SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
The four basic approaches to defense in depth
SQL Slammer Worm
Snort
Program infector
2. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Address resolution protocol
IDS signature analysis work
A blind FTP
Buffer overflow
3. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The OSI model
What categories do vulnerabilities fall into?
NAC
What range is a class C network?
4. The practice of sending an ACK inside another packet going to the same destination
SQL Slammer Worm
Network stumbler
Proxy or application gateway
ACK piggybacking
5. It makes sure the data sent from one side to the other is in a format useful to the other side
A netmask
The presentation layer
Some common UDP ports
Some firewall challenges
6. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Honeyd
The data link layer
OS Command Injection defenses
File Integrity checking work
7. The Practice of sending an ACK inside another packet going to the same destination
The different cable categories
The three goals of security
Some disadvantages of honeypots
Ack Piggybacking
8. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Defense in depth
A blind FTP
Nmap scanning techniques
OS Command Injection defenses
9. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
Internet
Nmap
DDoS attack
Bridge
10. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
To establish a TCP session
The session layer
A network protocol
The Uniform Protection to defense in depth
11. True positive - false positive - true negative - false negative
Bridge
The four types of events reported by IDS
Some Pen Test techniques
The OSI model
12. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
The three goals of security
IDS
File integrity checking work
13. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
The threat vector analysis in defense in depth
Some disadvantages of honeypots
What's a VLAN
14. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Checksum in UDP
CIDR
What's an easy way to test encryption?
Deep packet inspection
15. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Wardriving
Risk
Arbitrary substitution
Log monitoring work?
16. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
PAN
Rootkit
UDP packet headers
What range is a class A network?
17. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
Some reasons to use UDP over TCP
The Information Centric defense in depth
SYN flood
SQL Slammer Worm
18. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Some malware propagation techniques
Some types of malicious code
Alteration of code
Macro virus
19. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
IDS signature analysis work
Some ways to bypass firewall protections
Ciphertext
Kismet
20. Trying to ID modems in a telephone exchange that may be susceptible to compromise
War Dialing
Kismet
Macro virus
The CIA triad
21. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
The protected enclave to defense in depth
Logic bomb
The physical layer stack
UDP packet headers
22. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
The TCP/IP model
HIDS monitor
Firewall
Remote maintenance
23. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
ACK piggybacking
What ways should the crypto key be protected?
Some external threat concerns
Trojan horse
24. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
A netmask
Checksum in UDP
The threat vector analysis in defense in depth
Defense in depth
25. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Some reasons to use UDP over TCP
NIDS challenges
Internet
Some common TCP ports
26. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
The different cable categories
The five threat vectors
COM/Script program infector
What range is a class C network?
27. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
Datagram length of a UDP packet
The transport layer
Defense in depth
28. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
ATM work
Some Pen Test techniques
Honeypot
Some honeypot advantages
29. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Social engineering
Vulnerabilities
Some disadvantages of honeypots
Some other UDP based protocols
30. Bits of code embedded in programs to quickly gain access at a later time
File Integrity checking work
Trap door
Stateless packet filter
Router
31. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
Some firewall benefits
Total cell size for asynchronous transfer mode (ATM)
When talking about protocols and referencing layers - what stack is used
32. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
The physical layer stack
Race conditions
Wardriving
Some NIDS topology limitations
33. It interacts with the application layer to determine which network services will be required
IDS
UDP packet headers
Some network design objectives
the application layer
34. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
3-way handshake
The protected enclave to defense in depth
Some honeypot advantages
35. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Address resolution protocol
Social engineering
Internet
What range is a class C network?
36. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Smurf attack
What threats should be protected against - based on threat levels
The four types of events reported by IDS
Denial of service
37. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
The threat vector analysis in defense in depth
Vulnerabilities
The protected enclave to defense in depth
Network stumbler
38. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
File integrity checking work
When implementing protocols - what stack should be used?
What categories do vulnerabilities fall into?
Some ways to bypass firewall protections
39. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
The data link layer
The goals of cryptography
Shallow packet inspection
MAN
40. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
File Integrity checking work
MAN
A blind FTP
The Uniform Protection to defense in depth
41. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
the application layer
Some FTP dangers
The transport layer
The threat vector analysis in defense in depth
42. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Some Pen Test techniques
No State Inspection ACK flag set
What range is a class C network?
The three goals of security
43. Syn - Syn/Ack - Ack
To establish a TCP session
When talking about protocols and referencing layers - what stack is used
IDS
Asynchronous Transfer Mode
44. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Some ways to bypass firewall protections
Ciphertext
Honeyd
Overview of TCP
46. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
PAN
IDS
What range is a class B network?
The threat vector analysis in defense in depth
47. One is for talking - one is for implementing
The difference in stacks
Logic bomb
Proxy or application gateway
Trojan horse
48. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
EXE program infector
Some firewall benefits
Risk
MAN
49. Connects many WANs - MANs - and LANs - provided via ISP
The Uniform Protection to defense in depth
Internet
What range is a class A network?
Checksum in UDP
50. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Boot record infector
Nmap
The four basic approaches to defense in depth
Bus Topology
