SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
When implementing protocols - what stack should be used?
What categories do vulnerabilities fall into?
Firewall
The Uniform Protection to defense in depth
2. Confidentiality - integrity - availability
Risk
Program infector
The CIA triad
Permutation
3. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Honeyd
Smurf attack
Honeypot
Anomaly analysis work
4. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
OS Command Injection defenses
Some honeypot advantages
Nmap scanning techniques
ATM work
5. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
Rotation?
The OSI model
Vulnerabilities
What threats should be protected against - based on threat levels
6. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Some Pen Test techniques
The three goals of security
Port scan
Alteration of code
7. Confidentiality - integrity - availability
The three goals of security
3-way handshake
Checksum in UDP
Multi protocol label switching
8. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
The CIA triad
A netmask
Datagram length of a UDP packet
Asynchronous Transfer Mode
9. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
3-way handshake
Remote maintenance
Overview of TCP
Hping
10. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Kismet
When implementing protocols - what stack should be used?
IDS signature analysis work
CIDR
11. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Brute force
The goals of cryptography
SYN flood
OS Command Injection defenses
12. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Bus Topology
The transport layer
Overview of TCP
The physical layer stack
13. logic bomb - trojan horse - trap door
Some types of malicious code
WAN
Router
What range is a class A network?
14. Full open - half open (stealth scan) - UDP - Ping
Some common TCP ports
What threats should be protected against - based on threat levels
Nmap scanning techniques
What range is a class B network?
15. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
The transport layer
PAN
Some NIDS topology limitations
16. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
Honeyd
The difference in stacks
ACK piggybacking
A netcat listener
17. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
No State Inspection ACK flag set
ATM work
Snort
IDS signature analysis work
18. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Network stumbler
IDS signature analysis work
SQL Slammer Worm
Macro virus
19. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Some common UDP ports
Some disadvantages of honeypots
Worms
The data link layer
20. Identify critical assets and provide layered protection - data is accessed by applications - applications reside on hosts - hosts operate on networks
To close a TCP session
The Information Centric defense in depth
The four types of events reported by IDS
The difference in stacks
21. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Some common TCP ports
Multi protocol label switching
Address resolution protocol
Brute force
22. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Some malware capabilities
Program infector
The Uniform Protection to defense in depth
The five threat vectors
23. Syn - Syn/Ack - Ack
Arbitrary substitution
To establish a TCP session
The transport layer
Log monitoring work?
24. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
Some external threat concerns
IDS data normalization
To establish a TCP session
Worms
25. Stateful firewalls maintain state of traffic flows
Stateful firewall
What range is a class A network?
Worms
Best way to protect wireless networks
26. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Deep packet inspection
Internet
The presentation layer
Some disadvantages of honeypots
27. Handles transmissions across the physical media like wires - fiber - etc
To establish a TCP session
Some other UDP based protocols
The physical layer stack
Firewall
28. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
29. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
Integrity of Data
Anomaly analysis work
Honeyd
Bridge
30. FIN 130 - ACK 131 - FIN 570 - ACK 571
IDS data normalization
Group
To close a TCP session
DDoS attack
31. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
Total cell size for asynchronous transfer mode (ATM)
The Information Centric defense in depth
Smurf attack
32. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When setting up a virtual circuit
Stateful firewall
Plaintext
Vulnerabilities
33. Considered to be a perimeter device
Arbitrary substitution
What range is a class C network?
The difference in stacks
Router
34. The Practice of sending an ACK inside another packet going to the same destination
Ack Piggybacking
The Information Centric defense in depth
When setting up a virtual circuit
Some reasons to use UDP over TCP
35. Replicates traffic onto all ports - no traffic monitoring - cannot control which ports should or shouldn't receive frames - forming a large collision domain.
Some external threat concerns
Hubs
Some malware propagation techniques
IDS
36. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Snort
IDS data normalization
Log monitoring work?
Integrity of Data
37. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Permutation
Defense in depth
NAC
To establish a TCP session
38. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
Worms
Trojan horse
Some network design objectives
The protected enclave to defense in depth
39. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
The different cable categories
Address Resolution Protocol (ARP)
UDP packet headers
Some reasons to use UDP over TCP
40. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Network stumbler
IDS data normalization
3-way handshake
Deep packet inspection
41. Intellectual property - business goals - validated data - historical
The Uniform Protection to defense in depth
Some FTP dangers
Alteration of code
What threats should be protected against - based on threat levels
42. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
OS Command Injection defenses
Address Resolution Protocol (ARP)
The conficker worm
43. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The TCP/IP model
Some Pen Test techniques
The protected enclave to defense in depth
NIDS advantages
44. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The network layer
Router
Overview of TCP
EXE program infector
45. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
A network protocol
A netcat listener
HIDS monitor
Some malware propagation techniques
46. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
NIDS challenges
Hubs
Some Pen Test techniques
Parasitic malware
47. Unified data carrying service - replacing from replay and ATM
IDS data normalization
Multi protocol label switching
MAN
The physical layer stack
48. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
Some firewall challenges
What primary threats should be protected against
Multi protocol label switching
49. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Some reasons to use TCP over UDP
No State Inspection ACK flag set
Buffer overflow
What threats should be protected against - based on threat levels
50. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
ACK piggybacking
Risk
The TCP/IP model
Checksum in UDP