Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Smurf attack
Shallow packet inspection
EXE program infector
Social engineering

2. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
What range is a class B network?
Honeyd
The data link layer
A blind FTP

3. Bits of code embedded in programs to quickly gain access at a later time
Trap door
Some honeypot advantages
ACK piggybacking
The TCP/IP model

4. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
ATM work
TFTP
Worms
A netmask

5. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Some common TCP ports
ATM work
Some malware propagation techniques
The different cable categories

6. One is for talking - one is for implementing
Switches
The difference in stacks
Parasitic malware
Arbitrary substitution

7. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
What range is a class C network?
The different cable categories
Logic bomb
What ways should the crypto key be protected?

8. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Network stumbler
The CIA triad
IDS signature analysis work
The transport layer

9. Considered to be a perimeter device
What categories do vulnerabilities fall into?
File Integrity checking work
Router
ATM work

10. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
Risk
The threat vector analysis in defense in depth
IDS signature analysis work
Ack Piggybacking

11. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
To establish a TCP session
File Integrity checking work
ATM work
The OSI Protocol Stack

12. It handles the establishment and maintenance of connections between systems
Some NIDS topology limitations
Hubs
When setting up a virtual circuit
The session layer

13. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Nmap
ATM work
the application layer
Address Resolution Protocol (ARP)

14. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Program infector
Trojan horse
Port scan
The session layer

15. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Some types of malicious code
Some malware capabilities
Alteration of code
No State Inspection ACK flag set

16. Confidentiality - integrity - availability
IDS not
Alteration of code
The CIA triad
Switches

17. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Buffer overflow
A network protocol
Switches
Program infector

18. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
What's an easy way to test encryption?
What range is a class A network?
Deep packet inspection
Alteration of code

19. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
What's a VLAN
Race conditions
Honeyd
Wardriving

20. Network scanner.
Rootkit
Nmap
The conficker worm
IDS

21. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
Macro virus
The conficker worm
Vulnerabilities
Honeyd

22. It interacts with the application layer to determine which network services will be required
the application layer
Address Resolution Protocol (ARP)
The threat vector analysis in defense in depth
To establish a TCP session

23. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
PAN
UDP packet headers
The data link layer
The protected enclave to defense in depth

24. Malware - insider threat - natural disaster - terrorism - pandemic
Shallow packet inspection
What categories do vulnerabilities fall into?
What primary threats should be protected against
HIDS monitor

25. The practice of sending an ACK inside another packet going to the same destination
ACK piggybacking
Some ways to bypass firewall protections
The OSI Protocol Stack
ATM work

26. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
A network protocol
Some ways to bypass firewall protections
Remote maintenance
Worms

27. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Some malware propagation techniques
SYN flood
Some FTP dangers
The four basic approaches to defense in depth

28. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
The Information Centric defense in depth
The three goals of security
Address resolution protocol
Nmap scanning techniques

29. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Denial of service
Bridge
To establish a TCP session
Some reasons to use UDP over TCP

30. Known - unknown - zero day
DDoS attack
What categories do vulnerabilities fall into?
Datagram length of a UDP packet
The network layer

31. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
The session layer
Bridge
What threats should be protected against - based on threat levels
The data link layer

32. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Some malware propagation techniques
Some Pen Test techniques
Proxy or application gateway
Denial of service

33. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Some NIDS topology limitations
The TCP/IP model
Types of ATM virtual circuits
The goals of cryptography

34. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
LAN
The protected enclave to defense in depth
What range is a class C network?
The presentation layer

35. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Buffer overflow
IDS not
ATM work
Honeyd

36. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Best way to protect wireless networks
TFTP
Overview of TCP
Some external threat concerns

37. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
The transport layer
What threats should be protected against - based on threat levels
NAC
Nmap

38. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
The different cable categories
The presentation layer
Stateful firewall
UDP packet headers

39. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
No State Inspection ACK flag set
Bridge
Nmap scanning techniques
Some external threat concerns

40. True positive - false positive - true negative - false negative
No State Inspection ACK flag set
ACK piggybacking
IDS signature analysis work
The four types of events reported by IDS

41. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
The CIA triad
File Integrity checking work
What threats should be protected against - based on threat levels

42. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
IDS signature analysis work
ATM work
Port scan
Datagram length of a UDP packet

43. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
ATM work
Bridge
What range is a class C network?
Asynchronous Transfer Mode

44. Uniform protection - protected enclaves - information centric - threat vector analysis
Hping
Some reasons to use TCP over UDP
Hubs
The four basic approaches to defense in depth

45. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Anomaly analysis work
Deep packet inspection
Some reasons to use TCP over UDP
EXE program infector

46. 53 bytes - 48 bytes for data - 5 bytes for the header
A netcat listener
Total cell size for asynchronous transfer mode (ATM)
Arbitrary substitution
Some firewall benefits

47. Confidentiality - integrity - availability
The three goals of security
NIDS challenges
Multi protocol label switching
CIDR

48. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

49. Trying to ID modems in a telephone exchange that may be susceptible to compromise
What primary threats should be protected against
Ciphertext
Some malware propagation techniques
War Dialing

50. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Firewall
A netcat listener
When talking about protocols and referencing layers - what stack is used
Nmap