SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
The conficker worm
Deep packet inspection
When implementing protocols - what stack should be used?
A network protocol
2. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Asynchronous Transfer Mode
The OSI Protocol Stack
Trojan horse
When talking about protocols and referencing layers - what stack is used
3. It handles the establishment and maintenance of connections between systems
What range is a class C network?
What's a VLAN
File integrity checking work
The session layer
4. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
OS Command Injection defenses
What range is a class C network?
What's an easy way to test encryption?
What categories do vulnerabilities fall into?
5. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
Anomaly analysis work
The OSI Protocol Stack
Ack Piggybacking
Some types of malicious code
6. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Trap door
Some NIDS topology limitations
Brute force
Address Resolution Protocol (ARP)
7. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Alteration of code
Datagram length of a UDP packet
Snort
Kismet
8. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
A network protocol
Best way to protect wireless networks
Deep packet inspection
What primary threats should be protected against
9. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Some ways to bypass firewall protections
The protected enclave to defense in depth
Some reasons to use TCP over UDP
NIDS challenges
10. Confidentiality - integrity - availability
Best way to protect wireless networks
To close a TCP session
The three goals of security
Anomaly analysis work
11. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Total cell size for asynchronous transfer mode (ATM)
Logic bomb
IDS not
Network stumbler
12. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
The four types of events reported by IDS
CIDR
Overview of TCP
Ciphertext
13. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Some common UDP ports
Parasitic malware
Group
Program infector
14. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Some ways to bypass firewall protections
Defense in depth
Some malware propagation techniques
IDS data normalization
15. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
Total cell size for asynchronous transfer mode (ATM)
Macro virus
Worms
16. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
Some malware capabilities
UDP packet headers
Hubs
Snort
17. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
What ways should the crypto key be protected?
The threat vector analysis in defense in depth
3-way handshake
Honeypot
18. ATM supports two types of virtual circuits: permanent virtual circuits and switches virtual circuit - PVC is set up in advance - usually manually - SVC is established automatically through a signaling protocol and can be created on the fly - establis
Total cell size for asynchronous transfer mode (ATM)
Some types of malicious code
Types of ATM virtual circuits
Kismet
19. Uniform protection - protected enclaves - information centric - threat vector analysis
Bridge
Shallow packet inspection
IDS not
The four basic approaches to defense in depth
20. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Stateless packet filter
Address resolution protocol
No State Inspection ACK flag set
What primary threats should be protected against
21. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
A network protocol
A netmask
A netcat listener
Address Resolution Protocol (ARP)
22. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
Race conditions
Stateless packet filter
A netcat listener
What range is a class B network?
23. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Some ways to bypass firewall protections
IDS not
Buffer overflow
Honeypot
24. Syn - Syn/Ack - Ack
Some malware capabilities
Firewall
To establish a TCP session
Some other UDP based protocols
25. Handles transmissions across the physical media like wires - fiber - etc
Integrity of Data
Macro virus
Types of viruses
The physical layer stack
26. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Some malware propagation techniques
Defense in depth
Denial of service
Hping
27. fast - with little fidelity - examines header information and limited payload data
The five threat vectors
Shallow packet inspection
PAN
The goals of cryptography
28. A cracking tool inserted into the OS that allows the attacker to do as they please.
Rootkit
Router
A netcat listener
UDP packet headers
29. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
What range is a class A network?
Trojan horse
IDS signature analysis work
LAN
30. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
ATM work
Some Pen Test techniques
The conficker worm
Firewall
31. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
SQL Slammer Worm
Some common UDP ports
The OSI model
Wardriving
32. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A blind FTP
Some NIDS topology limitations
Types of ATM virtual circuits
The OSI Protocol Stack
33. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
3-way handshake
The physical layer stack
The network layer
Denial of service
34. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
35. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Defense in depth
Some firewall challenges
What primary threats should be protected against
Alteration of code
36. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
The goals of cryptography
Bus Topology
Macro virus
When setting up a virtual circuit
37. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some external threat concerns
The TCP/IP model
Hping
Types of ATM virtual circuits
38. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
Integrity of Data
The session layer
File Integrity checking work
A netmask
39. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
MAN
Checksum in UDP
Worms
Some common TCP ports
40. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
Boot record infector
The three goals of security
Some reasons to use UDP over TCP
MAN
41. Attaches itself to existing program files and activated when the exe is launched
The conficker worm
Program infector
Bridge
PAN
42. Personal area network - phone tethering - bluetooth - etc
The TCP/IP model
The four types of events reported by IDS
PAN
Trojan horse
43. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Deep packet inspection
Buffer overflow
IDS not
Total cell size for asynchronous transfer mode (ATM)
44. logic bomb - trojan horse - trap door
Arbitrary substitution
Some disadvantages of honeypots
Port scan
Some types of malicious code
45. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
46. Malware - insider threat - natural disaster - terrorism - pandemic
What primary threats should be protected against
Stateful firewall
What ways should the crypto key be protected?
Macro virus
47. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
The four basic approaches to defense in depth
COM/Script program infector
IDS signature analysis work
The Uniform Protection to defense in depth
48. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
The network layer
DDoS attack
IDS not
IDS data normalization
49. Bits of code embedded in programs to quickly gain access at a later time
Asynchronous Transfer Mode
Types of viruses
Trap door
Program infector
50. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Denial of service
Some common UDP ports
Some Pen Test techniques
Some NIDS topology limitations