Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. OSI
When talking about protocols and referencing layers - what stack is used
Types of ATM virtual circuits
Some NIDS topology limitations
Some malware propagation techniques

2. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Logic bomb
Bridge
The protected enclave to defense in depth
Router

3. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
The five threat vectors
Some firewall benefits
Log monitoring work?

4. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
3-way handshake
Macro virus
Parasitic malware
Best way to protect wireless networks

5. Full open - half open (stealth scan) - UDP - Ping
Port scan
Logic bomb
Nmap scanning techniques
Hubs

6. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
To close a TCP session
Remote maintenance
No State Inspection ACK flag set
Permutation

7. Stateful firewalls maintain state of traffic flows
What threats should be protected against - based on threat levels
Stateful firewall
COM/Script program infector
The Uniform Protection to defense in depth

8. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Honeyd
Proxy or application gateway
NIDS challenges
Race conditions

9. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

10. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
File Integrity checking work
The conficker worm
IDS not
The Information Centric defense in depth

11. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
IDS not
No State Inspection ACK flag set
Trojan horse
Log monitoring work?

12. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
Logic bomb
Types of ATM virtual circuits
IDS data normalization
Bus Topology

13. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Deep packet inspection
Rootkit
NAC
What's a VLAN

14. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
The physical layer stack
Some FTP dangers
Remote maintenance
UDP packet headers

15. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
The threat vector analysis in defense in depth
What ways should the crypto key be protected?
Some NIDS topology limitations

16. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The OSI Protocol Stack
The network layer
Ack Piggybacking
IDS signature analysis work

17. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Defense in depth
Deep packet inspection
No State Inspection ACK flag set
Risk

18. Considered to be a perimeter device
Buffer overflow
The OSI model
ACK piggybacking
Router

19. Unencrypted message in its original form
Plaintext
The session layer
Some types of malicious code
NIDS advantages

20. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Risk
To establish a TCP session
Stateless packet filter
ATM work

21. True positive - false positive - true negative - false negative
Address Resolution Protocol (ARP)
The four types of events reported by IDS
What range is a class C network?
Network stumbler

22. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Plaintext
Ack Piggybacking
TFTP
When setting up a virtual circuit

23. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Race conditions
Arbitrary substitution
Rootkit
Firewall

24. One is for talking - one is for implementing
Bridge
The difference in stacks
Total cell size for asynchronous transfer mode (ATM)
Some reasons to use TCP over UDP

25. Intellectual property - business goals - validated data - historical
Hping
A netcat listener
What threats should be protected against - based on threat levels
The protected enclave to defense in depth

26. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
When implementing protocols - what stack should be used?
ATM work
The transport layer
SYN flood

27. 53 bytes - 48 bytes for data - 5 bytes for the header
The four basic approaches to defense in depth
Plaintext
Nmap scanning techniques
Total cell size for asynchronous transfer mode (ATM)

28. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Ciphertext
To close a TCP session
What range is a class B network?
Some Pen Test techniques

29. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
Honeypot
Some FTP dangers
When setting up a virtual circuit
NAC

30. Unified data carrying service - replacing from replay and ATM
Logic bomb
The Uniform Protection to defense in depth
Multi protocol label switching
TFTP

31. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some ways to bypass firewall protections
UDP packet headers
The threat vector analysis in defense in depth
IDS signature analysis work

32. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Worms
COM/Script program infector
The transport layer
What threats should be protected against - based on threat levels

33. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
3-way handshake
To close a TCP session
Smurf attack
Stateful firewall

34. Relies on executable code insertion and user interaction to spread
Asynchronous Transfer Mode
Internet
Some malware capabilities
Parasitic malware

35. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Some reasons to use UDP over TCP
The physical layer stack
Some malware propagation techniques
Some malware capabilities

36. Bits of code embedded in programs to quickly gain access at a later time
Alteration of code
Trap door
The OSI Protocol Stack
Address resolution protocol

37. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
The conficker worm
Types of viruses
UDP packet headers
Some honeypot advantages

38. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Integrity of Data
The protected enclave to defense in depth
Some firewall challenges
The threat vector analysis in defense in depth

39. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Some reasons to use TCP over UDP
Some network design objectives
Some disadvantages of honeypots
The threat vector analysis in defense in depth

40. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
SQL Slammer Worm
Vulnerabilities
Some disadvantages of honeypots
Some firewall challenges

41. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Alteration of code
Types of viruses
A netcat listener
War Dialing

42. Infects MBR - no network spreading potential
Race conditions
The OSI Protocol Stack
OS Command Injection defenses
Boot record infector

43. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Hubs
Ciphertext
Defense in depth
Bridge

44. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Social engineering
Group
Denial of service
Nmap scanning techniques

45. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Datagram length of a UDP packet
Overview of TCP
ATM work
Address resolution protocol

46. Confidentiality - integrity - availability
When setting up a virtual circuit
Some common UDP ports
Rotation?
The CIA triad

47. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Trap door
Some malware propagation techniques
War Dialing
Some firewall benefits

48. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Honeypot
The three goals of security
The physical layer stack
Deep packet inspection

49. An attempt to gain access by bombarding it with guesses until the password is found.
Integrity of Data
A netmask
Brute force
What's an easy way to test encryption?

50. Simple attack done by simply browsing available information that's allowed on a local network.
Browsing attack
Stateless packet filter
Race conditions
Nmap scanning techniques