SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
UDP packet headers
The three goals of security
Arbitrary substitution
When setting up a virtual circuit
2. Intellectual property - business goals - validated data - historical
What threats should be protected against - based on threat levels
Some network design objectives
Parasitic malware
What ways should the crypto key be protected?
3. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
MAN
File integrity checking work
Some external threat concerns
Race conditions
4. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Buffer overflow
The data link layer
Vulnerabilities
Social engineering
5. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Address Resolution Protocol (ARP)
Plaintext
The protected enclave to defense in depth
Best way to protect wireless networks
6. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Rotation?
Bus Topology
Log monitoring work?
NIDS challenges
7. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
UDP packet headers
Some firewall benefits
Asynchronous Transfer Mode
Datagram length of a UDP packet
8. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Some NIDS topology limitations
What's an easy way to test encryption?
Some reasons to use UDP over TCP
TFTP
9. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Some malware capabilities
What range is a class C network?
When implementing protocols - what stack should be used?
NIDS challenges
10. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Some disadvantages of honeypots
IDS
Router
Nmap
11. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
What primary threats should be protected against
Some external threat concerns
EXE program infector
TFTP
12. Confidentiality - symmetric encryption
The goals of cryptography
The physical layer stack
Program infector
Worms
13. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Some other UDP based protocols
Switches
The three goals of security
Proxy or application gateway
14. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Social engineering
SYN flood
Trap door
A netmask
15. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Risk
Some NIDS topology limitations
Some common TCP ports
Types of viruses
16. 53 bytes - 48 bytes for data - 5 bytes for the header
Some firewall challenges
Total cell size for asynchronous transfer mode (ATM)
Some firewall benefits
Boot record infector
17. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
Address resolution protocol
The Uniform Protection to defense in depth
Some firewall benefits
18. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
NIDS challenges
Social engineering
To close a TCP session
Deep packet inspection
19. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Ack Piggybacking
Firewall
Integrity of Data
When implementing protocols - what stack should be used?
20. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Router
File Integrity checking work
Some malware propagation techniques
To establish a TCP session
21. Bits of code embedded in programs to quickly gain access at a later time
Trap door
When setting up a virtual circuit
No State Inspection ACK flag set
Shallow packet inspection
22. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
The Information Centric defense in depth
Worms
Plaintext
Some firewall challenges
23. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Risk
Group
Some common UDP ports
Stateless packet filter
24. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
The three goals of security
The session layer
Trojan horse
Some common TCP ports
25. Malware - insider threat - natural disaster - terrorism - pandemic
A network protocol
EXE program infector
Vulnerabilities
What primary threats should be protected against
26. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Alteration of code
The OSI Protocol Stack
Worms
Types of viruses
27. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Overview of TCP
WAN
Types of viruses
A netcat listener
28. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
WAN
Hubs
Network stumbler
What range is a class A network?
29. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
IDS
The data link layer
HIDS monitor
Overview of TCP
30. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Deep packet inspection
What primary threats should be protected against
Switches
Some reasons to use UDP over TCP
31. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Group
Internet
The TCP/IP model
Browsing attack
32. Confidentiality - integrity - availability
Some honeypot advantages
The three goals of security
Deep packet inspection
When talking about protocols and referencing layers - what stack is used
33. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Some reasons to use TCP over UDP
Proxy or application gateway
Some FTP dangers
No State Inspection ACK flag set
34. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Total cell size for asynchronous transfer mode (ATM)
Remote maintenance
File Integrity checking work
Defense in depth
35. It makes sure the data sent from one side to the other is in a format useful to the other side
Honeypot
The presentation layer
The Uniform Protection to defense in depth
Rotation?
36. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
Some firewall benefits
Ciphertext
Best way to protect wireless networks
Some reasons to use TCP over UDP
37. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A netcat listener
Smurf attack
Arbitrary substitution
A network protocol
38. FIN 130 - ACK 131 - FIN 570 - ACK 571
SQL Slammer Worm
Bridge
To close a TCP session
What categories do vulnerabilities fall into?
39. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Hubs
A network protocol
Arbitrary substitution
DDoS attack
40. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
NIDS advantages
Some disadvantages of honeypots
The three goals of security
Smurf attack
41. Known - unknown - zero day
The difference in stacks
What categories do vulnerabilities fall into?
What range is a class B network?
Some firewall benefits
42. Protected at rest - protected in transit - secure the key
DDoS attack
What ways should the crypto key be protected?
Deep packet inspection
Types of viruses
43. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Shallow packet inspection
Total cell size for asynchronous transfer mode (ATM)
Macro virus
Race conditions
44. Message in its encrypted form
Anomaly analysis work
Proxy or application gateway
What range is a class B network?
Ciphertext
45. OSI
When implementing protocols - what stack should be used?
Types of viruses
When talking about protocols and referencing layers - what stack is used
Nmap
46. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
UDP packet headers
Remote maintenance
Some firewall benefits
COM/Script program infector
47. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
The goals of cryptography
Overview of TCP
Some malware capabilities
IDS not
48. Infects MBR - no network spreading potential
Integrity of Data
The TCP/IP model
COM/Script program infector
Boot record infector
49. Attaches itself to existing program files and activated when the exe is launched
The four types of events reported by IDS
The protected enclave to defense in depth
Program infector
File integrity checking work
50. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Trap door
Arbitrary substitution
SYN flood
Best way to protect wireless networks