SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Port scan
When setting up a virtual circuit
Plaintext
The Uniform Protection to defense in depth
2. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
A netcat listener
Rotation?
DDoS attack
Some malware capabilities
3. Full open - half open (stealth scan) - UDP - Ping
Alteration of code
Nmap scanning techniques
What categories do vulnerabilities fall into?
Nmap
4. Intellectual property - business goals - validated data - historical
War Dialing
Permutation
WAN
What threats should be protected against - based on threat levels
5. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Hubs
Boot record infector
TFTP
The Uniform Protection to defense in depth
6. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
CIDR
Some network design objectives
3-way handshake
Defense in depth
7. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
The five threat vectors
The threat vector analysis in defense in depth
When setting up a virtual circuit
SQL Slammer Worm
8. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
The TCP/IP model
IDS not
Brute force
Honeyd
9. Connects many WANs - MANs - and LANs - provided via ISP
Internet
Bus Topology
The threat vector analysis in defense in depth
WAN
10. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Bridge
Trojan horse
The TCP/IP model
What categories do vulnerabilities fall into?
11. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Honeypot
Logic bomb
Anomaly analysis work
The OSI Protocol Stack
12. Simple attack done by simply browsing available information that's allowed on a local network.
Hubs
The four types of events reported by IDS
Browsing attack
Trap door
13. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
Rotation?
The data link layer
Anomaly analysis work
14. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
LAN
The conficker worm
Nmap
The data link layer
15. Stateful firewalls maintain state of traffic flows
Some common UDP ports
Shallow packet inspection
Stateful firewall
What range is a class B network?
16. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
Best way to protect wireless networks
When implementing protocols - what stack should be used?
ATM work
Alteration of code
17. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Buffer overflow
Browsing attack
CIDR
HIDS monitor
18. It handles the establishment and maintenance of connections between systems
Arbitrary substitution
Some common TCP ports
Alteration of code
The session layer
19. Malware - insider threat - natural disaster - terrorism - pandemic
Macro virus
Alteration of code
What primary threats should be protected against
Multi protocol label switching
20. Syn - Syn/Ack - Ack
Rotation?
To establish a TCP session
Race conditions
The different cable categories
21. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Some common TCP ports
Some reasons to use UDP over TCP
Smurf attack
The conficker worm
22. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Alteration of code
Program infector
Social engineering
Router
23. An attempt to gain access by bombarding it with guesses until the password is found.
The CIA triad
Brute force
Snort
Some ways to bypass firewall protections
24. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Parasitic malware
Some malware propagation techniques
Vulnerabilities
ATM work
25. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
The TCP/IP model
Permutation
Bridge
SQL Slammer Worm
26. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
Some common TCP ports
NAC
What range is a class B network?
27. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
The data link layer
Multi protocol label switching
Some Pen Test techniques
Proxy or application gateway
28. Message in its encrypted form
Ciphertext
The transport layer
Bridge
War Dialing
29. OSI
When talking about protocols and referencing layers - what stack is used
Integrity of Data
The conficker worm
Arbitrary substitution
30. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
To establish a TCP session
NIDS advantages
Kismet
UDP packet headers
31. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
NAC
Internet
EXE program infector
To close a TCP session
32. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
SYN flood
Stateless packet filter
Some common TCP ports
What categories do vulnerabilities fall into?
33. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Race conditions
A network protocol
Vulnerabilities
OS Command Injection defenses
34. Network scanner.
Nmap
Integrity of Data
What range is a class B network?
Best way to protect wireless networks
35. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
The OSI Protocol Stack
Bridge
The different cable categories
NAC
36. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
The OSI model
The goals of cryptography
File integrity checking work
SQL Slammer Worm
37. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Some reasons to use UDP over TCP
Smurf attack
Some malware capabilities
HIDS monitor
38. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
Asynchronous Transfer Mode
Some ways to bypass firewall protections
Buffer overflow
A blind FTP
39. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Asynchronous Transfer Mode
Denial of service
File integrity checking work
The different cable categories
40. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Multi protocol label switching
The transport layer
The session layer
EXE program infector
41. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Checksum in UDP
What's an easy way to test encryption?
Overview of TCP
Stateful firewall
42. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
Log monitoring work?
The difference in stacks
Kismet
43. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
Some network design objectives
Brute force
Router
44. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
EXE program infector
LAN
IDS not
A netcat listener
45. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Multi protocol label switching
Honeypot
IDS signature analysis work
Firewall
46. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
Nmap
The protected enclave to defense in depth
Smurf attack
47. logic bomb - trojan horse - trap door
Some types of malicious code
Some network design objectives
A netcat listener
Address resolution protocol
48. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
The physical layer stack
DDoS attack
IDS signature analysis work
Bus Topology
49. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
Types of viruses
The five threat vectors
Permutation
50. Known - unknown - zero day
Group
Browsing attack
Some types of malicious code
What categories do vulnerabilities fall into?
