SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Worms
Some other UDP based protocols
Macro virus
IDS not
2. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
Stateful firewall
The session layer
Log monitoring work?
HIDS monitor
3. logic bomb - trojan horse - trap door
Some types of malicious code
Log monitoring work?
Integrity of Data
Nmap scanning techniques
4. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
Some honeypot advantages
UDP packet headers
The OSI model
Logic bomb
5. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
Port scan
Arbitrary substitution
Hping
Some firewall challenges
6. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
What range is a class A network?
Some reasons to use TCP over UDP
Hubs
Some network design objectives
7. Uniform protection - protected enclaves - information centric - threat vector analysis
Some malware propagation techniques
File integrity checking work
The four basic approaches to defense in depth
The CIA triad
8. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
SYN flood
Denial of service
Honeypot
Snort
9. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Bridge
Risk
The transport layer
The different cable categories
10. Provides insight into the tactics - motives - and attacker tools
What ways should the crypto key be protected?
To close a TCP session
Some Pen Test techniques
Some honeypot advantages
11. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Trap door
Remote maintenance
Stateless packet filter
What's a VLAN
12. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
The network layer
MAN
When implementing protocols - what stack should be used?
Internet
13. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Asynchronous Transfer Mode
Trojan horse
Some firewall challenges
IDS not
14. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Program infector
Some malware propagation techniques
The goals of cryptography
The TCP/IP model
15. Relies on executable code insertion and user interaction to spread
Trojan horse
Parasitic malware
LAN
Network stumbler
16. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
Some honeypot advantages
Stateless packet filter
NAC
When implementing protocols - what stack should be used?
17. Application layer attacks may get through - dialup - VPN - extranet connections may bypass firewalls
What categories do vulnerabilities fall into?
NIDS advantages
Some firewall challenges
When setting up a virtual circuit
18. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Honeyd
Smurf attack
The network layer
File integrity checking work
19. Intrusion detection system - it reports attacks against monitored systems/networks
What threats should be protected against - based on threat levels
UDP packet headers
Some Pen Test techniques
IDS
20. fast - with little fidelity - examines header information and limited payload data
NAC
War Dialing
Some common TCP ports
Shallow packet inspection
21. True positive - false positive - true negative - false negative
NAC
The threat vector analysis in defense in depth
The four types of events reported by IDS
IDS
22. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Shallow packet inspection
Some common UDP ports
Alteration of code
ATM work
23. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
Shallow packet inspection
PAN
Logic bomb
Ack Piggybacking
24. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
25. Uses a 1 to 1 substitution of characters - rotate the alphabet by 'n' number of characters - rot+X means rotate the letters X characters
Rotation?
Some ways to bypass firewall protections
Remote maintenance
Permutation
26. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
IDS data normalization
The protected enclave to defense in depth
Network stumbler
Address resolution protocol
27. The Practice of sending an ACK inside another packet going to the same destination
Boot record infector
WAN
To close a TCP session
Ack Piggybacking
28. destruction of data - leaking confidential information - providing backdoor access
Some malware capabilities
EXE program infector
Types of ATM virtual circuits
Vulnerabilities
29. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
A network protocol
Stateless packet filter
Remote maintenance
IDS
30. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Address resolution protocol
Some FTP dangers
Trojan horse
Stateless packet filter
31. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
The Uniform Protection to defense in depth
DDoS attack
Types of ATM virtual circuits
What threats should be protected against - based on threat levels
32. It interacts with the application layer to determine which network services will be required
Switches
Total cell size for asynchronous transfer mode (ATM)
the application layer
Buffer overflow
33. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
34. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Nmap scanning techniques
Some malware propagation techniques
Types of ATM virtual circuits
Some common TCP ports
35. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Port scan
Buffer overflow
Checksum in UDP
Some disadvantages of honeypots
36. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
Smurf attack
The data link layer
Macro virus
The network layer
37. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
NIDS advantages
The TCP/IP model
Bridge
Hping
38. Syn - Syn/Ack - Ack
To establish a TCP session
Rootkit
Multi protocol label switching
Program infector
39. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Deep packet inspection
Address resolution protocol
EXE program infector
Snort
40. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Checksum in UDP
Stateless packet filter
Firewall
LAN
41. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
The threat vector analysis in defense in depth
Browsing attack
When implementing protocols - what stack should be used?
What threats should be protected against - based on threat levels
42. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Wardriving
Proxy or application gateway
Some other UDP based protocols
Some disadvantages of honeypots
43. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
Browsing attack
Remote maintenance
LAN
IDS signature analysis work
44. Bits of code embedded in programs to quickly gain access at a later time
The threat vector analysis in defense in depth
IDS
Trap door
The conficker worm
45. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
UDP packet headers
A blind FTP
Best way to protect wireless networks
Permutation
46. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
ATM work
Some Pen Test techniques
When implementing protocols - what stack should be used?
The physical layer stack
47. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
Some other UDP based protocols
The protected enclave to defense in depth
Bridge
The TCP/IP model
48. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
Logic bomb
Some other UDP based protocols
The CIA triad
The TCP/IP model
49. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
Remote maintenance
Plaintext
WAN
File integrity checking work
50. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
Checksum in UDP
Worms
HIDS monitor
NIDS advantages