SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
GIAC
Start Test
Study First
Subjects
:
certifications
,
giac
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. A low end firewall that can quickly be deployed using existing hardware. They examine packets themselves with no content.
Asynchronous Transfer Mode
Some common TCP ports
Stateless packet filter
What range is a class C network?
2. Allows segmentation of a switch into different networks - regardless of where a system is plugged in - creates separate networks through software not hardware
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
3. Program disguised as something helpful - only to perform actions the user did not intend. Opening ports - installing other programs - etc.
Parasitic malware
Some firewall benefits
The OSI Protocol Stack
Trojan horse
4. The practice of sending an ACK inside another packet going to the same destination
Rotation?
Some Pen Test techniques
The data link layer
ACK piggybacking
5. Allows admins to remotely access a system for troubleshooting. - E.g VNC - GoToMyPc - PC Anywhere
Smurf attack
The Information Centric defense in depth
Rotation?
Remote maintenance
6. Most common approach - firewall - VPN - intrusion detection - AV - disk encryption - all parts of the organization receive equal protection - particularly vulnerable to malicious inside attacks
The CIA triad
The Uniform Protection to defense in depth
Some types of malicious code
The physical layer stack
7. Trivial File Transfer Protocol - method to transfer files from one device to another without needing authentication
CIDR
What's a VLAN
A netmask
TFTP
8. Confidentiality - integrity - availability
The three goals of security
IDS data normalization
When talking about protocols and referencing layers - what stack is used
File integrity checking work
9. Combines the functionality of a hub and bride into a single device - keeps track of MACs attached to each port
Bus Topology
Switches
Multi protocol label switching
Some firewall benefits
10. UDP based infection - infected through vulnerability in SQL server - caused DoS on saturated networks
SQL Slammer Worm
War Dialing
Some external threat concerns
SYN flood
11. Uses a 1 to 1 substitution of arbitrary numbers - given a one character mapping - you cannot determine the key
Arbitrary substitution
Some common UDP ports
The Uniform Protection to defense in depth
File integrity checking work
12. Bits of code embedded in programs to quickly gain access at a later time
The four types of events reported by IDS
Wardriving
Parasitic malware
Trap door
13. Spread as an office attachment with executable code programmed using macro facility - targets are data files - visual basic editor and other macro languages - payload executes when the code is launched
Macro virus
Some Pen Test techniques
Address Resolution Protocol (ARP)
Nmap scanning techniques
14. 128.0.0.0 through 191.255.255.255 - with a subnet mask of 255.255.0.0
NIDS challenges
What range is a class B network?
War Dialing
Firewall
15. An FTP that allows downloads only if the user knows the exact name of the file they're looking for
A blind FTP
When talking about protocols and referencing layers - what stack is used
Parasitic malware
Some ways to bypass firewall protections
16. Maintains complete TCP connection state and sequencing through 2 connections - address translation built-in by virtue of second connection above
Buffer overflow
Proxy or application gateway
War Dialing
Deep packet inspection
17. deployment challenges including topology and access limitations - analyzing encrypted traffic - quantity vs. quality of signatures - performance limitations with extensive analysis techniques - very costly for proper management
Alteration of code
NIDS challenges
Firewall
IDS signature analysis work
18. Malware - insider threat - natural disaster - terrorism - pandemic
War Dialing
PAN
What primary threats should be protected against
Some FTP dangers
19. Confidentiality - integrity - availability
The CIA triad
Trojan horse
File integrity checking work
When talking about protocols and referencing layers - what stack is used
20. Connection oriented - before systems can communicate over an ATM network - they must establish a virtual circuit between each other - this can span across multiple ATM switches that also handle communications for other systems - at the end of the con
Program infector
ATM work
What threats should be protected against - based on threat levels
Wardriving
21. Take the file and try to compress it. If it compresses - it means there is a pattern and it's more easily crackable
Warning
: Invalid argument supplied for foreach() in
/var/www/html/basicversity.com/show_quiz.php
on line
183
22. Resource exhaustion like DDoS or fork attack - unexpected input value the machine does not know how to process
Firewall
File Integrity checking work
Denial of service
Rotation?
23. Going around with equipment to detect wireless networks
Some malware capabilities
Honeyd
Wardriving
Browsing attack
24. Switches along the path can be requested to allocate the desired amount of bandwidth. If the circuit has the required bandwidth - the circuit is set up.
When setting up a virtual circuit
Race conditions
Types of ATM virtual circuits
Arbitrary substitution
25. Protocol for mapping an IP address to a physical machine address that is recognized on the local network - A table - usually called the ARP cache - is used to maintain a correlation between each MAC and it's corresponding IP address
NIDS advantages
Some reasons to use TCP over UDP
Address Resolution Protocol (ARP)
Smurf attack
26. 192.0.0.0 through 223.255.255.255 - subnet mask of 255.255.255.0
What range is a class C network?
