SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It interacts with the application layer to determine which network services will be required
the application layer
Some external threat concerns
A network protocol
Group
2. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
Logic bomb
No State Inspection ACK flag set
TFTP
3. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
The data link layer
Some ways to bypass firewall protections
What categories do vulnerabilities fall into?
Some other UDP based protocols
4. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
The three goals of security
Firewall
Trojan horse
Arbitrary substitution
5. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Some reasons to use UDP over TCP
IDS not
File integrity checking work
The five threat vectors
6. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Types of viruses
File integrity checking work
DDoS attack
Smurf attack
7. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
What range is a class B network?
When implementing protocols - what stack should be used?
Some NIDS topology limitations
Stateless packet filter
8. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
NAC
Macro virus
The Uniform Protection to defense in depth
9. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Group
Port scan
Honeypot
Asynchronous Transfer Mode
10. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
SQL Slammer Worm
MAN
Defense in depth
The OSI Protocol Stack
11. FIN 130 - ACK 131 - FIN 570 - ACK 571
Ciphertext
HIDS monitor
The Information Centric defense in depth
To close a TCP session
12. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Some common UDP ports
Snort
What ways should the crypto key be protected?
A netmask
13. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
NIDS advantages
Proxy or application gateway
Datagram length of a UDP packet
MAN
14. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
The data link layer
Defense in depth
Network stumbler
Plaintext
15. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
When talking about protocols and referencing layers - what stack is used
A network protocol
NIDS challenges
Internet
16. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Defense in depth
Some common TCP ports
Some network design objectives
The conficker worm
17. Confidentiality - integrity - availability
The CIA triad
The threat vector analysis in defense in depth
When talking about protocols and referencing layers - what stack is used
What range is a class A network?
18. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
The transport layer
Network stumbler
3-way handshake
Some types of malicious code
19. fast - with little fidelity - examines header information and limited payload data
The five threat vectors
Shallow packet inspection
Arbitrary substitution
Wardriving
20. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Overview of TCP
The data link layer
A netmask
Alteration of code
21. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
ACK piggybacking
SYN flood
Checksum in UDP
UDP packet headers
22. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
WAN
Some common TCP ports
Alteration of code
Internet
23. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Types of ATM virtual circuits
Honeypot
Some malware capabilities
CIDR
24. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Internet
Buffer overflow
Some honeypot advantages
Remote maintenance
25. Handles transmissions across the physical media like wires - fiber - etc
The physical layer stack
The threat vector analysis in defense in depth
SQL Slammer Worm
MAN
26. One is for talking - one is for implementing
Some common TCP ports
Switches
The difference in stacks
The presentation layer
27. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
Wardriving
Some types of malicious code
PAN
28. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Bus Topology
Permutation
Hping
Switches
29. True positive - false positive - true negative - false negative
Some malware propagation techniques
Types of ATM virtual circuits
Network stumbler
The four types of events reported by IDS
30. Message in its encrypted form
Trojan horse
The four basic approaches to defense in depth
NIDS advantages
Ciphertext
31. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Some disadvantages of honeypots
The five threat vectors
A netmask
When implementing protocols - what stack should be used?
32. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
33. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
ATM work
Address Resolution Protocol (ARP)
COM/Script program infector
Some common UDP ports
34. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
DDoS attack
Multi protocol label switching
The network layer
Remote maintenance
35. Protected at rest - protected in transit - secure the key
Address resolution protocol
What ways should the crypto key be protected?
MAN
Hubs
36. Network scanner.
IDS not
Nmap
Router
File integrity checking work
37. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Address resolution protocol
EXE program infector
The data link layer
Honeypot
38. destruction of data - leaking confidential information - providing backdoor access
Wardriving
Overview of TCP
Some malware capabilities
Asynchronous Transfer Mode
39. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Log monitoring work?
The Uniform Protection to defense in depth
IDS data normalization
Some honeypot advantages
40. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some reasons to use TCP over UDP
Network stumbler
Some external threat concerns
Proxy or application gateway
41. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
The protected enclave to defense in depth
Best way to protect wireless networks
The goals of cryptography
IDS signature analysis work
42. Confidentiality - symmetric encryption
NIDS challenges
Some ways to bypass firewall protections
The OSI Protocol Stack
The goals of cryptography
43. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
A network protocol
NIDS advantages
Multi protocol label switching
NAC
44. Bits of code embedded in programs to quickly gain access at a later time
Log monitoring work?
Alteration of code
Trap door
IDS
45. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
Overview of TCP
A blind FTP
Program infector
The transport layer
46. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
A network protocol
No State Inspection ACK flag set
The transport layer
Some FTP dangers
47. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
A netcat listener
Program infector
Some firewall benefits
What threats should be protected against - based on threat levels
48. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
Social engineering
UDP packet headers
Types of ATM virtual circuits
OS Command Injection defenses
49. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
WAN
Some types of malicious code
The protected enclave to defense in depth
When implementing protocols - what stack should be used?
50. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Logic bomb
The Information Centric defense in depth
The transport layer
COM/Script program infector