SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
IDS data normalization
Log monitoring work?
EXE program infector
2. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The network layer
Nmap
NAC
ACK piggybacking
3. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Trojan horse
Group
File integrity checking work
3-way handshake
4. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Some malware capabilities
When implementing protocols - what stack should be used?
Risk
Firewall
5. Confidentiality - symmetric encryption
The CIA triad
War Dialing
Address resolution protocol
The goals of cryptography
6. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Some network design objectives
When talking about protocols and referencing layers - what stack is used
EXE program infector
Defense in depth
7. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
A blind FTP
The conficker worm
Checksum in UDP
CIDR
8. Handles transmissions across the physical media like wires - fiber - etc
Address Resolution Protocol (ARP)
Some disadvantages of honeypots
File integrity checking work
The physical layer stack
9. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
What categories do vulnerabilities fall into?
SQL Slammer Worm
Some ways to bypass firewall protections
Best way to protect wireless networks
10. One is for talking - one is for implementing
NIDS challenges
Permutation
The difference in stacks
Some firewall challenges
11. Unencrypted message in its original form
UDP packet headers
CIDR
Plaintext
Vulnerabilities
12. Personal area network - phone tethering - bluetooth - etc
PAN
What's a VLAN
To close a TCP session
Bridge
13. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
Bus Topology
War Dialing
The network layer
14. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Wardriving
Some common UDP ports
Remote maintenance
Some firewall challenges
15. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Denial of service
SYN flood
Hping
OS Command Injection defenses
16. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
A network protocol
Types of viruses
A netcat listener
What range is a class A network?
18. Stateful firewalls maintain state of traffic flows
Stateful firewall
File Integrity checking work
Macro virus
Datagram length of a UDP packet
19. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Plaintext
Best way to protect wireless networks
Some ways to bypass firewall protections
Log monitoring work?
20. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
Nmap scanning techniques
Deep packet inspection
What range is a class A network?
Macro virus
21. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Some types of malicious code
Some reasons to use TCP over UDP
A netmask
Remote maintenance
22. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Some network design objectives
A blind FTP
Defense in depth
A network protocol
23. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. Confidentiality - integrity - availability
Integrity of Data
The CIA triad
Honeyd
Ciphertext
25. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Alteration of code
SYN flood
Datagram length of a UDP packet
The protected enclave to defense in depth
26. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
The three goals of security
Some FTP dangers
NIDS advantages
Kismet
27. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
The data link layer
Bridge
OS Command Injection defenses
Arbitrary substitution
28. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
Types of viruses
Some firewall benefits
Datagram length of a UDP packet
What range is a class B network?
29. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
Browsing attack
Alteration of code
HIDS monitor
The Information Centric defense in depth
30. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Trap door
Alteration of code
IDS signature analysis work
Address Resolution Protocol (ARP)
31. fast - with little fidelity - examines header information and limited payload data
the application layer
Shallow packet inspection
Trojan horse
Browsing attack
32. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Trap door
No State Inspection ACK flag set
To close a TCP session
The network layer
33. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Some honeypot advantages
What's an easy way to test encryption?
Remote maintenance
A netcat listener
34. Known - unknown - zero day
DDoS attack
Parasitic malware
What categories do vulnerabilities fall into?
Some common TCP ports
35. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
NIDS advantages
Address resolution protocol
Honeyd
36. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
Plaintext
PAN
Some firewall benefits
Some common TCP ports
37. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Nmap
The four types of events reported by IDS
MAN
Race conditions
38. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Wardriving
NAC
Some common UDP ports
CIDR
39. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
CIDR
To close a TCP session
The TCP/IP model
Types of ATM virtual circuits
40. An attempt to gain access by bombarding it with guesses until the password is found.
A netmask
CIDR
Brute force
Some honeypot advantages
41. Relies on executable code insertion and user interaction to spread
Some NIDS topology limitations
Some reasons to use TCP over UDP
DDoS attack
Parasitic malware
42. Simple attack done by simply browsing available information that's allowed on a local network.
A blind FTP
Some ways to bypass firewall protections
Browsing attack
Address resolution protocol
43. Unified data carrying service - replacing from replay and ATM
ATM work
Some ways to bypass firewall protections
Some firewall challenges
Multi protocol label switching
44. Bits of code embedded in programs to quickly gain access at a later time
Trap door
Honeypot
The four basic approaches to defense in depth
Trojan horse
45. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Honeyd
Address resolution protocol
Some other UDP based protocols
No State Inspection ACK flag set
46. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
The data link layer
The goals of cryptography
Asynchronous Transfer Mode
When implementing protocols - what stack should be used?
47. Intellectual property - business goals - validated data - historical
Some firewall challenges
The data link layer
What's a VLAN
What threats should be protected against - based on threat levels
48. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Bus Topology
When setting up a virtual circuit
The five threat vectors
Integrity of Data
49. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
The difference in stacks
NIDS challenges
Kismet
Log monitoring work?
50. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Boot record infector
War Dialing
Nmap
Permutation