SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Uniform protection - protected enclaves - information centric - threat vector analysis
Ciphertext
The four basic approaches to defense in depth
Some malware capabilities
Vulnerabilities
2. Free linux WLAN analysis tool - completely passive - cannot be detected - supports advanced GPS integration and mapping features - used for wardriving - WLAN vulerability assessment
Defense in depth
Kismet
What's an easy way to test encryption?
ACK piggybacking
3. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Alteration of code
Deep packet inspection
Some reasons to use TCP over UDP
Some other UDP based protocols
4. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
Some common UDP ports
Some Pen Test techniques
Alteration of code
Defense in depth
5. destruction of data - leaking confidential information - providing backdoor access
Defense in depth
Some malware capabilities
Macro virus
Proxy or application gateway
6. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Datagram length of a UDP packet
COM/Script program infector
Bridge
Address Resolution Protocol (ARP)
7. local area network - small network confined to small location - all equipment owned by a single entity - vulnerable to inside threats and logic bombs
Some other UDP based protocols
OS Command Injection defenses
The difference in stacks
LAN
8. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
Social engineering
The five threat vectors
The Information Centric defense in depth
Some common UDP ports
9. An attempt to gain access by bombarding it with guesses until the password is found.
A netmask
Brute force
Some Pen Test techniques
The TCP/IP model
10. Very simplistic. All systems are attached to the same cable segment. Rarely used because they're unreliable - low fault tolerance - poor traffic isolation - with limited scalability
War Dialing
Bus Topology
The network layer
Some reasons to use UDP over TCP
11. A list of files is defined that should be monitored for a change - HIDS software calculates a one-way hash for each file - if a change is made to the file - the hash is changed
Internet
TFTP
File integrity checking work
What range is a class A network?
12. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
13. A time of check/time of use attack that exploits the difference in between when a security control was applied and the time the service was used.
Some common UDP ports
Race conditions
Multi protocol label switching
What's a VLAN
14. Anonymous FTP - FTP passes through clear text - Bounce attacks with the PORT command - user can cause an FTP to open a connection from the FTP's own commands and bypass a firewall
The goals of cryptography
Deep packet inspection
The protected enclave to defense in depth
Some FTP dangers
15. It handles the establishment and maintenance of connections between systems
Some network design objectives
NIDS challenges
The session layer
File integrity checking work
16. Migrate to WPA2 - use strong authentication like PEAP or TTLS - audit network installations - require mutual auth between client and infrastructure equipment
Datagram length of a UDP packet
Logic bomb
Shallow packet inspection
Best way to protect wireless networks
17. Used for connecting two physical segments of a network - segments traffic - breaks up collision domains - not generally used because of switches
MAN
The data link layer
Boot record infector
Bridge
18. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Proxy or application gateway
Some honeypot advantages
The network layer
Asynchronous Transfer Mode
19. low interaction production honeypot - network daemon that can simulate other hosts - each host can appear as a different OS
Firewall
Worms
The physical layer stack
Honeyd
20. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Checksum in UDP
Port scan
File integrity checking work
Overview of TCP
21. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
The physical layer stack
Types of viruses
Some Pen Test techniques
Alteration of code
22. Protects internal/external systems from attack - filters communications based on content - performs NAT - encrypts communications for VPN - logging to aid in intrusion detection
Some reasons to use TCP over UDP
What range is a class B network?
Some firewall benefits
DDoS attack
23. The practice of sending an ACK inside another packet going to the same destination
LAN
Types of ATM virtual circuits
What categories do vulnerabilities fall into?
ACK piggybacking
24. Provides insight into the tactics - motives - and attacker tools
Some honeypot advantages
Macro virus
What ways should the crypto key be protected?
Alteration of code
25. logic bomb - trojan horse - trap door
Some FTP dangers
Some types of malicious code
The difference in stacks
The four types of events reported by IDS
26. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
ACK piggybacking
Port scan
the application layer
What range is a class B network?
27. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
DDoS attack
Proxy or application gateway
File integrity checking work
Some malware propagation techniques
28. 53 bytes - 48 bytes for data - 5 bytes for the header
Network stumbler
Total cell size for asynchronous transfer mode (ATM)
The Information Centric defense in depth
Hping
29. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Anomaly analysis work
Some external threat concerns
ATM work
Network stumbler
30. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The TCP/IP model
Risk
Social engineering
Some types of malicious code
31. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
The Uniform Protection to defense in depth
The different cable categories
DDoS attack
NAC
32. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
Race conditions
Permutation
SQL Slammer Worm
The different cable categories
33. Message in its encrypted form
When implementing protocols - what stack should be used?
Kismet
What categories do vulnerabilities fall into?
Ciphertext
34. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
Firewall
Macro virus
LAN
Some honeypot advantages
35. Intrusion detection system - it reports attacks against monitored systems/networks
IDS
Some FTP dangers
What range is a class A network?
Kismet
36. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
What range is a class C network?
Social engineering
What's a VLAN
Router
37. 20 - FTP data - 21 - FTP - 23 - Telnet - 25 - SNMP - 53 - DNS - 79 - Finger - 80 - HTTP - 110 - POP - 443 - HTTPS
WAN
A network protocol
Some common TCP ports
Ciphertext
38. Uses flow control to handle network congestion - can send larger amounts of data per packet - has guaranteed delivery of transmitted data - better protection against spoofing - reduces need for error checking at higher OSI layers
Some reasons to use TCP over UDP
IDS data normalization
Rootkit
What's an easy way to test encryption?
39. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
40. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
Boot record infector
What ways should the crypto key be protected?
Some Pen Test techniques
Some network design objectives
41. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Stateless packet filter
Types of viruses
Integrity of Data
Browsing attack
42. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
NIDS advantages
Macro virus
NIDS challenges
Hubs
43. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
What's a VLAN
Kismet
The protected enclave to defense in depth
The CIA triad
44. OSI
SQL Slammer Worm
When talking about protocols and referencing layers - what stack is used
Bridge
The Information Centric defense in depth
45. Full open - half open (stealth scan) - UDP - Ping
Nmap scanning techniques
The session layer
Race conditions
DDoS attack
46. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Types of ATM virtual circuits
Asynchronous Transfer Mode
Multi protocol label switching
TFTP
47. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
The four basic approaches to defense in depth
The TCP/IP model
Some honeypot advantages
The transport layer
48. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Bus Topology
Datagram length of a UDP packet
Some reasons to use TCP over UDP
OS Command Injection defenses
49. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Switches
Deep packet inspection
Social engineering
Proxy or application gateway
50. open source tool for monitoring - can be used as a NIDS - has quick updates and flexibility for custom rules
Types of viruses
Some malware propagation techniques
Snort
Stateless packet filter