SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Some reasons to use UDP over TCP
What range is a class C network?
Some disadvantages of honeypots
Some other UDP based protocols
2. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
Switches
Some firewall challenges
Worms
ACK piggybacking
3. Considered to be a perimeter device
Router
Defense in depth
Some malware capabilities
OS Command Injection defenses
4. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
What threats should be protected against - based on threat levels
Some other UDP based protocols
NAC
ATM work
5. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Some ways to bypass firewall protections
Some malware propagation techniques
NAC
Datagram length of a UDP packet
6. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
What primary threats should be protected against
The protected enclave to defense in depth
Some common TCP ports
The OSI model
7. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Internet
TFTP
Some Pen Test techniques
Rotation?
8. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Parasitic malware
TFTP
Types of ATM virtual circuits
To establish a TCP session
9. OSI
Overview of TCP
DDoS attack
When talking about protocols and referencing layers - what stack is used
Some honeypot advantages
10. Network scanner.
Risk
Nmap
TFTP
SYN flood
11. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Hping
Bridge
Some malware propagation techniques
Asynchronous Transfer Mode
12. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
What threats should be protected against - based on threat levels
NIDS challenges
The network layer
Buffer overflow
13. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
The three goals of security
Some ways to bypass firewall protections
The five threat vectors
Honeyd
14. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Some firewall challenges
File Integrity checking work
Bridge
The data link layer
15. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Port scan
Proxy or application gateway
LAN
EXE program infector
16. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
The TCP/IP model
PAN
A netcat listener
17. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
LAN
The five threat vectors
Some firewall benefits
18. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Denial of service
Kismet
The difference in stacks
The session layer
19. Unencrypted message in its original form
War Dialing
Bus Topology
Some types of malicious code
Plaintext
20. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
A network protocol
IDS data normalization
Internet
Address Resolution Protocol (ARP)
21. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
To close a TCP session
Some malware propagation techniques
Worms
File integrity checking work
22. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Plaintext
Stateful firewall
Macro virus
Some common UDP ports
23. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Anomaly analysis work
Deep packet inspection
A netmask
The four basic approaches to defense in depth
24. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
The protected enclave to defense in depth
ACK piggybacking
Parasitic malware
The session layer
25. Syn - Syn/Ack - Ack
What range is a class B network?
NIDS challenges
To establish a TCP session
The different cable categories
26. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
IDS
Browsing attack
SQL Slammer Worm
WAN
27. Trying to ID modems in a telephone exchange that may be susceptible to compromise
NIDS challenges
War Dialing
Address resolution protocol
What range is a class B network?
28. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Macro virus
Bus Topology
Some honeypot advantages
To close a TCP session
29. Bits of code embedded in programs to quickly gain access at a later time
Trap door
Program infector
The five threat vectors
Datagram length of a UDP packet
30. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
The threat vector analysis in defense in depth
EXE program infector
What ways should the crypto key be protected?
Some firewall challenges
31. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Snort
Some reasons to use TCP over UDP
ACK piggybacking
The transport layer
32. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
3-way handshake
The different cable categories
A blind FTP
Trojan horse
33. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Some NIDS topology limitations
Nmap scanning techniques
Some external threat concerns
Smurf attack
34. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
The data link layer
Denial of service
Plaintext
Wardriving
35. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Hping
HIDS monitor
The OSI model
Types of ATM virtual circuits
36. FIN 130 - ACK 131 - FIN 570 - ACK 571
DDoS attack
To close a TCP session
Wardriving
Ciphertext
37. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
A blind FTP
Total cell size for asynchronous transfer mode (ATM)
When setting up a virtual circuit
Risk
38. Relies on executable code insertion and user interaction to spread
The TCP/IP model
Some common TCP ports
Smurf attack
Parasitic malware
39. Unified data carrying service - replacing from replay and ATM
Rotation?
Multi protocol label switching
Address Resolution Protocol (ARP)
A blind FTP
40. It interacts with the application layer to determine which network services will be required
To establish a TCP session
the application layer
The data link layer
EXE program infector
41. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
42. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The physical layer stack
Router
Some reasons to use TCP over UDP
The TCP/IP model
43. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
Alteration of code
What's a VLAN
Wardriving
COM/Script program infector
44. fast - with little fidelity - examines header information and limited payload data
To establish a TCP session
Shallow packet inspection
Checksum in UDP
Kismet
45. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Boot record infector
Total cell size for asynchronous transfer mode (ATM)
The CIA triad
Honeypot
46. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
The transport layer
IDS
Stateless packet filter
47. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
When implementing protocols - what stack should be used?
EXE program infector
OS Command Injection defenses
Race conditions
48. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
What threats should be protected against - based on threat levels
Smurf attack
Overview of TCP
The different cable categories
49. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
COM/Script program infector
Some common UDP ports
The goals of cryptography
IDS
50. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
War Dialing
UDP packet headers
Some malware capabilities
Parasitic malware