SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Some firewall benefits
Log monitoring work?
Address resolution protocol
EXE program infector
2. The Practice of sending an ACK inside another packet going to the same destination
Defense in depth
Checksum in UDP
Ack Piggybacking
The OSI Protocol Stack
3. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Group
A netmask
Some ways to bypass firewall protections
OS Command Injection defenses
4. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Some honeypot advantages
The five threat vectors
Some disadvantages of honeypots
Hubs
5. It handles the establishment and maintenance of connections between systems
The session layer
Race conditions
NIDS challenges
Kismet
6. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
WAN
OS Command Injection defenses
Some Pen Test techniques
Some external threat concerns
7. Malware - insider threat - natural disaster - terrorism - pandemic
Nmap scanning techniques
What primary threats should be protected against
Some firewall challenges
A blind FTP
8. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
The conficker worm
Bridge
Asynchronous Transfer Mode
The session layer
9. An attempt to gain access by bombarding it with guesses until the password is found.
The network layer
HIDS monitor
IDS data normalization
Brute force
10. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Hping
What categories do vulnerabilities fall into?
Rootkit
A netcat listener
11. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Proxy or application gateway
NIDS challenges
What categories do vulnerabilities fall into?
Datagram length of a UDP packet
12. A hash is produced when applied to a monitored file. The hash always generates the same value unless a change was made. HIDS software checks the hashes of monitored files and if a change is found - analyst is notified. - ie: tripwire
File Integrity checking work
Some firewall challenges
Shallow packet inspection
Integrity of Data
13. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Network stumbler
IDS signature analysis work
The threat vector analysis in defense in depth
The OSI model
14. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
Some reasons to use UDP over TCP
To establish a TCP session
What categories do vulnerabilities fall into?
15. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Program infector
The OSI Protocol Stack
Some malware capabilities
Address Resolution Protocol (ARP)
16. Infects MBR - no network spreading potential
The TCP/IP model
Proxy or application gateway
Address resolution protocol
Boot record infector
17. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Switches
What's a VLAN
IDS not
The threat vector analysis in defense in depth
18. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
The Uniform Protection to defense in depth
To close a TCP session
What range is a class B network?
A blind FTP
19. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Hping
HIDS monitor
Switches
Bus Topology
20. Unified data carrying service - replacing from replay and ATM
Multi protocol label switching
The threat vector analysis in defense in depth
What range is a class A network?
Social engineering
21. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
Datagram length of a UDP packet
TFTP
Some other UDP based protocols
22. logic bomb - trojan horse - trap door
Some types of malicious code
Nmap
EXE program infector
MAN
23. Bits of code embedded in programs to quickly gain access at a later time
Some types of malicious code
Honeypot
Social engineering
Trap door
24. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Types of viruses
Buffer overflow
Some honeypot advantages
Race conditions
25. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
The three goals of security
Stateful firewall
No State Inspection ACK flag set
A netcat listener
26. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
IDS data normalization
OS Command Injection defenses
The threat vector analysis in defense in depth
Denial of service
27. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
IDS not
NIDS challenges
Group
The difference in stacks
28. Simple attack done by simply browsing available information that's allowed on a local network.
Browsing attack
Some other UDP based protocols
To close a TCP session
Some NIDS topology limitations
29. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Some ways to bypass firewall protections
When setting up a virtual circuit
Hubs
Buffer overflow
30. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Trojan horse
The data link layer
Some Pen Test techniques
The Uniform Protection to defense in depth
31. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Some common UDP ports
PAN
The Uniform Protection to defense in depth
Types of viruses
32. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
DDoS attack
Boot record infector
The protected enclave to defense in depth
What threats should be protected against - based on threat levels
33. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
What range is a class B network?
Best way to protect wireless networks
No State Inspection ACK flag set
Some FTP dangers
34. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Defense in depth
Anomaly analysis work
The threat vector analysis in defense in depth
To close a TCP session
35. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
Some types of malicious code
SQL Slammer Worm
The different cable categories
What's an easy way to test encryption?
36. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
The Information Centric defense in depth
Deep packet inspection
The OSI Protocol Stack
Some Pen Test techniques
37. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Some firewall benefits
Firewall
The TCP/IP model
Some firewall challenges
38. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Overview of TCP
Risk
Some firewall challenges
Wardriving
39. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
40. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
What primary threats should be protected against
Port scan
What range is a class B network?
the application layer
41. A cracking tool inserted into the OS that allows the attacker to do as they please.
Some reasons to use TCP over UDP
The protected enclave to defense in depth
A netmask
Rootkit
42. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
Trojan horse
Datagram length of a UDP packet
Some ways to bypass firewall protections
43. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
WAN
Snort
CIDR
Bus Topology
44. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Macro virus
Some reasons to use TCP over UDP
Hping
Total cell size for asynchronous transfer mode (ATM)
45. Confidentiality - integrity - availability
What's an easy way to test encryption?
A netcat listener
The three goals of security
Remote maintenance
46. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
The threat vector analysis in defense in depth
Some reasons to use UDP over TCP
Multi protocol label switching
LAN
47. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
Defense in depth
IDS not
HIDS monitor
The data link layer
48. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
CIDR
ATM work
Smurf attack
File integrity checking work
49. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
Some firewall challenges
The transport layer
NIDS advantages
Stateful firewall
50. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Group
The five threat vectors
War Dialing
Some external threat concerns
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests