SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A blind FTP
Address Resolution Protocol (ARP)
Macro virus
The session layer
2. An attempt to gain access by bombarding it with guesses until the password is found.
Brute force
Trojan horse
Some reasons to use UDP over TCP
The threat vector analysis in defense in depth
3. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Some ways to bypass firewall protections
When implementing protocols - what stack should be used?
Switches
Multi protocol label switching
4. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
NAC
When talking about protocols and referencing layers - what stack is used
Anomaly analysis work
Overview of TCP
5. logic bomb - trojan horse - trap door
Some types of malicious code
Some malware capabilities
What range is a class C network?
Race conditions
6. One is for talking - one is for implementing
The difference in stacks
Some network design objectives
NIDS advantages
IDS data normalization
7. Simplest form of a research honeypot - useful in identifying nature of TCP scans - allows attacker to complete 3-way handshake - listens on a defined port - logs incoming requests for analysis
NIDS challenges
Integrity of Data
Datagram length of a UDP packet
A netcat listener
8. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
DDoS attack
Some ways to bypass firewall protections
The transport layer
IDS signature analysis work
9. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
The difference in stacks
Remote maintenance
The session layer
Some network design objectives
10. Not a replacement for firewalls - hardening - strong policies - or other DiD methods - low maintenance - inexpensive
IDS not
Smurf attack
Stateful firewall
Kismet
11. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Types of ATM virtual circuits
The three goals of security
Some NIDS topology limitations
COM/Script program infector
12. 8 bytes per packet - UDP SRC port - UDP DST Ports - UDP length - UDP Checksum
What range is a class B network?
UDP packet headers
Deep packet inspection
Some FTP dangers
13. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
The conficker worm
Multi protocol label switching
The five threat vectors
14. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
ATM work
When setting up a virtual circuit
Some other UDP based protocols
The OSI Protocol Stack
15. Connects many WANs - MANs - and LANs - provided via ISP
Internet
DDoS attack
Deep packet inspection
HIDS monitor
16. A system resource that has no legitimate purpose or reason for someone to connect to it - its purpose is to draw in attackers to understand how they break into a system
Honeypot
Browsing attack
The presentation layer
A network protocol
17. Unencrypted message in its original form
IDS not
Port scan
Plaintext
Some disadvantages of honeypots
18. Uniform protection - protected enclaves - information centric - threat vector analysis
DDoS attack
To establish a TCP session
The four basic approaches to defense in depth
Vulnerabilities
19. Protected at rest - protected in transit - secure the key
What ways should the crypto key be protected?
When implementing protocols - what stack should be used?
Risk
Multi protocol label switching
20. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
TFTP
Overview of TCP
Switches
21. Improper deployment can increase attack risk - if production systems aren't sufficiently protected - they can be vulnerable from a honeypot - legal liability
Wardriving
File Integrity checking work
The three goals of security
Some disadvantages of honeypots
22. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Honeypot
IDS
Group
The transport layer
23. Bits of code embedded in programs to quickly gain access at a later time
Trap door
WAN
Wardriving
Asynchronous Transfer Mode
24. FIN 130 - ACK 131 - FIN 570 - ACK 571
Proxy or application gateway
The difference in stacks
To close a TCP session
Deep packet inspection
25. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Types of viruses
Proxy or application gateway
NIDS challenges
The five threat vectors
26. CIDR is a shorthand way of specifying which portion of the address is the network - and which portion is the host
CIDR
War Dialing
WAN
Honeypot
27. 1.0.0.0 through 127.255.255.255 - subnet mask starts at 255.0.0.0
ATM work
What range is a class A network?
The threat vector analysis in defense in depth
EXE program infector
28. Message in its encrypted form
Ciphertext
Honeypot
The OSI model
NAC
29. Personal area network - phone tethering - bluetooth - etc
Boot record infector
PAN
Some firewall benefits
Best way to protect wireless networks
30. Poor programming without error checking can allow commands to be run in an input field. This can point to a command further in the buffer that will execute the attacker's payload.
Buffer overflow
Some NIDS topology limitations
Macro virus
Address resolution protocol
31. fast - with little fidelity - examines header information and limited payload data
Port scan
EXE program infector
What threats should be protected against - based on threat levels
Shallow packet inspection
32. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Worms
Rootkit
Switches
NIDS advantages
33. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
The conficker worm
Some other UDP based protocols
Asynchronous Transfer Mode
No State Inspection ACK flag set
34. Malware - insider threat - natural disaster - terrorism - pandemic
Worms
What primary threats should be protected against
Some honeypot advantages
Boot record infector
35. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Internet
Some common UDP ports
What primary threats should be protected against
IDS
36. packet filter firewalls rely on TCP flags to determine connection state. Attacker can send ACK packets only to bypass firewall.
EXE program infector
What range is a class A network?
No State Inspection ACK flag set
A netcat listener
37. It handles the establishment and maintenance of connections between systems
NAC
The session layer
SYN flood
CIDR
38. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Port scan
Wardriving
Macro virus
Kismet
39. 1. physical 2. data 3. network 4. transport 5. session 6. presentation 7. application
Ciphertext
The OSI Protocol Stack
What's a VLAN
Types of ATM virtual circuits
40. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
What primary threats should be protected against
Stateless packet filter
To establish a TCP session
Buffer overflow
41. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
A netmask
Firewall
The OSI model
Some external threat concerns
42. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
The different cable categories
LAN
IDS
A network protocol
43. TCP/IP - the IP protoco - The core routing protocol of the internet - - deals with transmission of packets between end points - defines the addressing scheme for the internet
Multi protocol label switching
Some reasons to use TCP over UDP
Defense in depth
When implementing protocols - what stack should be used?
44. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Some malware capabilities
The data link layer
Defense in depth
Some ways to bypass firewall protections
45. Prepends to the beginning of the file and gains control when the first instruction of the infected COM file is executed - appending to the end - virus writes its payload to the end and inserts jump instruction as the first instruction - which execute
LAN
Some reasons to use UDP over TCP
Smurf attack
COM/Script program infector
46. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Integrity of Data
Remote maintenance
What's a VLAN
Firewall
47. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
48. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Address Resolution Protocol (ARP)
Wardriving
What range is a class C network?
The data link layer
49. free windows based wireless scanner for 802.1b - detects access point settings - supports GSP integration - identifies networks as encrypted or unencrypted
Network stumbler
Some external threat concerns
What primary threats should be protected against
Bus Topology
50. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Honeyd
OS Command Injection defenses
Total cell size for asynchronous transfer mode (ATM)
Arbitrary substitution