SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Port scan
Race conditions
Social engineering
No State Inspection ACK flag set
2. FIN 130 - ACK 131 - FIN 570 - ACK 571
To close a TCP session
Rotation?
Group
Race conditions
3. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Worms
What ways should the crypto key be protected?
Rotation?
Honeyd
4. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
File Integrity checking work
Switches
The OSI model
Plaintext
5. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
DDoS attack
Some common UDP ports
What threats should be protected against - based on threat levels
Honeyd
6. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Network stumbler
TFTP
What range is a class B network?
Some NIDS topology limitations
7. Intrusion detection system - it reports attacks against monitored systems/networks
Program infector
Proxy or application gateway
Remote maintenance
IDS
8. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Anomaly analysis work
What ways should the crypto key be protected?
The TCP/IP model
Trap door
9. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
DDoS attack
The Uniform Protection to defense in depth
Permutation
Some ways to bypass firewall protections
10. Uniform protection - protected enclaves - information centric - threat vector analysis
The CIA triad
Honeypot
Bus Topology
The four basic approaches to defense in depth
11. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
The different cable categories
A netmask
What's a VLAN
Defense in depth
12. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Defense in depth
What ways should the crypto key be protected?
Kismet
Anomaly analysis work
13. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
Trojan horse
Trap door
Social engineering
14. The Practice of sending an ACK inside another packet going to the same destination
Ack Piggybacking
Log monitoring work?
IDS
WAN
15. OSI
What primary threats should be protected against
The goals of cryptography
Some malware propagation techniques
When talking about protocols and referencing layers - what stack is used
16. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Firewall
What's a VLAN
To close a TCP session
Honeypot
17. Confidentiality - integrity - availability
NIDS challenges
Kismet
The CIA triad
Some reasons to use TCP over UDP
18. Intellectual property - business goals - validated data - historical
Port scan
Proxy or application gateway
WAN
What threats should be protected against - based on threat levels
19. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Buffer overflow
Switches
Parasitic malware
Bridge
20. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Some Pen Test techniques
Permutation
Macro virus
Risk
21. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Address Resolution Protocol (ARP)
the application layer
Some ways to bypass firewall protections
ATM work
22. Malware - insider threat - natural disaster - terrorism - pandemic
The different cable categories
Deep packet inspection
What primary threats should be protected against
EXE program infector
23. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
24. logic bomb - trojan horse - trap door
Shallow packet inspection
The data link layer
Some types of malicious code
The difference in stacks
25. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Kismet
No State Inspection ACK flag set
Types of ATM virtual circuits
Shallow packet inspection
26. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
To close a TCP session
Some reasons to use TCP over UDP
Some external threat concerns
What range is a class A network?
27. Confidentiality - symmetric encryption
NIDS challenges
Snort
Some firewall benefits
The goals of cryptography
28. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Some FTP dangers
A netmask
Some firewall challenges
Group
29. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Vulnerabilities
The five threat vectors
Smurf attack
Integrity of Data
30. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Asynchronous Transfer Mode
The physical layer stack
When setting up a virtual circuit
Some firewall benefits
31. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Nmap scanning techniques
A netmask
Types of ATM virtual circuits
EXE program infector
32. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Buffer overflow
The data link layer
Rootkit
Social engineering
33. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Bridge
Macro virus
WAN
Address resolution protocol
34. Bits of code embedded in programs to quickly gain access at a later time
TFTP
Trap door
The four types of events reported by IDS
Proxy or application gateway
35. Going around with equipment to detect wireless networks
Address resolution protocol
Wardriving
The physical layer stack
The four basic approaches to defense in depth
36. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Some reasons to use TCP over UDP
PAN
IDS signature analysis work
Shallow packet inspection
37. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
The protected enclave to defense in depth
When implementing protocols - what stack should be used?
The conficker worm
TFTP
38. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
Nmap scanning techniques
Some common UDP ports
Rotation?
39. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Defense in depth
Some malware capabilities
Trojan horse
Ack Piggybacking
40. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
The difference in stacks
The session layer
Snort
The OSI model
41. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Port scan
Logic bomb
Alteration of code
The threat vector analysis in defense in depth
42. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
What's a VLAN
IDS data normalization
NIDS advantages
Some firewall benefits
43. Relies on executable code insertion and user interaction to spread
Kismet
Proxy or application gateway
Parasitic malware
NIDS advantages
44. It handles the establishment and maintenance of connections between systems
IDS signature analysis work
Hubs
The session layer
Some firewall challenges
45. Unencrypted message in its original form
Some ways to bypass firewall protections
IDS data normalization
Firewall
Plaintext
46. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
What range is a class B network?
Some common TCP ports
The data link layer
47. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Boot record infector
Ciphertext
Internet
The Uniform Protection to defense in depth
48. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
HIDS monitor
Boot record infector
When setting up a virtual circuit
The five threat vectors
49. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
Denial of service
Port scan
Honeyd
50. fast - with little fidelity - examines header information and limited payload data
Shallow packet inspection
ATM work
Address Resolution Protocol (ARP)
Plaintext