Some Pen Test techniques
The CIA triad
The threat vector analysis in defense in depth
27. 53 - DNS - 67 - BootP - 68 - BootP - 69 - TFTP - 123- NTP - 137-139 NBT - 161 - SNMP - 162 - SNMP - 2049 - NFS
Plaintext
Some common UDP ports
What's a VLAN
UDP packet headers
28. Message in its encrypted form
Stateless packet filter
Ciphertext
The OSI model
Integrity of Data
29. Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table - usually called the ARP cache - is used to maintain a correlation between each MAC and its corresponding IP address
Address resolution protocol
Some honeypot advantages
What range is a class B network?
The CIA triad
30. Four layers - Network Layer - Internet Layer - Transport Layer - Application layer
The TCP/IP model
ACK piggybacking
A netcat listener
Kismet
31. 53 bytes - 48 bytes for data - 5 bytes for the header
Total cell size for asynchronous transfer mode (ATM)
LAN
The different cable categories
Types of viruses
32. Stateful firewalls maintain state of traffic flows
Remote maintenance
The TCP/IP model
Some malware propagation techniques
Stateful firewall
33. Handles the network address scheme and connectivity of multiple network segments. It handles communication.
Firewall
The different cable categories
The data link layer
The network layer
34. Infected millions through various methods - vulnerability in the MS Server Service - brute force admin password through network shares - infect removable devices with a malicious autorun script
NIDS challenges
The conficker worm
Some reasons to use TCP over UDP
File integrity checking work
35. Infects MBR - no network spreading potential
Boot record infector
UDP packet headers
IDS not
Rootkit
36. removable media - email attachments - web browsing - social networking - network vulnerabilities - IM applications - p2p
Best way to protect wireless networks
Bus Topology
Parasitic malware
Some malware propagation techniques
37. Work groups that require additional protection are segmented from the rest of the internal organization - restricting access to critical segments - system of VPNs - internal firewall - VLANs and ACLs
The protected enclave to defense in depth
Wardriving
Snort
TFTP
38. It interacts with data and prepares it to be transmitted across the network. It ensures reliable connectivity from end-to-end
Types of viruses
UDP packet headers
The Information Centric defense in depth
The transport layer
39. It makes sure the data sent from one side to the other is in a format useful to the other side
The presentation layer
What range is a class B network?
Types of ATM virtual circuits
HIDS monitor
40. rules indicate criteria in packets that represent events of interest - rules are applied to packets as they are received - alerts are created when matches are found
IDS signature analysis work
What threats should be protected against - based on threat levels
Arbitrary substitution
When setting up a virtual circuit
41. 1 and 2 - Voice/Low speed data - 3 - Voice/Data 10Mb - 4 - Voice/Data 16Mb - 5 - 5e - Voice/Data 100Mb to 1Gb - 6 - Standard for gigabit
ACK piggybacking
Nmap
Anomaly analysis work
The different cable categories
42. Provides insight into the tactics - motives - and attacker tools
Some honeypot advantages
Denial of service
Worms
War Dialing
43. War dialing - war driving - Sniffing - eavesdropping - dumpster diving - social engineering
The transport layer
Some Pen Test techniques
The protected enclave to defense in depth
Total cell size for asynchronous transfer mode (ATM)
44. size is whatever the length of the UDP portion of the packet. Could be as large as 65 -535
The difference in stacks
Some NIDS topology limitations
Honeyd
Datagram length of a UDP packet
45. Intellectual property - business goals - validated data - historical
IDS signature analysis work
What threats should be protected against - based on threat levels
The network layer
Shallow packet inspection
46. Publish separate mail - web - and DNS servers to the internet - provide appropriate access from internal network to internet - protect internal from external attack - provide defense in depth - protect all aspects of the system
File integrity checking work
Shallow packet inspection
Some network design objectives
What categories do vulnerabilities fall into?
47. Outside attack from network - Outsider attack from telephone - Insider attack from local network - insider attack from local system - attack from malicious code
The five threat vectors
3-way handshake
To close a TCP session
The Information Centric defense in depth
48. NTP - BootP/DHCP - NFS file systems - SNMP - TFTP
LAN
When setting up a virtual circuit
PAN
Some other UDP based protocols
49. Netmasks or subnets provide a method for identifying what portion of an address is the network - and what portion is the host
MAN
A netmask
LAN
Some reasons to use UDP over TCP
50. When someone has compromised the integrity of data or a program. Allows attackers to create backdoors.
A network protocol
Some NIDS topology limitations
Alteration of code
Plaintext