SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Port scan
Asynchronous Transfer Mode
Datagram length of a UDP packet
The threat vector analysis in defense in depth
2. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
Arbitrary substitution
Total cell size for asynchronous transfer mode (ATM)
Macro virus
OS Command Injection defenses
3. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Stateless packet filter
Wardriving
Some ways to bypass firewall protections
Some disadvantages of honeypots
4. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
IDS signature analysis work
Buffer overflow
Alteration of code
The CIA triad
5. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Group
Integrity of Data
Some network design objectives
Some NIDS topology limitations
6. It allows the transport layer to detect when the UDP headers or the payload have been modified in transit
Checksum in UDP
PAN
The physical layer stack
Ack Piggybacking
7. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
Snort
Bus Topology
The OSI Protocol Stack
Integrity of Data
8. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
No State Inspection ACK flag set
SYN flood
Honeyd
9. Bits of code embedded in programs to quickly gain access at a later time
Smurf attack
Trap door
Stateless packet filter
Some common UDP ports
10. Going around with equipment to detect wireless networks
Wardriving
File integrity checking work
Some honeypot advantages
NAC
11. Uses inclusive or exclusive lists - inclusive analysis utilizes a list of keywords - exclusive analysis utilizes a list of events that can be ignored
A network protocol
IDS
Snort
Log monitoring work?
12. Used by IDS for a baseline before analysis - attackers will try to de-normalize traffic to evade detection - IDS will normalize data for understood protocols
When implementing protocols - what stack should be used?
Internet
Types of ATM virtual circuits
IDS data normalization
13. Physical layer - Data link layer - Network Layer - Transport Layer - Session Layer - Presentation Layer - Application Layer
What threats should be protected against - based on threat levels
Honeypot
The OSI model
File Integrity checking work
14. Confidentiality - symmetric encryption
Permutation
Nmap scanning techniques
The goals of cryptography
Social engineering
15. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
OS Command Injection defenses
Hping
3-way handshake
UDP packet headers
16. Network traffic to the host - typically listens on all interface - uses signature analysis to identify events of interest
HIDS monitor
Stateful firewall
Proxy or application gateway
Logic bomb
17. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
Some other UDP based protocols
The transport layer
The Uniform Protection to defense in depth
Some Pen Test techniques
18. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Remote maintenance
Worms
EXE program infector
Checksum in UDP
19. Message in its encrypted form
Ciphertext
Address resolution protocol
The TCP/IP model
Parasitic malware
20. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Some disadvantages of honeypots
When implementing protocols - what stack should be used?
Overview of TCP
Address resolution protocol
21. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
When implementing protocols - what stack should be used?
A blind FTP
Asynchronous Transfer Mode
File integrity checking work
22. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
Datagram length of a UDP packet
WAN
Honeyd
TFTP
23. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Ack Piggybacking
Browsing attack
Switches
COM/Script program infector
24. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Types of viruses
Asynchronous Transfer Mode
Rootkit
WAN
25. A cracking tool inserted into the OS that allows the attacker to do as they please.
WAN
Risk
The data link layer
Rootkit
26. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
CIDR
Some Pen Test techniques
COM/Script program infector
To close a TCP session
27. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
ATM work
The session layer
Router
The TCP/IP model
28. Handles transmissions across the physical media like wires - fiber - etc
The physical layer stack
Denial of service
Address Resolution Protocol (ARP)
Types of ATM virtual circuits
29. Stateful firewalls maintain state of traffic flows
The network layer
Stateful firewall
Hubs
A blind FTP
30. A spoofed IP is used to send a SYN to the target. It then responds with a SYN/ACK that never receives the final ACK to complete the handshake. This occupies a portion of the target's pre-established buffer for TCP and can prevent the target from acce
SYN flood
Vulnerabilities
The physical layer stack
Honeyd
31. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
The different cable categories
Port scan
WAN
Social engineering
32. Threat requires a vector to cross the vulnerability - stop the ability of the threat to use the vector
Port scan
The physical layer stack
Program infector
The threat vector analysis in defense in depth
33. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Bridge
NIDS challenges
Race conditions
Network stumbler
34. logic bomb - trojan horse - trap door
Some types of malicious code
Some reasons to use TCP over UDP
3-way handshake
To establish a TCP session
35. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
Overview of TCP
TFTP
Some common TCP ports
Some malware capabilities
36. Attempt to manipulate or trick a person into providing information or access - bypass network security by exploiting humans - vector is often outside attack by telephone or visitor inside
Social engineering
EXE program infector
What ways should the crypto key be protected?
