SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Some ways to bypass firewall protections
The conficker worm
Alteration of code
Deep packet inspection
2. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
A network protocol
The four basic approaches to defense in depth
OS Command Injection defenses
3. Known - unknown - zero day
IDS signature analysis work
What categories do vulnerabilities fall into?
Some Pen Test techniques
Denial of service
4. Confidentiality - integrity - availability
Group
Nmap
WAN
The three goals of security
5. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Ciphertext
Some ways to bypass firewall protections
Some other UDP based protocols
What range is a class B network?
6. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Multi protocol label switching
The Information Centric defense in depth
Hping
Macro virus
7. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
To establish a TCP session
Vulnerabilities
SYN flood
Honeyd
8. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
9. Trying to ID modems in a telephone exchange that may be susceptible to compromise
War Dialing
IDS signature analysis work
The transport layer
Macro virus
10. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Datagram length of a UDP packet
Some external threat concerns
Router
The transport layer
11. Unencrypted message in its original form
Trojan horse
The TCP/IP model
Rootkit
Plaintext
12. Personal area network - phone tethering - bluetooth - etc
Internet
Smurf attack
Address resolution protocol
PAN
13. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
A network protocol
Some malware propagation techniques
Firewall
Nmap scanning techniques
14. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Race conditions
What's an easy way to test encryption?
The data link layer
Some reasons to use TCP over UDP
15. fast - with little fidelity - examines header information and limited payload data
What threats should be protected against - based on threat levels
MAN
Shallow packet inspection
To close a TCP session
16. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
OS Command Injection defenses
What threats should be protected against - based on threat levels
File Integrity checking work
The network layer
17. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
WAN
Alteration of code
NAC
Macro virus
18. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
Integrity of Data
Overview of TCP
SYN flood
A blind FTP
19. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Stateful firewall
Remote maintenance
Hping
Vulnerabilities
20. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Bus Topology
Logic bomb
When talking about protocols and referencing layers - what stack is used
Some malware capabilities
21. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
What primary threats should be protected against
Some disadvantages of honeypots
What categories do vulnerabilities fall into?
OS Command Injection defenses
22. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
DDoS attack
The protected enclave to defense in depth
LAN
The four basic approaches to defense in depth
23. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
Deep packet inspection
What range is a class A network?
Nmap scanning techniques
Some network design objectives
24. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
The five threat vectors
Some firewall challenges
NAC
Bridge
25. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Defense in depth
IDS signature analysis work
Types of viruses
Denial of service
26. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Port scan
Deep packet inspection
Some NIDS topology limitations
UDP packet headers
27. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
The data link layer
The difference in stacks
What range is a class A network?
Smurf attack
28. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A blind FTP
The difference in stacks
Types of ATM virtual circuits
What range is a class C network?
29. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Some honeypot advantages
Boot record infector
Checksum in UDP
Brute force
30. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
OS Command Injection defenses
Anomaly analysis work
Some FTP dangers
31. Going around with equipment to detect wireless networks
Internet
Wardriving
Worms
LAN
32. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
What categories do vulnerabilities fall into?
Defense in depth
Smurf attack
33. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
Boot record infector
Program infector
When setting up a virtual circuit
Macro virus
34. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Types of ATM virtual circuits
Social engineering
Nmap
Best way to protect wireless networks
35. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Some other UDP based protocols
Denial of service
Proxy or application gateway
Some NIDS topology limitations
36. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Worms
What categories do vulnerabilities fall into?
To establish a TCP session
Proxy or application gateway
37. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
Logic bomb
A netcat listener
Nmap scanning techniques
EXE program infector
38. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
NAC
What's a VLAN
Some firewall benefits
HIDS monitor
39. destruction of data - leaking confidential information - providing backdoor access
Parasitic malware
Anomaly analysis work
Some malware capabilities
The CIA triad
40. Uniform protection - protected enclaves - information centric - threat vector analysis
The four basic approaches to defense in depth
ATM work
A blind FTP
The goals of cryptography
41. Provides insight into the tactics - motives - and attacker tools
Nmap
The protected enclave to defense in depth
Some honeypot advantages
The four types of events reported by IDS
42. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Denial of service
War Dialing
Some malware capabilities
A network protocol
43. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Race conditions
Plaintext
What range is a class A network?
Log monitoring work?
44. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Total cell size for asynchronous transfer mode (ATM)
The session layer
Multi protocol label switching
Rotation?
45. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
MAN
3-way handshake
ACK piggybacking
OS Command Injection defenses
46. True positive - false positive - true negative - false negative
What's a VLAN
Log monitoring work?
The four types of events reported by IDS
Address resolution protocol
47. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
3-way handshake
Some disadvantages of honeypots
Kismet
IDS data normalization
48. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Honeyd
The difference in stacks
Some reasons to use TCP over UDP
What ways should the crypto key be protected?
49. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Firewall
Log monitoring work?
WAN
The data link layer
50. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
A netmask
Some FTP dangers
Some reasons to use UDP over TCP
3-way handshake