SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
NIDS advantages
Shallow packet inspection
Rotation?
Types of ATM virtual circuits
2. It makes sure the data sent from one side to the other is in a format useful to the other side
Network stumbler
The presentation layer
Some external threat concerns
A network protocol
3. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
IDS not
Group
Types of viruses
Rotation?
4. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
The OSI model
What's an easy way to test encryption?
Types of viruses
MAN
5. Provides insight into the tactics - motives - and attacker tools
ATM work
Arbitrary substitution
The OSI Protocol Stack
Some honeypot advantages
6. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
The five threat vectors
The four basic approaches to defense in depth
Browsing attack
EXE program infector
7. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
CIDR
MAN
The Information Centric defense in depth
Network stumbler
8. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A blind FTP
Vulnerabilities
Honeypot
IDS not
9. Handles transmissions across the physical media like wires - fiber - etc
The physical layer stack
Stateless packet filter
Social engineering
Honeypot
10. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some ways to bypass firewall protections
What range is a class A network?
TFTP
The different cable categories
11. Protected at rest - protected in transit - secure the key
LAN
IDS not
What ways should the crypto key be protected?
NIDS advantages
12. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
What categories do vulnerabilities fall into?
UDP packet headers
Integrity of Data
WAN
13. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Boot record infector
IDS signature analysis work
Group
Program infector
14. Confidentiality - symmetric encryption
the application layer
Worms
The goals of cryptography
The data link layer
15. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Race conditions
Alteration of code
A blind FTP
TFTP
16. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
17. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
The four types of events reported by IDS
Race conditions
Remote maintenance
Trojan horse
18. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Alteration of code
Some ways to bypass firewall protections
The Information Centric defense in depth
The TCP/IP model
19. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
20. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Integrity of Data
CIDR
Some other UDP based protocols
A network protocol
21. fast - with little fidelity - examines header information and limited payload data
Defense in depth
Some common TCP ports
Plaintext
Shallow packet inspection
22. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Types of viruses
Defense in depth
ACK piggybacking
Overview of TCP
23. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
The four basic approaches to defense in depth
Some network design objectives
To close a TCP session
Buffer overflow
24. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
LAN
The difference in stacks
NAC
The threat vector analysis in defense in depth
25. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
Macro virus
Switches
Port scan
26. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Macro virus
Remote maintenance
File Integrity checking work
Snort
27. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Some firewall challenges
MAN
Permutation
Datagram length of a UDP packet
28. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
TFTP
IDS data normalization
The conficker worm
What range is a class B network?
29. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Arbitrary substitution
COM/Script program infector
A netmask
The protected enclave to defense in depth
30. logic bomb - trojan horse - trap door
Bridge
Some types of malicious code
Parasitic malware
The five threat vectors
31. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Some other UDP based protocols
Hubs
The presentation layer
IDS signature analysis work
32. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
NIDS advantages
Log monitoring work?
DDoS attack
Plaintext
33. The Practice of sending an ACK inside another packet going to the same destination
Some malware capabilities
Switches
Deep packet inspection
Ack Piggybacking
34. Going around with equipment to detect wireless networks
Wardriving
Integrity of Data
Shallow packet inspection
Some types of malicious code
35. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
IDS not
The four basic approaches to defense in depth
What range is a class B network?
Hubs
36. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
What range is a class A network?
Internet
The five threat vectors
ATM work
37. Unified data carrying service - replacing from replay and ATM
Some disadvantages of honeypots
NAC
Multi protocol label switching
Integrity of Data
38. OSI
When talking about protocols and referencing layers - what stack is used
The threat vector analysis in defense in depth
Firewall
Plaintext
39. Stateful firewalls maintain state of traffic flows
Stateful firewall
Total cell size for asynchronous transfer mode (ATM)
Some firewall challenges
The five threat vectors
40. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
Honeyd
SQL Slammer Worm
IDS data normalization
Trap door
41. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Boot record infector
NIDS challenges
Ciphertext
The Information Centric defense in depth
42. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
What range is a class B network?
SYN flood
File integrity checking work
Social engineering
43. Personal area network - phone tethering - bluetooth - etc
Denial of service
Some reasons to use TCP over UDP
PAN
Types of ATM virtual circuits
44. Intellectual property - business goals - validated data - historical
Stateless packet filter
Some ways to bypass firewall protections
What threats should be protected against - based on threat levels
No State Inspection ACK flag set
45. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Some Pen Test techniques
Multi protocol label switching
Total cell size for asynchronous transfer mode (ATM)
Address Resolution Protocol (ARP)
46. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Some common UDP ports
Program infector
DDoS attack
Honeypot
47. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
The network layer
Port scan
CIDR
Shallow packet inspection
48. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
Program infector
A netcat listener
HIDS monitor
Brute force
49. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Ciphertext
Router
NAC
Best way to protect wireless networks
50. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Risk
The transport layer
The difference in stacks
NAC