SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. It handles the establishment and maintenance of connections between systems
Program infector
A netcat listener
Some network design objectives
The session layer
2. Known - unknown - zero day
A network protocol
What primary threats should be protected against
What categories do vulnerabilities fall into?
LAN
3. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
LAN
Group
Defense in depth
The OSI Protocol Stack
4. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
The network layer
Best way to protect wireless networks
A network protocol
War Dialing
5. A cracking tool inserted into the OS that allows the attacker to do as they please.
Arbitrary substitution
Router
Integrity of Data
Rootkit
6. Unified data carrying service - replacing from replay and ATM
Risk
Best way to protect wireless networks
Multi protocol label switching
Some reasons to use TCP over UDP
7. Unencrypted message in its original form
Plaintext
PAN
The three goals of security
When implementing protocols - what stack should be used?
8. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
Trap door
Asynchronous Transfer Mode
The different cable categories
9. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
WAN
Internet
A netmask
A netcat listener
10. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some other UDP based protocols
Kismet
Some common TCP ports
The CIA triad
11. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Program infector
The threat vector analysis in defense in depth
War Dialing
File integrity checking work
12. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
Denial of service
The OSI model
MAN
13. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Network stumbler
Types of viruses
the application layer
The Uniform Protection to defense in depth
14. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
The physical layer stack
Deep packet inspection
Brute force
Worms
15. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Some external threat concerns
Logic bomb
A network protocol
Best way to protect wireless networks
16. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
What categories do vulnerabilities fall into?
The TCP/IP model
Some external threat concerns
OS Command Injection defenses
17. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
ATM work
The data link layer
Some malware propagation techniques
Snort
18. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Bus Topology
The different cable categories
Honeypot
What's an easy way to test encryption?
19. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
The Uniform Protection to defense in depth
Some firewall challenges
COM/Script program infector
Firewall
20. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Boot record infector
Hubs
What range is a class B network?
Stateless packet filter
21. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Bridge
Hubs
Log monitoring work?
WAN
22. Going around with equipment to detect wireless networks
MAN
Wardriving
What categories do vulnerabilities fall into?
What range is a class B network?
23. Message in its encrypted form
Multi protocol label switching
The physical layer stack
The different cable categories
Ciphertext
24. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Router
Some reasons to use TCP over UDP
File integrity checking work
ACK piggybacking
25. Uniform protection - protected enclaves - information centric - threat vector analysis
The four basic approaches to defense in depth
Trojan horse
Logic bomb
What range is a class C network?
26. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Kismet
Some firewall challenges
Some Pen Test techniques
The network layer
27. Syn - Syn/Ack - Ack
Ciphertext
To establish a TCP session
What threats should be protected against - based on threat levels
The threat vector analysis in defense in depth
28. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
Deep packet inspection
File Integrity checking work
No State Inspection ACK flag set
The TCP/IP model
29. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
What categories do vulnerabilities fall into?
Logic bomb
Hping
The four basic approaches to defense in depth
30. Trying to ID modems in a telephone exchange that may be susceptible to compromise
War Dialing
Some FTP dangers
Some network design objectives
The TCP/IP model
31. It makes sure the data sent from one side to the other is in a format useful to the other side
What primary threats should be protected against
The physical layer stack
The presentation layer
To close a TCP session
32. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Overview of TCP
When setting up a virtual circuit
To close a TCP session
Buffer overflow
33. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Internet
The network layer
Some firewall challenges
Group
34. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Brute force
Deep packet inspection
The three goals of security
What range is a class C network?
35. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Honeypot
Honeyd
Program infector
Some reasons to use TCP over UDP
36. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
A netcat listener
IDS
Group
Some FTP dangers
37. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
OS Command Injection defenses
What range is a class B network?
Brute force
UDP packet headers
38. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
ATM work
Brute force
Program infector
No State Inspection ACK flag set
39. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Types of ATM virtual circuits
The CIA triad
Rootkit
UDP packet headers
40. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
What's a VLAN
Logic bomb
IDS signature analysis work
Best way to protect wireless networks
41. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
Smurf attack
Some ways to bypass firewall protections
The different cable categories
Router
42. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
EXE program infector
Some NIDS topology limitations
Race conditions
43. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
The presentation layer
Some malware capabilities
NAC
Remote maintenance
44. Confidentiality - symmetric encryption
Network stumbler
The goals of cryptography
Some NIDS topology limitations
Defense in depth
45. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
What ways should the crypto key be protected?
Brute force
Honeypot
The protected enclave to defense in depth
46. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A blind FTP
LAN
The different cable categories
ATM work
47. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
Proxy or application gateway
Group
Some firewall benefits
The TCP/IP model
48. OSI
When talking about protocols and referencing layers - what stack is used
Browsing attack
Some firewall benefits
When setting up a virtual circuit
49. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
The session layer
UDP packet headers
What range is a class A network?
ACK piggybacking
50. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Some ways to bypass firewall protections
Boot record infector
DDoS attack
Log monitoring work?