SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Parasitic malware - boot record infector - macro - COM/Script program infector - EXE program infector
Some firewall challenges
Browsing attack
Types of viruses
Remote maintenance
2. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
CIDR
Some network design objectives
Proxy or application gateway
Smurf attack
3. Common backdoor to open a port - port scan scans for open ports on remote host - scans 0 - 65 -535 twice. TCP and UDP
Some honeypot advantages
What categories do vulnerabilities fall into?
The three goals of security
Port scan
4. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
Some ways to bypass firewall protections
Brute force
What range is a class C network?
Firewall
5. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
NAC
The five threat vectors
NIDS challenges
Multi protocol label switching
6. Isolates systems when they initially connect to the network - allows systems to be scanned and checked prior to being put on a trusted segment
NAC
The data link layer
War Dialing
Anomaly analysis work
7. One is for talking - one is for implementing
Some NIDS topology limitations
Social engineering
The conficker worm
The difference in stacks
8. Strips OS commands and characters from input - avoid making system calls from within the app * especially based on user input
LAN
OS Command Injection defenses
Browsing attack
Shallow packet inspection
9. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
10. Syn - Syn/Ack - Ack
A blind FTP
To establish a TCP session
The OSI Protocol Stack
IDS signature analysis work
11. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
Datagram length of a UDP packet
Stateless packet filter
Smurf attack
OS Command Injection defenses
12. Full open - half open (stealth scan) - UDP - Ping
Remote maintenance
Overview of TCP
Internet
Nmap scanning techniques
13. Means multiple iterations won't matter. If you encrypt with a key - then re-encrypt - it's the same as using one key.
Group
Remote maintenance
Port scan
Hubs
14. Metropolitan area network - spans across city or town - larger than a LAN - uses fiber for backbone
MAN
The physical layer stack
The four types of events reported by IDS
EXE program infector
15. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Trojan horse
Anomaly analysis work
Some external threat concerns
Some common UDP ports
16. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Network stumbler
Program infector
IDS signature analysis work
Arbitrary substitution
17. The Practice of sending an ACK inside another packet going to the same destination
The physical layer stack
The threat vector analysis in defense in depth
Ack Piggybacking
Hping
18. A TCP version of ping - sends custom TCP packets to a host and listens for replies - enables port scanning and spoofing simultaneously
A netmask
Risk
Hping
The four basic approaches to defense in depth
19. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
The four types of events reported by IDS
What's an easy way to test encryption?
PAN
NIDS challenges
20. Most commonly used transport protocol today - ensures reliable packet delivery - has error handling built in
Overview of TCP
Network stumbler
IDS not
No State Inspection ACK flag set
21. Attacks systems through known vulnerabilities - automatically scans for more systems to attack - lowers system defenses - installs rootkit or root shell - opens up back doors - self contained malware that can copy itself
Hping
What categories do vulnerabilities fall into?
Worms
When setting up a virtual circuit
22. Intellectual property - business goals - validated data - historical
Some types of malicious code
What threats should be protected against - based on threat levels
Some reasons to use UDP over TCP
A netmask
23. Slow - requires stateful data tracking - inspects all fields - including variable-length fields
Boot record infector
The three goals of security
Types of viruses
Deep packet inspection
24. A sends a SYN packet to B - B acknowledges with a SYN/ACK - A replies with ACK
3-way handshake
Brute force
Log monitoring work?
Honeypot
25. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
Browsing attack
Some firewall challenges
Address Resolution Protocol (ARP)
TFTP
26. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
Honeyd
Alteration of code
UDP packet headers
Some Pen Test techniques
27. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Some common UDP ports
Some honeypot advantages
To establish a TCP session
SYN flood
28. Uniform protection - protected enclaves - information centric - threat vector analysis
Checksum in UDP
The five threat vectors
The four basic approaches to defense in depth
Wardriving
29. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
What range is a class B network?
The goals of cryptography
What primary threats should be protected against
The presentation layer
30. flags anomalous conditions in traffic on the network - requires understanding on what is normal - bases good traffic as a baseline
Group
The four types of events reported by IDS
Address Resolution Protocol (ARP)
Anomaly analysis work
31. fast - with little fidelity - examines header information and limited payload data
Program infector
The four basic approaches to defense in depth
The OSI Protocol Stack
Shallow packet inspection
32. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The TCP/IP model
Some NIDS topology limitations
The four basic approaches to defense in depth
Some Pen Test techniques
33. Provides insight into the tactics - motives - and attacker tools
Some honeypot advantages
Kismet
What range is a class B network?
Some firewall benefits
34. risk = threat x vulnerability - impossible to eliminate - security is an exercise in loss reduction
Risk
Address resolution protocol
Some firewall challenges
Stateless packet filter
35. keeps the same letters - but changes the position within the text - easy to break - can be combined with substitution
The four basic approaches to defense in depth
The presentation layer
Alteration of code
Permutation
36. Not frequently seen on LANs because of expense - because of its traffic predictability and high bandwidth support - it's good for video streaming - encapsulates common protocols - uses virtual path identifiers to create end to end connectivity - has
Port scan
Some FTP dangers
Asynchronous Transfer Mode
Ciphertext
37. Multiple levels of protection must be deployed - an exercie in detection - measures must be across a wide range of controls - compromises happen when people leave sites - risk - CIA triad - strategies
What ways should the crypto key be protected?
The protected enclave to defense in depth
The different cable categories
Defense in depth
38. An attacker recruits zombie systems ahead of time to simultaneously release a flood of traffic at a specific target.
IDS data normalization
IDS not
DDoS attack
Overview of TCP
39. Wide Area Network - Larger than MAN or LAN - uses public network - phone lines - and leased lines to tie LAN and MAN over a dispersed area
Honeypot
The OSI model
Smurf attack
WAN
40. Unencrypted message in its original form
Plaintext
MAN
The Uniform Protection to defense in depth
Some common TCP ports
41. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
PAN
Overview of TCP
Some other UDP based protocols
The TCP/IP model
42. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
NIDS challenges
Macro virus
Brute force
The transport layer
43. Switches networks make it difficult to monitor traffic in promiscuous mode - topology must be able to support traffic aggregation for monitoring
Some NIDS topology limitations
Defense in depth
Types of viruses
Race conditions
44. An appliance that controls access between public internet and a companies private network - or between a PC NIC and the rest of the PC.
UDP packet headers
Firewall
NIDS advantages
A netcat listener
45. Hash Authentication - asymmetric - non repudiation - digital signature - hash + asymmetry
Permutation
Integrity of Data
Group
The protected enclave to defense in depth
46. It interacts with the application layer to determine which network services will be required
Some network design objectives
WAN
the application layer
Nmap
47. Good for multimedia - can use small single packets - multicasting is required - speed is the highest priority
The TCP/IP model
Deep packet inspection
Datagram length of a UDP packet
Some reasons to use UDP over TCP
48. Malware - insider threat - natural disaster - terrorism - pandemic
Total cell size for asynchronous transfer mode (ATM)
OS Command Injection defenses
Social engineering
What primary threats should be protected against
49. Bits of code embedded in programs to quickly gain access at a later time
To establish a TCP session
Wardriving
The conficker worm
Trap door
50. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
Address resolution protocol
File integrity checking work
TFTP
Router