The network layer
37. The Practice of sending an ACK inside another packet going to the same destination
Ack Piggybacking
Alteration of code
Total cell size for asynchronous transfer mode (ATM)
The four basic approaches to defense in depth
38. -Malicious code might execute destructive overwrite to hard disks -Malicious mas mailing code might expose sensitive information to the internet - web server compromise might expose organization to ridicule - Web server compromise might expose custom
Some Pen Test techniques
War Dialing
Types of viruses
Some external threat concerns
39. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
The Uniform Protection to defense in depth
A netcat listener
SYN flood
Firewall
40. The practice of sending an ACK inside another packet going to the same destination
Some malware propagation techniques
Some common TCP ports
The network layer
ACK piggybacking
41. Attaches itself to existing program files and activated when the exe is launched
IDS signature analysis work
Anomaly analysis work
Program infector
Some ways to bypass firewall protections
42. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
43. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
NAC
Some NIDS topology limitations
Trap door
What categories do vulnerabilities fall into?
44. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
Rotation?
IDS not
What primary threats should be protected against
Some common UDP ports
45. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Permutation
Risk
The threat vector analysis in defense in depth
Some common UDP ports
46. fast - with little fidelity - examines header information and limited payload data
Best way to protect wireless networks
Shallow packet inspection
What range is a class B network?
Wardriving
47. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
Logic bomb
No State Inspection ACK flag set
Macro virus
PAN
48. Provides insight into the tactics - motives - and attacker tools
NAC
Types of ATM virtual circuits
ACK piggybacking
Some honeypot advantages
49. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
50. Provides insight into traffic on the network - help detect problems with network operations - provides auditing for other security measures
NIDS advantages
The three goals of security
Stateless packet filter
What's a VLAN
Sorry!:) No result found.
Can you answer 50 questions in 15 minutes?
Let me suggest you:
Browse all subjects
Browse all tests
Most popular tests
Major Subjects
Tests & Exams
AP
CLEP
DSST
GRE
SAT
GMAT
Certifications
CISSP go to https://www.isc2.org/
PMP
ITIL
RHCE
MCTS
More...
IT Skills
Android Programming
Data Modeling
Objective C Programming
Basic Python Programming
Adobe Illustrator
More...
Business Skills
Advertising Techniques
Business Accounting Basics
Business Strategy
Human Resource Management
Marketing Basics
More...
Soft Skills
Body Language
People Skills
Public Speaking
Persuasion
Job Hunting And Resumes
More...
Vocabulary
GRE Vocab
SAT Vocab
TOEFL Essential Vocab
Basic English Words For All
Global Words You Should Know
Business English
More...
Languages
AP German Vocab
AP Latin Vocab
SAT Subject Test: French
Italian Survival
Norwegian Survival
More...
Engineering
Audio Engineering
Computer Science Engineering
Aerospace Engineering
Chemical Engineering
Structural Engineering
More...
Health Sciences
Basic Nursing Skills
Health Science Language Fundamentals
Veterinary Technology Medical Language
Cardiology
Clinical Surgery
More...
English
Grammar Fundamentals
Literary And Rhetorical Vocab
Elements Of Style Vocab
Introduction To English Major
Complete Advanced Sentences
Literature
Homonyms
More...
Math
Algebra Formulas
Basic Arithmetic: Measurements
Metric Conversions
Geometric Properties
Important Math Facts
Number Sense Vocab
Business Math
More...
Other Major Subjects
Science
Economics
History
Law
Performing-arts
Cooking
Logic & Reasoning
Trivia
Browse all subjects
Browse all tests
Most popular tests