SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uniform protection - protected enclaves - information centric - threat vector analysis
The four basic approaches to defense in depth
The different cable categories
When implementing protocols - what stack should be used?
Address Resolution Protocol (ARP)
2. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Alteration of code
Remote maintenance
Address resolution protocol
Stateless packet filter
3. Worms and Wireless - modems - tunnel anything through HTTP - social engineering
Some ways to bypass firewall protections
File Integrity checking work
Network stumbler
What ways should the crypto key be protected?
4. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
The transport layer
When talking about protocols and referencing layers - what stack is used
The CIA triad
Anomaly analysis work
5. An agreement on how different computer will work - protocols define the format and order of messages and what to do upon receipt of the messages - basically the rules of the network
Some reasons to use UDP over TCP
HIDS monitor
Some reasons to use TCP over UDP
A network protocol
6. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
IDS data normalization
When implementing protocols - what stack should be used?
The session layer
Some malware propagation techniques
7. fast - with little fidelity - examines header information and limited payload data
Some firewall challenges
The different cable categories
Shallow packet inspection
The network layer
8. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
Some ways to bypass firewall protections
UDP packet headers
Datagram length of a UDP packet
File Integrity checking work
9. Considered to be a perimeter device
The threat vector analysis in defense in depth
Remote maintenance
Trap door
Router
10. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Alteration of code
Some malware capabilities
COM/Script program infector
Honeypot
11. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Parasitic malware
What primary threats should be protected against
Checksum in UDP
What range is a class B network?
12. Unencrypted message in its original form
Ciphertext
Plaintext
Internet
Switches
13. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Remote maintenance
When implementing protocols - what stack should be used?
SQL Slammer Worm
What's an easy way to test encryption?
14. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
What range is a class B network?
IDS not
The Uniform Protection to defense in depth
Parasitic malware
15. Attaches itself to existing program files and activated when the exe is launched
Log monitoring work?
Arbitrary substitution
Program infector
Risk
16. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
NAC
Some common UDP ports
Rootkit
Types of ATM virtual circuits
17. Unified data carrying service - replacing from replay and ATM
Bridge
Multi protocol label switching
Some network design objectives
ACK piggybacking
18. It handles the establishment and maintenance of connections between systems
The CIA triad
Some external threat concerns
The session layer
The four types of events reported by IDS
19. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Kismet
The difference in stacks
Deep packet inspection
Firewall
20. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
What range is a class A network?
Network stumbler
Ciphertext
Hping
21. True positive - false positive - true negative - false negative
Some malware propagation techniques
The OSI model
The four types of events reported by IDS
File Integrity checking work
22. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
File integrity checking work
War Dialing
Ciphertext
The OSI Protocol Stack
23. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
LAN
The five threat vectors
Some FTP dangers
A network protocol
24. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Arbitrary substitution
Remote maintenance
Program infector
SQL Slammer Worm
25. Message in its encrypted form
War Dialing
Buffer overflow
Ciphertext
Denial of service
26. OSI
War Dialing
IDS data normalization
When talking about protocols and referencing layers - what stack is used
Some reasons to use TCP over UDP
27. Confidentiality - symmetric encryption
OS Command Injection defenses
The goals of cryptography
A network protocol
Ack Piggybacking
28. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
The transport layer
Port scan
Some malware propagation techniques
Nmap
29. It makes sure the data sent from one side to the other is in a format useful to the other side
What's a VLAN
IDS not
The presentation layer
IDS signature analysis work
30. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Worms
Program infector
When talking about protocols and referencing layers - what stack is used
Brute force
31. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
The transport layer
Internet
When talking about protocols and referencing layers - what stack is used
Macro virus
32. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
The network layer
Buffer overflow
Overview of TCP
Internet
33. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Some reasons to use UDP over TCP
Hping
Honeyd
Ciphertext
34. Intrusion detection system - it reports attacks against monitored systems/networks
Switches
IDS
Hping
LAN
35. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
Hping
The difference in stacks
Firewall
CIDR
36. logic bomb - trojan horse - trap door
Deep packet inspection
When talking about protocols and referencing layers - what stack is used
The session layer
Some types of malicious code
37. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Logic bomb
The four types of events reported by IDS
The different cable categories
IDS not
38. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
39. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
Remote maintenance
LAN
WAN
The four types of events reported by IDS
40. Handles transmissions across the physical media like wires - fiber - etc
The goals of cryptography
The Uniform Protection to defense in depth
What threats should be protected against - based on threat levels
The physical layer stack
41. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
When implementing protocols - what stack should be used?
The five threat vectors
What range is a class C network?
Brute force
42. FIN 130 - ACK 131 - FIN 570 - ACK 571
To close a TCP session
Bridge
Some disadvantages of honeypots
The five threat vectors
43. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
The network layer
Some malware propagation techniques
The TCP/IP model
Some reasons to use UDP over TCP
44. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
What categories do vulnerabilities fall into?
Parasitic malware
NIDS advantages
Some reasons to use UDP over TCP
45. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
Checksum in UDP
A network protocol
Types of ATM virtual circuits
46. Provides insight into the tactics - motives - and attacker tools
Nmap
Some common TCP ports
Some honeypot advantages
TFTP
47. An attacker spoofs the victim's IP and sends an ICMP ECHO request to the broadcast address of a network. When every system responds - a DoS occurs.
Smurf attack
The difference in stacks
CIDR
Logic bomb
48. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Asynchronous Transfer Mode
Types of viruses
Group
Deep packet inspection
49. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Router
Some external threat concerns
Some other UDP based protocols
Denial of service
50. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
Some common TCP ports
Some firewall benefits
Rootkit
What range is a class C network?
