Test your basic knowledge |

GIAC

Subjects : certifications, giac, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Proxy or application gateway
Network stumbler
Router
Switches

2. Full open - half open (stealth scan) - UDP - Ping
Rotation?
Some other UDP based protocols
The OSI Protocol Stack
Nmap scanning techniques

3. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
UDP packet headers
Trap door
Logic bomb
Race conditions

4. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Buffer overflow
Nmap scanning techniques
Social engineering
Some firewall challenges

5. Network scanner.
IDS signature analysis work
What primary threats should be protected against
Nmap
Some external threat concerns

6. True positive - false positive - true negative - false negative
The four types of events reported by IDS
When talking about protocols and referencing layers - what stack is used
Asynchronous Transfer Mode
Checksum in UDP

7. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
When implementing protocols - what stack should be used?
Some NIDS topology limitations
Address Resolution Protocol (ARP)
When setting up a virtual circuit

8. Unencrypted message in its original form
The protected enclave to defense in depth
Plaintext
The Uniform Protection to defense in depth
The Information Centric defense in depth

9. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
IDS signature analysis work
OS Command Injection defenses
Checksum in UDP
Kismet

10. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Defense in depth
Remote maintenance
NAC
Some Pen Test techniques

11. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
Wardriving
When implementing protocols - what stack should be used?
Address Resolution Protocol (ARP)

12. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Race conditions
Datagram length of a UDP packet
Some malware capabilities
Some Pen Test techniques

13. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Honeypot
DDoS attack
COM/Script program infector
The session layer

14. Going around with equipment to detect wireless networks
Asynchronous Transfer Mode
Some reasons to use UDP over TCP
Wardriving
The data link layer

15. Considered to be a perimeter device
Router
The five threat vectors
Remote maintenance
The different cable categories

16. Intellectual property - business goals - validated data - historical
The protected enclave to defense in depth
File Integrity checking work
Ciphertext
What threats should be protected against - based on threat levels

17. Confidentiality - integrity - availability
Boot record infector
HIDS monitor
The threat vector analysis in defense in depth
The CIA triad

18. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Overview of TCP
What's a VLAN
A netmask
Deep packet inspection

19. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
The Uniform Protection to defense in depth
When implementing protocols - what stack should be used?
Some reasons to use TCP over UDP
Some ways to bypass firewall protections

20. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
HIDS monitor
DDoS attack
To close a TCP session
Some types of malicious code

21. Known - unknown - zero day
Firewall
What categories do vulnerabilities fall into?
DDoS attack
Denial of service

22. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Proxy or application gateway
Deep packet inspection
Stateful firewall
Integrity of Data

23. Connects many WANs - MANs - and LANs - provided via ISP
Some types of malicious code
Internet
Integrity of Data
Shallow packet inspection

24. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
The three goals of security
Some firewall challenges
When talking about protocols and referencing layers - what stack is used
Defense in depth

25. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Datagram length of a UDP packet
What ways should the crypto key be protected?
Some honeypot advantages
Some reasons to use UDP over TCP

26. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
NAC
Some common TCP ports
Router
IDS not

27. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Some honeypot advantages
Address Resolution Protocol (ARP)
Bus Topology
What ways should the crypto key be protected?

28. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Some common TCP ports
Some Pen Test techniques
Some external threat concerns
Arbitrary substitution

29. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
3-way handshake
Some malware propagation techniques
Some firewall challenges
Risk

30. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
What threats should be protected against - based on threat levels
DDoS attack
The transport layer
Some reasons to use TCP over UDP

31. OSI
3-way handshake
MAN
What's a VLAN
When talking about protocols and referencing layers - what stack is used

32. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Some honeypot advantages
The four basic approaches to defense in depth
Checksum in UDP
IDS signature analysis work

33. A cracking tool inserted into the OS that allows the attacker to do as they please.
Rootkit
Some malware propagation techniques
What range is a class B network?
Smurf attack

34. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
Switches
The CIA triad
NIDS advantages
Some NIDS topology limitations

35. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
Shallow packet inspection
Worms
Trojan horse
IDS data normalization

36. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
ATM work
The four types of events reported by IDS
Denial of service
Log monitoring work?

37. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Some ways to bypass firewall protections
Some malware propagation techniques
Smurf attack
What range is a class A network?

38. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

39. Infects the EXE and make them operate slightly different - when infected - exe header sizes are altered to point to the appended viral code
EXE program infector
The conficker worm
Some other UDP based protocols
Some reasons to use TCP over UDP

40. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
UDP packet headers
Group
Alteration of code
Vulnerabilities

41. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
The difference in stacks
Buffer overflow
Hping
Address resolution protocol

42. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
IDS signature analysis work
The different cable categories
Trojan horse
Deep packet inspection

43. Trying to ID modems in a telephone exchange that may be susceptible to compromise
War Dialing
Some disadvantages of honeypots
Some honeypot advantages
The presentation layer

44. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Honeypot
Stateless packet filter
The Information Centric defense in depth
A network protocol

45. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Denial of service
Nmap
Trojan horse
The Uniform Protection to defense in depth

46. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
TFTP
PAN
Smurf attack
Total cell size for asynchronous transfer mode (ATM)

47. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
3-way handshake
Internet
Buffer overflow
Datagram length of a UDP packet

48. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
PAN
To establish a TCP session
Port scan

49. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
The CIA triad
Snort
Macro virus
Logic bomb

50. Attaches itself to existing program files and activated when the exe is launched
File integrity checking work
Bus Topology
File Integrity checking work
Program infector