
Some firewall benefits
The session layer
26. Uniform protection - protected enclaves - information centric - threat vector analysis
Defense in depth
What range is a class B network?
The four basic approaches to defense in depth
When talking about protocols and referencing layers - what stack is used
27. Bits of code embedded in programs to quickly gain access at a later time
TFTP
Trap door
SQL Slammer Worm
Nmap scanning techniques
28. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
The difference in stacks
What range is a class B network?
Kismet
NIDS challenges
29. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Some firewall challenges
Plaintext
MAN
Deep packet inspection
30. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
The goals of cryptography
Port scan
Integrity of Data
Honeyd
31. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
SYN flood
Address Resolution Protocol (ARP)
Trap door
What range is a class A network?
32. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Total cell size for asynchronous transfer mode (ATM)
TFTP
Log monitoring work?
Some network design objectives
33. Relies on executable code insertion and user interaction to spread
Parasitic malware
Rotation?
Address resolution protocol
Total cell size for asynchronous transfer mode (ATM)
34. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Honeyd
What threats should be protected against - based on threat levels
Rotation?
Types of ATM virtual circuits
35. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
36. The practice of sending an ACK inside another packet going to the same destination
Nmap scanning techniques
ACK piggybacking
The five threat vectors
Asynchronous Transfer Mode
37. Intrusion detection system - it reports attacks against monitored systems/networks
Worms
Denial of service
IDS
Trojan horse
38. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Datagram length of a UDP packet
Rotation?
The CIA triad
Checksum in UDP
39. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
The transport layer
IDS data normalization
ACK piggybacking
40. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Some types of malicious code
Hping
To close a TCP session
Some NIDS topology limitations
41. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
DDoS attack
No State Inspection ACK flag set
The presentation layer
Rotation?
42. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Some FTP dangers
Anomaly analysis work
Ack Piggybacking
Some malware propagation techniques
43. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
Honeypot
The different cable categories
NIDS advantages
44. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
File integrity checking work
TFTP
Log monitoring work?
Program infector
45. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Honeyd
DDoS attack
The presentation layer
Some NIDS topology limitations
46. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
Some malware capabilities
The OSI Protocol Stack
Arbitrary substitution
NAC
47. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Wardriving
PAN
Log monitoring work?
The three goals of security
48. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
No State Inspection ACK flag set
Some common UDP ports
Ack Piggybacking
Snort
49. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
3-way handshake
To close a TCP session
Network stumbler
Alteration of code
50. Personal area network - phone tethering - bluetooth - etc
PAN
Remote maintenance
The Information Centric defense in depth
Arbitrary substitution