SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Race conditions
The difference in stacks
Hubs
Some Pen Test techniques
2. Malware - insider threat - natural disaster - terrorism - pandemic
Permutation
Some network design objectives
What primary threats should be protected against
To close a TCP session
3. An attempt to gain access by bombarding it with guesses until the password is found.
ATM work
What ways should the crypto key be protected?
Brute force
Ack Piggybacking
4. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Proxy or application gateway
Some disadvantages of honeypots
Brute force
Rootkit
5. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
NIDS challenges
Some common UDP ports
The conficker worm
Some other UDP based protocols
6. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Bridge
The difference in stacks
Boot record infector
Risk
7. It interacts with the application layer to determine which network services will be required
Ciphertext
MAN
the application layer
Some honeypot advantages
8. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
The physical layer stack
Some reasons to use UDP over TCP
Firewall
Switches
9. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
The five threat vectors
The protected enclave to defense in depth
COM/Script program infector
Firewall
10. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Nmap
Bridge
Some types of malicious code
NIDS advantages
11. Considered to be a perimeter device
Honeypot
Router
3-way handshake
What range is a class B network?
12. destruction of data - leaking confidential information - providing backdoor access
DDoS attack
Some malware capabilities
MAN
The difference in stacks
13. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Vulnerabilities
Address Resolution Protocol (ARP)
Hping
Integrity of Data
14. Confidentiality - integrity - availability
What threats should be protected against - based on threat levels
The three goals of security
The physical layer stack
Program infector
15. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
IDS
The physical layer stack
Some network design objectives
Some NIDS topology limitations
16. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Smurf attack
Kismet
Permutation
Snort
17. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
Multi protocol label switching
Some malware capabilities
The presentation layer
18. Syn - Syn/Ack - Ack
When talking about protocols and referencing layers - what stack is used
OS Command Injection defenses
NIDS challenges
To establish a TCP session
19. True positive - false positive - true negative - false negative
What threats should be protected against - based on threat levels
ACK piggybacking
The four types of events reported by IDS
The network layer
20. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Honeyd
Bus Topology
Some reasons to use TCP over UDP
CIDR
21. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
A network protocol
TFTP
EXE program infector
3-way handshake
22. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
The Information Centric defense in depth
Some firewall benefits
Worms
Hping
23. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
Some network design objectives
The Information Centric defense in depth
Shallow packet inspection
24. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Kismet
When setting up a virtual circuit
Datagram length of a UDP packet
A blind FTP
25. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
Some firewall benefits
When talking about protocols and referencing layers - what stack is used
Some network design objectives
What's an easy way to test encryption?
26. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
The difference in stacks
Hubs
What range is a class A network?
File integrity checking work
27. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
Some malware propagation techniques
Some reasons to use UDP over TCP
When implementing protocols - what stack should be used?
HIDS monitor
28. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Some reasons to use UDP over TCP
Some common TCP ports
IDS signature analysis work
Types of ATM virtual circuits
29. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
COM/Script program infector
Ack Piggybacking
The five threat vectors
Some network design objectives
30. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Router
Shallow packet inspection
File integrity checking work
The presentation layer
31. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Permutation
Some common UDP ports
Trojan horse
Parasitic malware
32. A cracking tool inserted into the OS that allows the attacker to do as they please.
LAN
Some network design objectives
Rootkit
The four types of events reported by IDS
33. Confidentiality - symmetric encryption
Remote maintenance
The goals of cryptography
The network layer
Macro virus
34. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Proxy or application gateway
The transport layer
Race conditions
Rotation?
35. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
What threats should be protected against - based on threat levels
SYN flood
Address resolution protocol
The TCP/IP model
36. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Some ways to bypass firewall protections
Some reasons to use UDP over TCP
The Uniform Protection to defense in depth
Honeyd
37. Personal area network - phone tethering - bluetooth - etc
Switches
The transport layer
PAN
Address Resolution Protocol (ARP)
38. Unencrypted message in its original form
Checksum in UDP
To close a TCP session
The session layer
Plaintext
39. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Trojan horse
The Uniform Protection to defense in depth
Overview of TCP
NIDS advantages
40. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
PAN
Some types of malicious code
Group
Some reasons to use UDP over TCP
41. It handles the establishment and maintenance of connections between systems
Some common UDP ports
The conficker worm
Firewall
The session layer
42. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
ACK piggybacking
The network layer
IDS data normalization
The difference in stacks
43. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Kismet
Defense in depth
Some external threat concerns
File integrity checking work
44. logic bomb - trojan horse - trap door
Firewall
Risk
What's an easy way to test encryption?
Some types of malicious code
45. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Brute force
The conficker worm
TFTP
Program infector
46. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
Snort
Stateful firewall
Race conditions
NIDS advantages
47. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The OSI model
Address resolution protocol
Hubs
The session layer
48. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
49. Connects many WANs - MANs - and LANs - provided via ISP
Internet
Some external threat concerns
Some malware capabilities
The four basic approaches to defense in depth
50. Stateful firewalls maintain state of traffic flows
Nmap
Address resolution protocol
Some NIDS topology limitations
Stateful firewall