SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Vulnerabilities
PAN
WAN
The three goals of security
2. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Address resolution protocol
Shallow packet inspection
LAN
What range is a class C network?
3. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
Some reasons to use TCP over UDP
3-way handshake
What threats should be protected against - based on threat levels
Alteration of code
4. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
The four types of events reported by IDS
Some external threat concerns
Types of viruses
Risk
5. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
The protected enclave to defense in depth
PAN
Boot record infector
The data link layer
6. Network scanner.
Nmap
The Uniform Protection to defense in depth
Smurf attack
The OSI Protocol Stack
7. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
The network layer
Some malware propagation techniques
The physical layer stack
UDP packet headers
8. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
Social engineering
Router
What primary threats should be protected against
9. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
Types of viruses
What primary threats should be protected against
Some disadvantages of honeypots
Some network design objectives
10. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Types of viruses
What ways should the crypto key be protected?
Firewall
Remote maintenance
11. Personal area network - phone tethering - bluetooth - etc
PAN
Some common TCP ports
Deep packet inspection
The four types of events reported by IDS
12. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Defense in depth
No State Inspection ACK flag set
Total cell size for asynchronous transfer mode (ATM)
Parasitic malware
13. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
The conficker worm
Some common TCP ports
To close a TCP session
14. Intellectual property - business goals - validated data - historical
Macro virus
Some honeypot advantages
Snort
What threats should be protected against - based on threat levels
15. Intrusion detection system - it reports attacks against monitored systems/networks
Some honeypot advantages
Multi protocol label switching
IDS
Some disadvantages of honeypots
16. An attempt to gain access by bombarding it with guesses until the password is found.
Trojan horse
The five threat vectors
The network layer
Brute force
17. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
ATM work
Honeypot
Firewall
Bridge
18. Confidentiality - integrity - availability
A netcat listener
Some firewall challenges
The three goals of security
The TCP/IP model
19. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
Some common UDP ports
Total cell size for asynchronous transfer mode (ATM)
What range is a class B network?
20. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Overview of TCP
Datagram length of a UDP packet
Boot record infector
The OSI Protocol Stack
21. Going around with equipment to detect wireless networks
Buffer overflow
Trap door
Some disadvantages of honeypots
Wardriving
22. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Worms
Boot record infector
Switches
TFTP
23. A cracking tool inserted into the OS that allows the attacker to do as they please.
Rootkit
Ack Piggybacking
Log monitoring work?
Browsing attack
24. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
The Information Centric defense in depth
Rootkit
A blind FTP
25. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
What's an easy way to test encryption?
Ciphertext
Some other UDP based protocols
When talking about protocols and referencing layers - what stack is used
26. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
NIDS challenges
Total cell size for asynchronous transfer mode (ATM)
Some other UDP based protocols
The Uniform Protection to defense in depth
27. Stateful firewalls maintain state of traffic flows
No State Inspection ACK flag set
The OSI model
The five threat vectors
Stateful firewall
28. Bits of code embedded in programs to quickly gain access at a later time
Multi protocol label switching
Some reasons to use TCP over UDP
The different cable categories
Trap door
29. Message in its encrypted form
Ciphertext
What's an easy way to test encryption?
The difference in stacks
To establish a TCP session
30. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
Alteration of code
IDS data normalization
What range is a class A network?
Some FTP dangers
31. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
EXE program infector
Kismet
Plaintext
32. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Address resolution protocol
Some network design objectives
Alteration of code
The network layer
33. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Brute force
Buffer overflow
OS Command Injection defenses
Group
34. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
HIDS monitor
Buffer overflow
To establish a TCP session
Program infector
35. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Buffer overflow
Wardriving
Parasitic malware
Vulnerabilities
36. Attaches itself to existing program files and activated when the exe is launched
Some NIDS topology limitations
EXE program infector
Program infector
LAN
37. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
Permutation
The different cable categories
SYN flood
Kismet
38. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
CIDR
Bus Topology
The network layer
IDS signature analysis work
39. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Trap door
Some ways to bypass firewall protections
Some disadvantages of honeypots
Nmap
40. fast - with little fidelity - examines header information and limited payload data
Internet
When setting up a virtual circuit
Shallow packet inspection
Network stumbler
41. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
Address resolution protocol
Social engineering
MAN
To establish a TCP session
42. The practice of sending an ACK inside another packet going to the same destination
What range is a class A network?
Some firewall benefits
Brute force
ACK piggybacking
43. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
The Uniform Protection to defense in depth
Rotation?
What ways should the crypto key be protected?
What range is a class B network?
44. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Permutation
SYN flood
The OSI Protocol Stack
What range is a class B network?
45. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. Trying to ID modems in a telephone exchange that may be susceptible to compromise
War Dialing
Some Pen Test techniques
EXE program infector
Router
47. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
NIDS advantages
The Information Centric defense in depth
Wardriving
Checksum in UDP
48. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
What ways should the crypto key be protected?
Honeypot
Some ways to bypass firewall protections
Asynchronous Transfer Mode
49. It makes sure the data sent from one side to the other is in a format useful to the other side
Arbitrary substitution
When setting up a virtual circuit
Snort
The presentation layer
50. Considered to be a perimeter device
When implementing protocols - what stack should be used?
Router
The physical layer stack
The protected enclave to defense in depth