SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Overview of TCP
What range is a class C network?
The presentation layer
ATM work
2. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
MAN
When setting up a virtual circuit
EXE program infector
The protected enclave to defense in depth
3. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
The transport layer
Risk
Ciphertext
SQL Slammer Worm
4. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
the application layer
Overview of TCP
Some common TCP ports
The physical layer stack
5. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
Race conditions
3-way handshake
The different cable categories
Group
6. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
The five threat vectors
Some other UDP based protocols
Defense in depth
Permutation
7. Attaches itself to existing program files and activated when the exe is launched
Rotation?
3-way handshake
Program infector
Hubs
8. Connects the physical part of the network (cables) with the abstract (packets and datastreams)
WAN
The data link layer
Logic bomb
IDS not
9. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Some honeypot advantages
Smurf attack
What ways should the crypto key be protected?
Proxy or application gateway
10. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Hping
MAN
Some network design objectives
Some malware propagation techniques
11. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Nmap
Some common UDP ports
The goals of cryptography
Remote maintenance
12. Going around with equipment to detect wireless networks
ATM work
Some network design objectives
Wardriving
When implementing protocols - what stack should be used?
13. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
Bus Topology
Some disadvantages of honeypots
When talking about protocols and referencing layers - what stack is used
NIDS advantages
14. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
LAN
No State Inspection ACK flag set
The difference in stacks
CIDR
15. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Boot record infector
Ack Piggybacking
IDS
OS Command Injection defenses
16. Malware - insider threat - natural disaster - terrorism - pandemic
Some common UDP ports
The threat vector analysis in defense in depth
SYN flood
What primary threats should be protected against
17. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
What threats should be protected against - based on threat levels
DDoS attack
Honeyd
Log monitoring work?
18. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
What threats should be protected against - based on threat levels
Some reasons to use UDP over TCP
Defense in depth
The difference in stacks
19. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Some NIDS topology limitations
3-way handshake
Some network design objectives
IDS not
20. FIN 130 - ACK 131 - FIN 570 - ACK 571
Deep packet inspection
To close a TCP session
Some firewall challenges
Trap door
21. destruction of data - leaking confidential information - providing backdoor access
A netcat listener
Ciphertext
Denial of service
Some malware capabilities
22. True positive - false positive - true negative - false negative
Types of ATM virtual circuits
The four types of events reported by IDS
Plaintext
The OSI model
23. Weakness in a system - inherent in a complex system - majority are due to poor coding - gateway by which threats are manifested
What ways should the crypto key be protected?
Vulnerabilities
Social engineering
Plaintext
24. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Asynchronous Transfer Mode
Deep packet inspection
Some disadvantages of honeypots
WAN
25. Provides insight into the tactics - motives - and attacker tools
MAN
File integrity checking work
IDS
Some honeypot advantages
26. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Snort
Some firewall benefits
Some common UDP ports
A netmask
27. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
A netmask
MAN
What's an easy way to test encryption?
The Information Centric defense in depth
28. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Plaintext
When talking about protocols and referencing layers - what stack is used
Network stumbler
SQL Slammer Worm
29. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
A netcat listener
Address Resolution Protocol (ARP)
The five threat vectors
Defense in depth
30. Small program triggered by an event that provides an action. E.g. scheduled file removal if countdown isn't reset - ie: employee was fired
What categories do vulnerabilities fall into?
Vulnerabilities
Logic bomb
Some external threat concerns
31. Considered to be a perimeter device
The session layer
Some network design objectives
The conficker worm
Router
32. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
WAN
Parasitic malware
Log monitoring work?
SYN flood
33. Message in its encrypted form
Bus Topology
Hping
Ciphertext
Nmap scanning techniques
34. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
The conficker worm
Some common TCP ports
The different cable categories
Race conditions
35. Trying to ID modems in a telephone exchange that may be susceptible to compromise
Deep packet inspection
What's an easy way to test encryption?
The protected enclave to defense in depth
War Dialing
36. Known - unknown - zero day
Checksum in UDP
What categories do vulnerabilities fall into?
Defense in depth
Risk
37. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
A blind FTP
Alteration of code
Hping
ATM work
38. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Some malware propagation techniques
Address Resolution Protocol (ARP)
What range is a class B network?
Alteration of code
39. Network scanner.
Honeypot
NIDS challenges
Nmap
Address Resolution Protocol (ARP)
40. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Some other UDP based protocols
Bus Topology
Integrity of Data
When talking about protocols and referencing layers - what stack is used
41. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
The OSI model
What's a VLAN
UDP packet headers
Nmap
42. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Group
File integrity checking work
Honeyd
Ack Piggybacking
43. fast - with little fidelity - examines header information and limited payload data
Log monitoring work?
What ways should the crypto key be protected?
Shallow packet inspection
What primary threats should be protected against
44. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
45. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
The OSI model
Social engineering
Race conditions
Shallow packet inspection
46. Personal area network - phone tethering - bluetooth - etc
Browsing attack
The three goals of security
PAN
War Dialing
47. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Honeypot
SQL Slammer Worm
Asynchronous Transfer Mode
What range is a class B network?
48. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
PAN
The TCP/IP model
Some external threat concerns
49. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
Risk
LAN
Rootkit
The four types of events reported by IDS
50. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Datagram length of a UDP packet
Address resolution protocol
Bus Topology
Logic bomb